Minimizing the threat of evolving steganography methods requires an in-depth understanding of how network protocols function and how they can be exploited to hide data. Considering, however, the complexity of currently used network protocols, there is not much hope that a universal and effective steganalysis method can be developed. Many steganographic ideas which are outlined on this site are simple and we are certain that real-life applications are sure to come, if they aren't already out there...
This is not an optimistic conclusion. It is our conviction that there may be no satisfying solution to this problem within the current paradigm of network construction and evolution. Our intuition is built on, among others, the long lasting and rather disappointing efforts of researchers and engineers to provide/control QoS in the Internet. Probably the only realistic solution is to rethink the basic paradigms underlying current networks’ physical and functional architectures and to introduce novel ones with the account of all potential hazards to public security, including steganography.
Some our work on network steganography detection:
- W.Mazurczyk, K. Szczypiorski, B. Jankowski, - Towards Steganography Detection Through Network Traffic Visualisation - In: Computing Research Repository (CoRR), abs/1208.2861, arXiv.org E-print Archive, Cornell University, Ithaca, NY (USA), published on 14 August 2012 [.pdf]
- A. Janicki, W. Mazurczyk, K. Szczypiorski - Steganalysis of Transcoding Steganography - In: Computing Research Repository (CoRR), abs/1210.5888, arXiv.org E-print Archive, Cornell University, Ithaca, NY (USA), published on 22 October 2012 [.pdf]
- Wojciech Mazurczyk, Krzysztof Cabaj, Krzysztof Szczypiorski - In: Computing Research Repository (CoRR), abs/1002.4303, arXiv.org E-print Archive, Cornell University, Ithaca, NY (USA), published on 23 February 2010 [.pdf]
Visit stegano.net later for more details on that matter!