We consider the problem of detecting the presence of hidden data in colour bitmap images. Like straightforward LSB Replacement, LSB Matching (which randomly increments or decrements cover pixels to embed the hidden data in the least significant bits) is attractive because it is extremely simple to implement. It has proved much harder to detect than LSB Replacement because it does not introduce the same asymmetries into the stego image. We expand our recently-developed techniques for the detection of LSB Matching in grayscale images into the full-colour case. Not everything goes through smoothly but the end result is much improved detection, especially for cover images which have been stored as JPEG files, even if subsequently resampled. Evaluation of steganalysis statistics is performed using a distributed steganalysis project. Because evaluation of reliability of detectors for LSB Matching is limited, we begin with a review of the previously-known detectors.

Digital steganography is the art of hiding information in multimedia content, such that it remains perceptually and statistically unchanged. The detection of such covert communication is referred to as steganalysis. To date, steganalysis research has focused primarily on either, the extraction of features from a document that are sensitive to the embedding, or the inference of some statistical difference between marked and unmarked objects. In this work, we evaluate the statistical limits of such techniques by developing asymptotically optimal tests (Maximum Likelihood) for a number of side informed embedding schemes. The required probability density functions (pdf) are derived for Dither Modulation (DM) and Distortion-Compensated Dither Modulation (DC-DM/SCS) from an steganalyst's point of view. For both embedding techniques, the pdfs are derived in the presence and absence of a secret dither key. The resulting tests are then compared to a robust blind steganalytic test based on feature extraction. The performance of the tests is evaluated using an integral measure and receiver operating characteristic (ROC) curves.

We introduce a new method to increase the reliability of current steganalytic techniques by optimising the sample order. Space filling curves (e.g., Hilbert curve) take advantage of the correlation of adjacent pixels and thus make the detection of steganographic messages with low change densities more reliable. The findings are applicable, but not limited to LSB steganalysis. An experimental comparison of five different sampling paths reveals that recursive principles achieve by far the best performance. All measures, such as mean distance, median autocorrelation, and the ability to detect even tiny modifications show substantial improvements compared to conventional methods. We elaborate the relationship between those parameters and quantify the effectiveness with a large test database of small images, which are usually hard to detect. Apart from quantitative advances, visualisation of steganalytic measures can also gain from the application of reverse space filling curves.

In this paper we study steganalysis, the detection of hidden data. Specifically we focus on detecting data hidden in grayscale images with spread spectrum hiding. To accomplish this we use a statistical model of images and estimate the detectability of a few basic spread spectrum methods. To verify the results of these findings, we create a tool to discriminate between natural "cover" images and "stego" images (containing hidden data) taken from a diverse database. Existing steganalysis schemes that exploit the spatial memory found in natural images are particularly effective. Motivated by this, we include inter-pixel dependencies in our model of image pixel probabilities and use an appropriate statistical measure for the security of a steganography system subject to optimal hypothesis testing. Using this analysis as a guide, we design a tool for detecting hiding on various spread spectrum methods. Depending on the method and power of the hidden message, we correctly detect the presences of hidden data in about 95% of images.

Due to the ease with which digital data can be manipulated and due to the ongoing advancements that have brought us closer to pervasive computing, the secure delivery of video and images has become a challenging problem. Despite the advantages and opportunities that digital video provide, yet, the illegal copying and distribution as well as plagiarism of digital audio, images, and video is still ongoing. In this paper we describe a technique for securing digital images based on combining image compression and encryption. The underlying idea in this is to combine encryption with rate scalable image compression such as EZW or SPIHT. EZW or SPIHT compresses image in such a way that the present coding state of a wavelet coefficient is dependent on the current coding of the coefficient’s parent and on prior coding states of the coefficient and its parent. A consequence of this within a bit stream of length N is that if we obscure the first M leading bits of the bit stream and leave the remaining N-M bits unchanged then the trailing N-M bits reveal “very little information” about the original image. Thus, by exploiting this inter-data dependency we can selectively encrypt part of the data stream and hence, reduce the computational burden and bandwidth requirement for transmitting images securely.

Compact representation of perceptually relevant parts of multimedia data, referred to as robust hashing or fingerprinting, is often used for efficient retrieval from databases and authentication. In previous work, we introduced a framework for robust hashing which improves the performance of any particular feature extraction method. The hash generation was achieved from a feature vector in three distinct stages, namely: quantization, bit assignment and application of the decoding stage of an error correcting code. Results were obtained for unidimensional quantization and bit assignment, on one code only. In this work, we provide a generalisation of those techniques to higher dimensions. Our framework is analysed under different conditions at each stage. For the quantization, we consider both the case where the codevectors are uniformly and nonuniformly distributed. For multidimensional quantizers, bit assignment to the resulting indexes is a non-trivial task and a number of techniques are evaluated. We show that judicious assignment of binary indices to the codevectors of the quantizer improves the performance of the hashing method. Finally, the robustness provided by a number of different channel codes is evaluated.

A fingerprinting is related to cryptographic hash functions. In contrast to cryptographic hash functions this robust digest is sensitive only to perceptual change. Minor changes, which are not affecting the perception, do not result in a different fingerprint. This technique is used in content-based retrieval, content monitoring, and content filtering. In this paper we present a cumulant-based image fingerprinting method. Cumulants are typically used in signal processing and image processing, e.g. for blind source separation or Independent Component Analysis (ICA). From an image with reduced dimensions we calculate cumulants as an initial feature vector. This feature vector is transformed into an image fingerprint. The theoretical advantages of cumulants are verified in experiments evaluating robustness (e.g. against operations like lossy compression, scaling and cropping) and discriminability. The results show an improved performance our method in comparison to existing methods.

The distribution and playback of digital images and other multimedia products are easily and fast done. Thus, its processing in order to achieve satisfactory copyright protection is a challenging problem for the research community. Encrypting the data only offers protection as long as the data remains encrypted, since once an authorized but fraudulent user decrypts it, nothing stops him from redistributing the data without having to worry about being caught. A watermarking scheme, which embeds some owner information (mark) into host images, is regarded as a possible solution to this problem. Nevertheless, digital watermarking is not strong enough to offer protection against illegal distributors. In this environment, digital fingerprinting techniques provide a good solution to dissuade illegal copying. To make such distribution systems work securely, the embedded marks in those system must be resistant to powerful attacks such as common image processing operations, lossy image compression, geometric transforms, combination addition of random noise (errors) and/or collusion attacks. The work presented in this paper consists on the development of an empirical and portable JAVA platform where digital video (in MPEG2 format) can be protected against redistribution by dishonest users. The platform allows to verify at a practical level the strength properties of digital watermarking and fingerprinting marks. More precisely, it can be used to compare the performance of different watermarking algorithms (spread-spectrum and QIM). Moreover, it also offers the capability of embedding different digital fingerprinting codes, and verify its behaviour.

Content adaptation has been introduced to tailor the same media content to different derived user contexts to allow end users with different access networks, client devices and/or user profiles to access the same information source. However, content adaptation also introduces security implications in a content distribution food chain. In this paper, we conduct an in-depth investigation into the potential security issues involved in content adaptation in multimedia communication systems. We analyze the security requirements in the context of content adaptation. In particular, we address the issue of where to place the security functions and its implications on the security and content adaptation functionality. The general security architectures for the protection of adapted content are categorized and analyzed. Various rationales and implications of some of the most recent multimedia security technologies are investigated under these architectures. We also discuss some open issues and suggest some future directions. The paper provides the readers with an in-depth analysis, a comprehensive overview, and a better understanding of the security issues in a multimedia communication system where content adaptation is a necessity.

This paper proposes a group-based fingerprinting scheme employing a joint coding and embedding strategy to trace multimedia distribution and proactively prevent the leak of multimedia information. Taking advantage of the prior knowledge on the collusion pattern, we construct compact fingerprints that consist of user sub-codeword and group sub-codeword and are embedded in host signal via spread spectrum technique. The detection is done in two levels, which identifies guilty groups through correlation and then narrows down to specific colluders through minimum distance decoding. Experimental results show that the proposed method provides higher collusion resistance than the existing non-grouped fingerprint codes.

Watermark de-synchronization is perhaps the most dangerous attack against the great majority of watermarking systems proposed so far. Exhaustive search and template matching are two of the most popular solution against it, however several doubts exist about their effectiveness. As a matter of fact, a controversial point in digital watermarking is whether these techniques are of any help to cope with watermark de-synchronization introduced by geometric attacks. On one side, watermark synchronization through exhaustive search dramatically increases the false detection probability. On the other side, for the template matching approach the probability of a synchronization error must be taken into account, thus deteriorating significantly the performance of the system. It is the scope of this paper to shed some light on the above points. To do so we focus on a very simple case study, whereby we show that as long as the size of the search space (the cardinality of the geometric attack) increases polynomially with the length of the to-be-marked host feature sequence, both methods provide an effective solution to the de-synchronization problem. Interestingly, and rather surprisingly, we also show that Exhaustive Search Detection (ESD) always outperforms Template Matching Detection (TMD), though the general behavior of the two schemes is rather similar.

The additive attack public mutual information game is explicitly solved for one of the simplest quantization based watermarking schemes, the scalar Costa scheme (SCS). It is a zero-sum game played between the embedder and the attacker, and the payoff function is the mutual information. The solution of the game, a subgame perfect nash equilibrium, is found by backward induction. Therefore, the Blahut-Arimoto algorithm is employed for numerically optimizing the mutual information over noise distributions. Although the worst case distribution is in general strongly non-Gaussian, the capacity degradation compared to a suboptimal Gaussian noise attack is quite small. The loss, if the embedder optimizes SCS for a Gaussian attack but the worst case attack is employed, is negligible.

Imperfectly synchronized watermark communication is almost the most hostile watermark channel. A desynchronization attack can yield a very high probability of bit error rate by simply moving the watermark from elements it has been embedded in, inhibiting hence its reliable retrieval from the original. In this paper, we adress attacks that can be modelled by an Additive White Gaussian Noise and Jitter (AWGN&J) channel in a game theory context. The AWGN&J channel was initially introduced to model local time fluctuations in the context of magnetic recording media. This channel is first briefly presented and characterized in terms of induced objective and perceptual distorsions. Also, performance loss of the one-bit watermarking Spread-Spectrum based scheme over an AWGN&J channel is derived. Then, results are applied in a game theoretic context to answer some questions such as: (i) for a given distortion budget, and from the attacker point of view, what part should be allocated to the desynchronization, and what part should be allocated to the additive noise?, (ii) from the defender point of view, what is the worst distortion? and (iii) is there means to countermeasure the attacker (limit the amount of objective distorsion)?

The main goal of this study consists in the development of the additive worst case attack (WCA) for quantization-based methods from two points of view: the bit error rate probability and from the rerspective of the information theoretic performance. Our analysis will be focused on the practical scheme known as distortion compensation dither modulation (DC-DM). From the mathematical point of view, the problem of the WCA design with probability of error as the cost function can be formulated as the maximization of the average probability of error subject to introduced distortion for a given decoding rule. When mutual information is selected as cost function, the problem of the WCA design establishes the global maximum of the optimization problem independently of the decodification process. Our results contribute to the common understanding and the development of fair benchmarks. The results show that the developed noise attack leads to a stronger performance decrease for the considered class of embedding techniques than the AWGN or the uniform noise attacks within the class of additive noise attacks.

The watermarking methods resistant to geometric attacks can be divided into three categories: the first category is to embed the watermark into the geometric invariant domain, the second category proposed to use template or insert periodic watermark pattern for the re-synchronization purpose, and the third category is called “feature-based watermarking scheme” in which the feature points detected in the original image are used to form local regions for both embedding and detection. However, the major weakness is their limited resistance to both extensive geometric distortions and watermark-estimation attack (WEA). In view of this, we propose a mesh-based content-dependent image watermarking method that can withstand geometric distortions and WEA. Because the first category is restricted to be affine invariant and the periodic patterns are easily removed in the second category, we have investigated to find that the third category seems to be the best choice. Our method is mainly composed of three components: (i) robust mesh generation and mesh-based embedding for resisting geometric distortions; (ii) improvement of fidelity using modified Noise Visibility Function (NVF); and (iii) construction of hash-based content-dependent watermark (CDW) for resisting WEA. Experimental results obtained from standard benchmark confirm the robustness of our method.

In the last years digital watermarking has been widely indicated as a possible efficient tool to deal with multimedia copyright protection. Particularly, in the field of image watermarking, a large number of techniques has been developed aiming at hiding information within the data. After an initial phase in which the main problem was to succeed in inserting a private code which was unperceivable, successively watermarking community tried to design watermarks which presented a high level of robustness that meant the ability to be revealed also when the image had undergone different manipulations (e.g. compression, D/A-A/D conversion, filtering). Although good results have been obtained in this field, resilience against geometric manipulations, (e.g. rotation, scaling, changes of aspect ratio) is still a research issue; furthermore robustness against Stirmark random-displacements attack in which small local geometric modifications are carried out, is still a crucial point for the majority of the so-called robust algorithms. In this paper a new approach, based on the estimation through an optic flow technique of the displacement field, correspondent to a specific geometric transformation, is proposed. This methodology can be adopted as a re-synchronization tool, to enhance robustness of digital image watermarking techniques.

Although semi-blind and blind watermarking schemes based on Discrete Cosine Transform (DCT) or Discrete Wavelet Transform (DWT) are robust to a number of attacks, they fail in the presence of geometric attacks such as rotation, scaling, and translation. The Discrete Fourier Transform (DFT) of a real image is conjugate symmetric, resulting in a symmetric DFT spectrum. Because of this property, the popularity of DFT-based watermarking has increased in the last few years. In a recent paper, we generalized a circular watermarking idea to embed multiple watermarks in lower and higher frequencies. Nevertheless, a circular watermark is visible in the DFT domain, providing a potential hacker with valuable information about the location of the watermark. In this paper, our focus is on embedding multiple watermarks that are not visible in the DFT domain. Using several frequency bands increases the overall robustness of the proposed watermarking scheme. Specifically, our experiments show that the watermark embedded in lower frequencies is robust to one set of attacks, and the watermark embedded in higher frequencies is robust to a different set of attacks.

Most of quantization based data hiding schemes are based on uniform scalar quantizer, which is optimal only if the host signal is uniformly distributed. In our recent work, we proposed two pdf-matched quantizer based data hiding schemes, both of which have better embedding efficiency than conventional uniform quantizer based schemes. But these schemes require a lot of location information for qualified pixels, which increases the side information needed by the decoder. Moreover, these schemes are inconvenient when high embedding rates are desired. In this paper, we propose a trellis coded quantizer (TCQ) based data hiding scheme, which is proved to be more embedding efficient than traditional quantizer based schemes. Experimental results show that the proposed scheme can be up to 1.2 dB closer to the capacity upper bound than the QIM scheme over the whole watermark noise rate (WNR) range. Comparing with our previous work, the proposed TCQ based scheme has less side information and can easily realize a high embedding rate.

Hiding data in binary images can facilitate the authentication and annotation of important document images in digital domain. A representative approach is to first identify pixels whose binary color can be flipped without introducing noticeable artifacts, and then embed one bit in each non-overlapping block by adjusting the flippable pixel values to obtain the desired block parity. The distribution of these flippable pixels is highly uneven across the image, which is handled by random shuffling in the literature. In this paper, we revisit the problem of data embedding for binary images and investigate the incorporation of a most recent steganography framework known as the wet paper coding to improve the embedding capacity. The wet paper codes naturally handle the uneven embedding capacity through randomized projections. In contrast to the previous approach, where only a small portion of the flippable pixels are actually utilized in the embedding, the wet paper codes allow for a high utilization of pixels that have high flippability score for embedding, thus giving a significantly improved embedding capacity than the previous approach. The performance of the proposed technique is demonstrated on several representative images. We also analyze the perceptual impact and capacity-robustness relation of the new approach.

A novel quantization-based data-hiding method, named Rational Dither Modulation (RDM), is presented. This method retains most of the easiness of the Dither Modulation (DM) scheme, which is known to be vulnerable to fixed-gain attacks. However, RDM modifies DM in such a way that it becomes invariant to those attacks. The basic principle behind RDM is the use of an adaptive quantization step-size at both embedder and decoder, which depends on previously watermarked samples. When the host signal is stationary, this causes the watermarked signal being under some mild conditions asymptotically stationary. Mathematical tools, new to data-hiding, are used to determine this stationary probability density function, which is later employed to analytically establish the performance of RDM in Gaussian channels. We also show that by properly increasing the memory of the system, it is possible to asymptotically approach the performance of conventional DM, while still keeping invariance to fixed gain attacks. Moreover, RDM is compared to improved spread-spectrum (ISS) methods, showing that for the former much higher rates can be achieved for the same bit error probability. Our theoretical results are validated with experimental results, which also serve to show a moderate resilience of RDM in front of slow-varying gain attacks. Perhaps the main advantage of RDM in comparison with other schemes designed to cope with fixed-gain attacks is its simplicity.

We investigate in this paper several possible methods to improve the performance of the bit-shifting operation based reversible image watermarking algorithm in the integer DCT domain. In view of the large distortion caused by the modification of high-amplitude coefficients in the integer DCT domain, several coefficient selection methods are proposed to provide the coefficient modification process with some adaptability to match the coefficient amplitudes’ status of different 8-by-8 DCT coefficient blocks. The proposed adaptive modification methods include global coefficient-group distortion sorting, zero-tree DCT prediction, and a low frequency based coefficient prediction method for block classification. All these methods are supposed to optimize the bit-shifting based coefficient modification process so as to improve the watermarking performance in terms of capacity/distortion ratio. Comparisons are presented for these methods in aspects of performance in terms of capacity/distortion ratio, performance stability, performance scalability, algorithm complexity and security. Compared to our old integer DCT based scheme and other recently proposed reversible image watermarking algorithms, some of the proposed methods exhibit much improved performances, among which the low frequency based coefficient prediction methods bear highest efficiency to predict the coefficient amplitudes’ status, leading to distinct improved watermarking performance in most aspects. Detailed experimental results and performance analysis are also given for all the proposed algorithms and several other reversible watermarking algorithms.

Three-dimensional image quality assessment causes new challenges for a wide set of applications and particularly for emerging 3-D watermarking schemes. First, new metrics have to be drawn for the distortion measurement from an original 3-D surface to its deformed version: this metric is necessary to address distortions that are acceptable and to which a 3-D watermarking algorithm should resist. In this paper, we focus on distortion energy evaluation extending works on distortion minimization for planar and spherical parameterization. Secondly, a key perceptual assessment of 3-D geometrical transforms is their impact on the various 2-D views that can be extracted from the object. As a matter of fact, most of the applications (games, avatars, …) are targeting users owning 2-D screens. In this paper we restrict our study to 3-D shape distortion analysis, assuming standard lighting conditions and we do not address the textures distortion issues. We analyze how to automatically select relevant pairs of 2D projections which needs an initial registration between both shapes to compare. We use a mutual information criterion to assess the distortion for each projection pair and eventually derive a global score by weighting the contributions of each view.

While Digital Watermarking has received much attention in recent years, it is still a relatively young technology. There are few accepted tools/metrics that can be used to evaluate the suitability of a watermarking technique for a specific application. This lack of a universally adopted set of metrics/methods has motivated us to develop a web-based digital watermark evaluation system called the Watermark Evaluation Testbed or WET. There have been more improvements over the first version of WET. We implemented batch mode with a queue that allows for user submitted jobs. In addition to StirMark 3.1 as an attack module, we added attack modules based on StirMark 4.0. For a new image fidelity measure, we evaluate conditional entropy as an image fidelity measure for different watermarking algorithms and different attacks. Also, we show the results of curve fitting the Receiver Operating Characteristic (ROC) analysis data using the Parzen window density estimation. The curve fits the data closely while having only two parameters to estimate.

There have been a number of steganography embedding techniques proposed over the past few years. In turn the development of these techniques have led to an increased interest in steganalysis techniques. More specifically Universal steganalysis techniques have become more attractive since they work independently of the embedding technique. In this work, our goal is to compare a number of universal steganalysis techniques proposed in the literature which include techniques based on binary similarity measures, wavelet coefficients' statistics, and DCT based image features. These universal steganalysis techniques are tested against a number of well know embedding techniques, including Outguess, F5, Model based, and perturbed quantization. Our experiments are done using a large dataset of JPEG images, obtained by randomly crawling a set of publicly available websites. The image dataset is categorized with respect to the size and quality. We benchmark embedding rate versus detectability performances of several widely used embedding as well as universal steganalysis techniques. Furthermore, we provide a framework for benchmarking future techniques.

The inclusion of data hiding techniques in everything from consumer electronics to military systems is becoming more commonplace. This has resulted in a growing interest in benchmarks for embedding algorithms, which until now has focused primarily on the theoretical and product oriented aspects of algorithms (such as PSNR) rather than the factors that are often imposed by the system (e.g., size, execution speed, complexity). This paper takes an initial look at these latter issues through the application of some simple and well known software engineering metrics: McCabe Complexity and Halstead Software Measures. This paper illustrates an approach that applies these metrics to create a hypothetical, language-independent representation of an algorithm, identifying the encapsulated, measurable components that compose that algorithm. This is the first step in developing a representation that will not only allow for comparison between disparate algorithms, but describe and define algorithms in such a way as to remove language and platform dependency. Bringing these concepts to their logical conclusion highlights how such an approach would provide existing benchmarking systems a more in-depth and fair analysis of algorithms in the context of systems as a whole, and decrease variability which affects the accuracy of the theoretical and product measures used today.

Methodologies and tools for watermark evaluation and benchmarking facilitate the development of improved watermarking techniques. In this paper, we want to introduce and discuss the integration of audio watermark evaluation methods into the well-known web service Watermark Evaluation Testbed (WET). WET is enhanced by using. A special set of audio files with characterized content and a collection of single attacks as well as attack profiles will help to select special audio files and attacks with their attack parameters.

We describe the requirements, design, architecture and implementation of a framework that facilitates the setup, management and realisation of data-driven performance and acceptance tests for algorithms. The framework builds on standard components, supports distributed tests on heterogeneous platforms, is scalable and requires minimum integration efforts for algorithm providers by chaining command line driven applications. We use XML as test specification language, so tests can be set up in a declarative way without any programming effort and the test specification can easily be validated against an XML schema. We consider a test scenario where each test consists of one to many test processes and each process works on a representative set of input data that are accessible as data files. The test process is built up of operations that are executed successively in a predefined sequence. Each operation may be one of the algorithms under test or a supporting functionality (e.g. a file format conversion utility). The test definition and the test results are made persistent in a relational database. We decided to use a J2EE compliant application server as persistence engine, thus the natural choice is to implement the test client as Java application. Java is available for the most important operating systems, provides control of OS-processes, including the input and output channels and has extensive support for XML processing.

Structured codes are known to be necessary in practical implementations of capacity-approaching "dirty paper schemes." In this paper we study the performance of a recently proposed dirty paper technique, by Erez and ten Brink which, to the authors' knowledge, is firstly applied to data-hiding, and compare it with other existing approaches. Specifically, we compare it with conventional side-informed schemes previously used in data-hiding based on repetition and turbo coding. We show that a significant improvement can be achieved using Erez and ten Brink's proposal. We also study the considerations we have to take into account when these codes are used in data-hiding, mainly related with perceptual questions.

Probability-of-error exponents have recently been derived for watermarking systems based on spread-spectrum and quantization-index modulation methods. This paper takes this work one step further and presents minmax error exponents for any embedding scheme and any attack (subject to distortion constraints) at all rates below capacity. The decoders used are universal: they do not know the attck used. Randomized codes outperform deterministic codes, except in the case of memoryless attacks where the same performance is obtained using either kind of code.

An encryption scheme called the Randomized Dictionary Table (RDT), which embeds encryption into the LZ78 data compression method, is proposed and analyzed in this research. The basic idea is to construct multiple dictionaries with a different entry order and then randomly select one dictionary in each compression step according to a pseudo-random sequence. Our scheme incurs light computation overhead to encrypt the compressed data and does not impair the LZ compression ratio. Security analysis demonstrates that the proposed RDT scheme achieves high security strength under both the ciphertext only attack and the known/chosen plaintext attack.

In this paper, we show that the communication channel known as writing in memory with defective cells is a relevant information-theoretical model for a specific case of passive warden steganography when the sender embeds a secret message into a subset C of the cover object X without sharing the selection channel C with the recipient. The set C could be arbitrary, determined by the sender from the cover object using a deterministic, pseudo-random, or a truly random process. We call this steganography “writing on wet paper” and realize it using low-density random linear codes with the encoding step based on the LT process. The importance of writing on wet paper for covert communication is discussed within the context of adaptive steganography and perturbed quantization steganography. Heuristic arguments supported by tests using blind steganalysis indicate that the wet paper steganography provides improved steganographic security for embedding in JPEG images and is less vulnerable to attacks when compared to existing methods with shared selection channels.

The performance of quantization-based data hiding methods is commonly analyzed by assuming a flat probability density function for the host signal, i.e. uniform inside each quantization cell and with its variance large enough to assuming that all the centroids occur with equal probability. This paper comes to fill a gap in watermarking theory, analyzing the exact performance of the Scalar Costa Scheme (SCS) facing additive Gaussian attacks when the former approximation is not valid, thus taking into account the host statistics. The accomplished analysis reveals that the true performance of such a scheme for an optimal selection of its parameters and low watermark to noise ratios (WNR) is never worse than that of classical spread-spectrum-based methods, in terms of achievable rate and probability of error, as it was thought so far. The reduction of SCS to a two-centroid problem allows the derivation of theoretical expressions which characterize its behavior for small WNR's, showing interesting connections with spread-spectrum (SS) and the Improved Spread Spectrum (ISS) method. Furthermore, we show that, in contrast to the results reported until now, the use of pseudorandom dithering in SCS-based schemes can have a negative impact in performance. Performance losses are also reported for the case in which a modulo reduction is undertaken prior to decoding. The usefulness of these results is shown in the computation of the exact performance in projected domains.

In this article we present a semi-fragile watermarking scheme for authenticating intra-coded frames in compressed digital videos. The scheme provides the detection of content-changing manipulations while being moderately robust against content-preserving manipulations. More generally, we mean by content-preserving manipulations those, which are applied in post-production processes, such as compression. Content-changing manipulations remove or insert objects into frames or sequences of frames. We focus in this work on a semi-fragile watermarking method based on invariant features referred to as points of interests. The features are extracted using the Moravec-Operator. The interest point operator of Moravec is totally un-supervised and does not require any a priori knowledge in the class of objects being protected in a given frame. Out of the interest points we generate a binary mask, which will be embedded robustly as watermark into the video. In the verification process we compare the detected watermark with the points of interest from the video, which has to be verified. We present test results evaluating the robustness against content-preserving manipulations and the fragility regarding content-changing manipulations. Beside the discussion of the results we propose a procedure to provide security of the scheme against forgery attacks.

In this paper, we propose a novel semi-blind video watermarking scheme, where we use pseudo-random robust semi-global features of video in the three dimensional wavelet transform domain. We design the watermark sequence via solving an optimization problem, such that the features of the mark-embedded video are the quantized versions of the features of the original video. The exact realizations of the algorithmic parameters are chosen pseudo-randomly via a secure pseudo-random number generator, whose seed is the secret key, that is known (resp. unknown) by the embedder and the receiver (resp. by the public). We experimentally show the robustness of our algorithm against several attacks, such as conventional signal processing modifications and adversarial estimation attacks.

In this paper, we concentrate on video watermarking for forensics applications and consider the temporal synchronization problem, which has been overlooked in the literature so far. As a result, we propose a system that provides temporal synchronization in video watermarking by using side information at the receiver. Short perceptually-robust representations (also known as robust hash values) of randomly selected frames from the watermarked video regions is derived at the encoder and transmitted to the decoder. Synchronization is then achieved by computing perceptually-representative information of all frames of the received video at the receiver and finding the "best matching region" via solving a combinatorial optimization problem efficiently using dynamic programming techniques. A suitably-chosen "robust image hash" function is used to derive the necessary representative information of the video frames; the resulting hash values possess properties of being short in length, computable in real time, and similar (resp. different) for perceptually similar (resp. different) video frames with high probability. We experimentally illustrate the effectiveness of our method against several attacks, which include frame-wise geometric attacks, as well as temporal de-synchronization attacks, such as random temporal interpolation, scene editing, cutting and swapping.

Most of the MPEG watermarking schemes are intracoded block based solutions. In a standard encoded MPEG video every 12th frame is an I-frame, consisting of intracoded blocks. The other frames will not be marked. I-frames have nearly the same structure as JPEG images and JPEG based watermarking solution are applicable for I-frames. Different attacks like frame rate changing can change the frame type of the marked I-frames. Thus the watermark can be detected from wrong I-frames and the capacity of the watermark solutions are lowly. We propose an extended approach of an existing I-frame watermark solution. We embed the watermark also into the intercoded blocks of P- and B-frames. First the transferred intracoded watermark will be compensated by the drift compensation signal in the intercoded blocks. After this the same watermark information can be embedded in the P- and B-frames as in the I-frames. The advantages of this solution are a higher capacity and a good visual quality of the watermark solution. We present the drawback points of existing intracoded solutions, our newly developed concept and provide the first test results.

Video watermarks can be used to embed copyright and copy-control information and will there for be used in DVD players and recorders as well as in digital broadcasting equipment. Errors in video watermark detection can cause serious problems, such as erroneous indication of illegal copying and erroneous copy control. These errors could not, however, be eliminated because watermarked pictures are subjected to wide varieties of image processing such as compression, resizing, filtering, or D/A or A/D conversion. Estimating errors of video watermarks is therefore an essential requirement for electric equipment that is to use copyright and copy-control information properly. This paper proposes a video watermarking method that estimates error probability from each watermarked frame at hand after image processing by using the expectation-maximization algorithm from inferential statistics. The paper also proposes a reliable detection system of video watermarks by using the proposed method. Experimental evaluations have shown that the new method can be used reliably with the margin factor and can be widely used in electric equipment as well as content-distribution systems.

In this paper, we propose a blind watermarking scheme based on automatic feature points detection. The irregular sampling of 3D shapes is a challenging issue for extending well-known signal processing tools. 3D shape watermarking schemes have to resist to common resampling operations used for example in some compression applications. We propose an automatic selection of intrinsic feature points that are robust against surface remeshing. They are detected as multi-scale robust degeneracies of the shape curvature tensor field. The impact of the sampling on the curvature estimation is studied. These points are then used as seeds in the partition of the shape into fast approximated geodesic triangles. Each of them is then remeshed with a regular connectivity and watermarked in the mesh spectral domain. The watermark perturbations computed on the remeshed triangles are the projected on the original points of the 3D object. We discuss the robustness of the feature points and of the overall scheme under various watermarking attacks.

We propose a reversible embedding watermarking algorithm for georeferenced 2D-vectordata which provides a promising solution to GIS (geographic information system) data hiding and authentication applications with a high requirement of fidelity or bit-by-bit exactness with the original point coordinates. The proposed scheme uses an 8-point integer DCT-transform to exploit the high correlation among neighboring coordinates in the same polygon. There exist two kinds of distributions of DCT-coefficients where the typical one shows energy concentration in the low frequency range while in the other case the highest frequency coefficient holds the maximum DCT-coefficient. In the first step of our scheme a distinction between these two cases has to be done. For this discrimination the DCT-coefficient of the highest frequency is compared with the coefficients of the lower frequency range. Only for the typical cases the information is embedded. This is accomplished with a bit-shift procedure where the DCT-coefficients of certain frequencies are shifted by one or two bits. The watermarking information is embedded in the resulting gaps. The frequencies are lying in the range not being used for the discrimination task of step one. Depending on a key there is an alternating sequence of shifts by one ore two bits.

Print-scan resilient data hiding finds important applications in document security, and image copyright protection. In this paper, we build upon our previous work on print-scan resilient data hiding with the goal of providing a mathematical foundation for computing information-theoretic limits, and guiding design of more complicated hiding schemes allowing higher volume of embedded data. A model for print-scan process is proposed, which has three main components: a) effects due to mild cropping, b) colored high-frequency noise, and c) non-linear effects. It can be shown that cropping introduces unknown but smoothly varying phase shift in the image spectrum. A new hiding method called Differential Quantization Index Modulation (DQIM) is proposed in which, information is hidden in the phase spectrum of images by quantizing the difference in phase of adjacent frequency locations. The unknown phase shift would get cancelled when the difference is taken. Using the proposed DQIM hiding in phase, we are able to survive the print-scan process with several hundred information bits hidden into the images.

In today's digital world securing different forms of content is very important in terms of protecting copyright and verifying authenticity. Many techniques have been developed to protect audio, video, digital documents, images, and programs (executable code). One example is watermarking of digital audio and images. We believe that a similar type of protection for printed documents is very important. The goals of our work are to securely print and trace documents on low cost consumer printers such as inkjet and electrophotographic (laser) printers. We will accomplish this through the use of intrinsic and extrinsic features obtained from modelling the printing process. In this paper we describe the use of image texture analysis to identify the printer used to print a document. In particular we will describe a set of features that can be used to provide forensic information about a document. We will demonstrate our methods using 10 EP printers.

In this paper we discuss natural language watermarking, which uses the structure of the sentence constituents in natural language text in order to insert a watermark. This approach is different from techniques, collectively referred to as "text watermarking," which embed information by modifying the appearance of text elements, such as lines, words, or characters. We provide a survey of the current state of the art in natural language watermarking and introduce terminology, techniques, and tools for text processing. We also examine the parallels and differences of the two watermarking domains and outline how techniques from the image watermarking domain may be applicable to the natural language watermarking domain.

In this paper, we deal with the design of high rate multilevel two-dimensional (2D) bar codes for the print-and-scan channel. Firstly, we derive an upper bound on the maximum achievable rate of these codes by studying an inter-symbol interference (ISI) free, perfectly synchronized, and noiseless print-and-scan channel, in which the printer device uses halftoning in order to simulate multiple gray levels. Secondly, we present a new model of the print-and-scan channel specifically adapted to the multilevel 2D bar code application. This model, inspired by our experimental work, assumes no ISI and perfect synchronization, but independence between the channel input and the noise is not required. For completeness, we briefly review three state-of-the-art coded modulation techniques for the additive white Gaussian noise channel in the high signal-to-noise ratio regime, namely, multilevel coding with multistage decoding (MLC/MSD), multilevel coding with parallel independent decoding, and bit-interleaved coded modulation. We then derive the information capacity of our print-and-scan channel model and extend the theory of MLC/MSD to this channel. Finally, we present experimental results confirming the validity of our channel model, and showing that multilevel 2D bar codes using MLC/MSD can reliably achieve the high rate storage requirements of many multimedia security and data management applications.

This paper introduces an application of steganography for hiding cancelable biometric data based on quad-phase correlation filter classification. The proposed technique can perform two tasks: (1) embed an encrypted (cancelable) template for biometric recognition into a host image or (2) embed the biometric data required for remote (or later) classification, such as embedding a transformed face image into the host image, so that it can be transmitted for remote authentication or stored for later use. The novel approach is that we will encode Fourier information of the template (or biometric) in the spatial representation of the host image. More importantly we show that we only need two bits per pixel in the frequency domain to represent the filter and biometric, making it compact and ideal for application of data hiding. To preserve the template (or biometric) from vulnerabilities to successful attacks, we encrypt the filter or biometric image by convolving it with a random kernel which produces an image in the spatial domain that resembles white noise, thus essentially both the frequency and spatial representation will have no visible exploitable structure. We also present results on reduced complexity correlation filter classification performance when using biometric images recovered from stego-images.

In this paper we analyze chances and challenges with respect to the security of using biometrics in ID documents. We identify goals for ID documents, set by national and international authorities, and discuss the degree of security, which is obtainable with the inclusion of biometric into documents like passports. Starting from classical techniques for manual authentication of ID card holders, we expand our view towards automatic methods based on biometrics. We do so by reviewing different human biometric attributes by modality, as well as by discussing possible techniques for storing and handling the particular biometric data on the document. Further, we explore possible vulnerabilities of potential biometric passport systems. Based on the findings of that discussion we will expand upon two exemplary approaches for including digital biometric data in the context of ID documents and present potential risks attack scenarios along with technical aspects such as capacity and robustness.

Face image recognition has been an active research topic for many years, and many algorithms have been proposed for the grayscale face images. However, only a few methods are devoted to color face images, even though most cameras produce color images. Color can be important for face recognition. Among the proposed color face recognition methods, most treat the three color channels separately and apply some grayscale face recognition methods to each of the channels and combine the results. In this paper we propose the quaternion correlation filter techniques for color face recognition by processing all color channels jointly. Quaternion numbers are the generalization of the complex numbers and can be considered as a number with a real part and three orthogonal imaginary parts. A color image (e.g., in RGB) may be represented using quaternion by encoding the three color components to the imaginary parts of the quaternion number. The quaternion correlation filter is extended from the standard correlation filter based on the recently developed concepts of quaternion Fourier transform (QFT), quaternion convolution (QCV), and quaternion correlation (QC). Face recognition is performed by cross-correlating (QC) an input face image with a designed filter. Numerical results show that quaternion correlation filters can improve the recognition performance over conventional face recognition methods.

While watermarking algorithms have been developed for many types of digital content, little work has been done to develop watermarking algorithms for the class of map and chart images, despite their relative value. These images are generally of high resolution, have large areas of homogeneous pixels and are color-mapped or binary. These characteristics impede the use of watermarking algorithms designed for continuous-tone photographic images. This paper presents a novel blind watermarking algorithm designed for map and chart images. The algorithm segments the image into homogeneous regions and adds multiple watermark signals to the locations of the pixels on the boundary of several regions. The presence of these signals in the watermarked image is determined using a correlation-based detector. The watermarks can be detected in the presence of synchronization errors such as those incurred by cropping the image, or shifting by several columns or rows, and in the presence of noise. The algorithm is designed to efficiently process typical map images, which can have resolutions on the order of several 100 million pixels.

The goal of this paper is to present our work on the analysis of speech and handwriting biometrics related to meta data, which are based on one side on system hardware specifics (technical meta data) and on the other side to personal attributes (non-technical meta data). System related meta data represent physical characteristics of biometric sensors and are essential for ensuring comparable quality of the biometric raw signals. Previous work in personal related meta data has shown that it is possible to estimate some meta data like script language, dialect, origin, gender and age by statistically analyzing human handwriting and voice data. On one hand, by knowing both kinds of such meta data, it appears to be possible to adapt the recognition or authentication algorithms in order to enhance their recognition accuracy and to analyze the sensor dependency of biometric algorithms with respect to hardware properties such as sampling resolution. On the other hand, interesting aspects are to evaluate, if cultural characteristics (such as native language, or ethnicity) can be derived by statistical or analytical means from voice or handwriting dynamics and to which degree grouping of users by persons with identical or similar meta data may result in better biometric recognition accuracy. All these aspects have been widely neglected by research until today. This article will discuss approaches to model such meta data and strategies for finding features by introducing a new meta data taxonomy, from which we derive those personal and system attributes related to the cultural background, which are employed in our experimental evaluation. Further, we describe the test methodology used for our experimental evaluation in different cultural regions of India and Europe and present first results for sensor hardware related meta data in handwriting biometrics as well as language related meta data in speaker recognition.

Quantization-based watermarking schemes comprise a class of watermarking schemes that achieves the channel capacity in terms of additive noise attacks. The existence of good high dimensional lattices that can be efficiently implemented and incorporated into watermarking structures, made quantization-based watermarking schemes of practical interest. Because of the structure of the lattices, watermarking schemes making use of them are vulnerable to non-additive operations, like amplitude scaling in combination with additive noise. In this paper, we propose a secure Maximum Likelihood (ML) estimation technique for amplitude scaling factors using subtractive dither. The dither has mainly security purposes and is assumed to be known to the watermark encoder and decoder. We derive the probability density function (PDF) models of the watermarked and attacked data in the presence of subtractive dither. The derivation of these models follows the lines of reference 5, where we derived the PDF models in the absence of dither. We derive conditions for the dither sequence statistics such that a given security level is achieved using the error probability of the watermarking system as objective function. Based on these conditions we are able to make approximations to the PDF models that are used in the ML estimation procedure. Finally, experiments are performed with real audio and speech signals showing the good performance of the proposed estimation technique under realistic conditions.

The growth of internet communications, multimedia storage capacity, and software sophistication triggered the need to protect intellectual property in digital media. Digital watermark can be inserted into images for copyright protection, copy protection, tamper detection and authentication. Unfortunately, geometrical robustness in digital image watermarking remains a challenging issue because consumer software enables rotational, scaling and translational attacks on the watermark with little image quality degradation. To balance robustness requirements and computation simplicity, we propose a method to re-synchronize watermark information for its effective detection. The method uses scale normalization and flowline curvature in embedding and detection processes. Scale normalization with unit aspect ratio and predefined area offers scale invariance and translation invariance. Rotational robustness is achieved using the flowline curvature properties of extracted robust corners. The watermark is embedded in Discrete Fourier Transform (DFT) domain of the normalized image using fixed strength additive embedding. Geometric properties recovery is simplified using flowline curvature properties and robust corners as reference points prior to watermark detection. Despite the non-blind nature and vulnerability to local transformations of this approach, experimental results indicate its potential application in robust image watermarking.

In a previous work we proposed an algorithm to embed watermark bits directly in a compressed bitstream. The embedding algorithm is reversible, requires no decompression, causes no increase in file size, and is fast. The problem is that the watermarked bitstream will either lose format-compliance or suffer unacceptable visual degradation. We have now solved these problems for JPEG streams. The algorithm determines the AC VLC codespace that is actually used by the image. Watermarking specific VLCs places the resulting codewords outside of the used codespace, but still within the orignal VLC table specified in JPEG standard. To keep the watermarked stream format-compliant and visually acceptable, the run/size values of watermarked VLCs are remapped in a way to keep visual degradation to a minimum. Since watermarked VLCs are never used in the image, this remapping does not alter the image outside of watermarked VLC codespace.

The vulnerability of quantization-based data hiding schemes to amplitude scaling has required the formulation of countermeasures to this relatively simple attack. Parameter estimation is one approach, where the applied scaling is estimated from the received signal at the decoder. As scaling of the watermarked signal creates a mismatch with respect to the quantization step assumed by the decoder, this estimate can be used to correct the mismatch prior to decoding. In this work we first review previous approaches utilizing parameter estimation as a means of combating the scaling attack on DC-DM. We then present a method for maximum likelihood estimation of the scaling factor for this quantization-based method. Using iteratively decodable codes in conjunction with DC-DM, the estimation method exploits the reliabilities provided by the near-optimal decoding process in order to iteratively refine the estimate of the applied scaling. By performing estimation in cooperation with the decoding process, the complexity of which is tackled using the expectation maximization algorithm, reliable estimation is possible at very low watermark-to-noise power ratios by using sufficiently low rate codes.

This paper proposes a low computational reversible watermarking approach. An integer transform is defined for pairs of pixels. The transform is invertible and, besides, for some pairs of pixels, the original values are recovered even if the LSBs of the transformed pixels are overwritten. This allows watermarking embedding into image LSB plane without any other data compression scheme. At detection, original image is exactly recovered. The method is of interest for image authentication and data hiding. Experimental results are provided.

In this paper we consider the problem of performance improvement of known-host-state (quantization-based) watermarking methods undergo additive white Gaussian noise (AWGN) and uniform noise attacks. We analyze the underlying assumptions used for design of Dither Modulation (DM) and Distortion Compensated Dither Modulation (DC-DM) methods and question the optimality of high rate uniform quantizer based embedding into real images from the point of view of robustness of these methods to the selected additive attacks in terms of bit error rate probability. Motivated by superior performance of uniform deadzone quantizer (UDQ) over the uniform one in lossy transform based source coding, we propos to replace the latter one by the UDQ in data-hiding set-up designed according to the statistics of the host data that are assumed to be independent identically distributed Laplacian. Based on the suggested modifications we obtained analytical expressions for bit error rate probability analysis of host-statistics-dependent quantization-based watermarking methods in AWGN and uniform noise attacking channels. Experimental results of computer simulations demonstrate significant performance enhancement of the designed modified DM and DC-DM watermarking techniques in comparison to the classically elaborated known-host-state schemes in terms of the selected performance measure.

Digital watermarking techniques are used for a variety of applications, e.g. to protect copyrights of users, to guarantee the integrity of content or to provide additional information embedded in the media. Irrespective of the application, in common watermarking algorithms embedded information is either spread over the entire medium or concentrated at dedicated positions given by a visual or psychoacoustical model. In most cases syntactical and not semantical aspects determine embedding. In our paper we introduce an object-based DWT annotation watermarking scheme respecting the semantical characteristics of digital images for a so-called illustration watermarking. Here the goal is to embed annotation directly into the image objects by illustrating them with further information. Beside the semantic analysis for the illustrations we evaluate the competing properties capacity, non-perceptibility and robustness. Security issues are less important, since an annotation watermark does generally not need to be difficult to remove. If an attacker wants to destroy the embedded information there is often no need to keep him from that. Annotated data would lose value and therefore there is in most cases no attack motivation. After discussing the requirements for object-based watermarking we introduce the model of watermarking of data for illustrating the content and describe generic watermark embedding and extraction, as well as all necessary preprocessing like segmentation, feature extraction and the visual model.

Suppose Alice the information hider wants to send a stego message to Bob in the presence of Wendy the (passive) warden. Wendy employs one of n different passive steganalysis detectors to decide if the data from Alice contains any hidden message before passing it on to Bob. Suppose Alice can choose from a set of information hiding schemes and possesses only an incomplete information about the steganalysis strategy choice of Wendy. That is, suppose Alice only knows an ordering of the probabilities (and not the values themselves), say, p₁ ≥ p₂ ≥ ... ≥ p_n where p_j is the probability of Wendy using jth detector. Under this scenario we investigate answers to the following two questions by generalizing a previous result by the author and deriving new ones: (a) how must Alice choose the optimal data hiding strategy subject to risk constraints and (b) what is the maximum safe embedding rate, i.e., maximum message rate that can be embedded without being detected by Wendy? Detailed analysis and numerical results are presented to answer these questions.

In this paper, we propose a new method for estimating the number of embedding changes for non-adaptive ±K embedding in images. The method uses a high-pass FIR filter and then recovers an approximate message length using a Maximum Likelihood Estimator on those stego image segments where the filtered samples can be modeled using a stationary Generalized Gaussian random process. It is shown that for images with a low noise level, such as decompressed JPEG images, this method can accurately estimate the number of embedding changes even for K=1 and for embedding rates as low as 0.2 bits per pixel. Although for raw, never compressed images the message length estimate is less accurate, when used as a scalar parameter for a classifier detecting the presence of ±K steganography, the proposed method gave us relatively reliable results for embedding rates as low as 0.5 bits per pixel.

Based on the knowledge and experiences from existing image steganalysis techniques, the overall objective of the paper is to evaluate existing audio steganography with a special focus on attacks in ad-hoc end-to-end media communications on the example of Voice over IP (VoIP) scenarios. One aspect is to understand operational requirements of recent steganographic techniques for VoIP applications. The other aspect is to elaborate possible steganalysis approaches applied to speech data. In particular we have examined existing VoIP applications with respect to their extensibility to steganographic algorithms. We have also paid attention to the part of steganalysis in PCM audio data which allows us to detect hidden communication while a running VoIP communication with the usage of the PCM codec. In our impelementation we use Jori's Voice over IP library by Jori Liesenborgs (JVOIPLIB) that provides primitives for a voice over IP communication. Finally we show first results of our prototypic implementation which extents the common VoIP scenario by the new feature of steganography. We also show the results for our PCM steganalyzer framework that is able to detect this kind of hidden communication by using a set of 13 first and second order statistics.

Steganography is the study of data hiding for the purpose of covert communication. A secret message is inserted into a cover file so that the very existence of the message is not apparent. Most current steganography algorithms insert data in the spatial or transform domains; common transforms include the discrete cosine transform, the discrete Fourier transform, and discrete wavelet transform. In this paper, we present a data-hiding algorithm that exploits a decomposition representation of the data instead of a frequency-based transformation of the data. The decomposition transform used is the singular value decomposition (SVD). The SVD of a matrix A is a decomposition A= USV' in which S is a nonnegative diagonal matrix and U and V are orthogonal matrices. We show how to use the orthogonal matrices in the SVD as a vessel in which to embed information. Several challenges were presented in order to accomplish this, and we give effective information-hiding using the SVD can be just as effective as using transform-based techniques. Furthermore, different problems arise when using the SVD than using a transform-based technique. We have applied the SVD to image data, but the technique can be formulated for other data types such as audio and video.

This paper is an extension of our work on stego key search for JPEG images published at EI SPIE in 2004. We provide a more general theoretical description of the methodology, apply our approach to the spatial domain, and add a method that determines the stego key from multiple images. We show that in the spatial domain the stego key search can be made significantly more efficient by working with the noise component of the image obtained using a denoising filter. The technique is tested on the LSB embedding paradigm and on a special case of embedding by noise adding (the ±1 embedding). The stego key search can be performed for a wide class of steganographic techniques even for sizes of secret message well below those detectable using known methods. The proposed strategy may prove useful to forensic analysts and law enforcement.

In this paper, we examine a method for estimating the embedding rate (or equivalently, the length of the hidden message) for plus-minus one embedding. The plus-minus one method embeds information into the least significant bit of the carrier by either adding or subtracting one from a pixel when the LSB of the pixel value is not equal to the message bit. The decision of adding or subtracting one is determined randomly with equal probability for each case. In this paper, we formulate the plus-minus one embedding procedure as a state transition between two sequences of sets. Given an image that possibly contains plus-minus one embedding, an original image is estimated using an adaptive wavelet denoising algorithm. The stego image is classified into busy and non-busy areas, and then parameters with respect to the state transition are calculated from the non-busy areas in both the stego image and the estimated original image. The embedding rate is then estimated using a symmetric form of divergence (Kullback-Leibler distance). Experimental results using the proposed algorithm are shown.

Universal blind steganalysis can detect hidden messages without using prior information about the steganographic system. Recently, Farid developed a wavelet coefficient, higher-order statistics based, universal blind steganalysis method. This approach is a global method which demonstrated a high-quality in performance standards. Fridrich and Goljan also presented a DCT based local targeted steganalysis method to break the F5 algorithm. However, both Farid’s and Fridrich and Goljan’s methods have some limitations. This paper presents a local universal steganalysis technique combining the advantages of both methods. The basic components of the presented method are: novel DCT multilevel decomposition with wavelet structure; a new set of feature vectors; and a modified kernel function in the Kernel Fisher Discriminant. Experimental results show the presented method offers better performance than commonly used schemes. Inherently, the presented method has the ability to localize the hidden information, it can capture stego information in small blocks, and it is functional using only a small training set.

Digital audio provides a suitable cover for high-throughput steganography. At 16 bits per sample and sampled at a rate of 44,100 Hz, digital audio has the bit-rate to support large messages. In addition, audio is often transient and unpredictable, facilitating the hiding of messages. Using an approach similar to our universal image steganalysis, we show that hidden messages alter the underlying statistics of audio signals. Our statistical model begins by building a linear basis that captures certain statistical properties of audio signals. A low-dimensional statistical feature vector is extracted from this basis representation and used by a non-linear support vector machine for classification. We show the efficacy of this approach on LSB embedding and Hide4PGP. While no explicit assumptions about the content of the audio are made, our technique has been developed and tested on high-quality recorded speech.

In this paper, we propose a new method for estimation of the number of embedding changes for non-adaptive ±k embedding in images. By modeling the cover image and the stego noise as additive mixture of random processes, the stego message is estimated from the stego image using a denoising filter in the wavelet domain. The stego message estimate is further analyzed using ML/MAP estimators to identify the pixels that were modified during embedding. For non-adaptive ±k embedding, the density of embedding changes is estimated from selected segments of the stego image. It is shown that for images with a low level of noise (e.g., for decompressed JPEG images) this approach can detect and estimate the number of embedding changes even for small values of k, such as k=2, and in some cases even for k=1.

Digital watermarking has first been introduced as a possible way to ensure intellectual property (IP) protection. However, fifteen years after its infancy, it is still considered as a young technology and digital watermarking is far from being introduced in Digital Right Management (DRM) frameworks. A possible explanation is that the research community has so far mainly focused on the robustness of the embedded watermark and has almost ignored security aspects. For IP protection applications such as fingerprinting and copyright protection, the watermark should provide means to ensure some kind of trust in a non secure environment. To this end, security against attacks from malicious users has to be considered. This paper will focus on collusion attacks to evaluate security in the context of video watermarking. In particular, security pitfalls will be exhibited when frame-by frame embedding strategies are enforced for video watermarking. Two alternative strategies will be surveyed: either eavesdropping the watermarking channel to identify some redundant hidden structure, or jamming the watermarking channel to wash out the embedded watermark signal. Finally, the need for a new brand of watermarking schemes will be highlighted if the watermark is to be released in a hostile environment, which is typically the case for IP protection applications.

This paper focuses on the analysis and enhancement of watermarking based security strategies for multimedia authentication. Based on an authentication game between a transmitter and its authorized receiver, and an opponent, security of authentication watermarking is measured by the opponent's inability to launch a successful attack. In this work, we consider two traditional classes of security for authentication: computational security and unconditional security. First we identify authentication watermarking as an error detection problem, which is different from error correction coding in robust watermarking. Then we analyze the computational and unconditional security requirements of an error detection code structure associated with quantization-based authentication watermarking schemes. We propose a novel security enhancement strategy that results in efficient and secure quantization-based embedding and verification algorithms. For computational security, cryptographic message authentication codes are incorporated while unconditional security is obtained by using unconditionally secure authentication codes. Both theoretical analysis and experimental results are presented. They show that using our approach, protection is achieved without significant increase in embedding distortion, and without sacrificing computational efficiency of the embedding and verification algorithms.

In digital media transfer, geometrical transformations desynchronize the communications between the encoder and the decoder. Therefore, an attempt to decode the message based on the direct output of the channel with random geometrical state fails. The main goal of this paper is to analyze the conditions of reliable communications based on structured codebooks in channels with geometrical transformations. Structured codebooks include codewords that have some features or statistics designed for synchronization purposes. In the design of capacity approaching data-hiding codes, host interference problem should be resolved. The solution to this problem is to perform the message coding based on random binning dependent on host-state. On the other hand, to achieve robustness to geometrical transformations, the codewords should have host independent statistics and encoding should be performed using random coding. To satisfy these conflicting requirements we propose Multiple Access Channel (MAC) framework where the message is split between two encoders designed based on the random binning and random coding principles. The message encoded according to random coding additionally serves for synchronization purposes. Sequentially, all existing methods that are proposed for reliable communications in channels with geometrical transformations are analyzed within the proposed MAC set-up. Depending on the particular codebook design, we classify these methods into two main groups: template-based codebooks and redundant codebooks. Finally, we perform the analysis of security leaks of each codebook structure in terms of complexity of the worst case attack.

In this paper, a novel method for detection in quantization-based watermarking is introduced. This method basically works by quantizing a projection of the host signal onto a subspace of smaller dimensionality. A theoretical performance analysis under AWGN and fixed gain attacks is carried out, showing great improvements over traditional spread-spectrum-based methods operating under the same conditions of embedding distortion and attacking noise. A security analysis for oracle-like attacks is also accomplished, proposing a sensitivity attack suited to quantization-based methods for the first time in the literature, and showing a trade-off between security level and performance; anyway, this new method offers significant improvements in security, once again, over spread-spectrum-based methods facing the same kind of attacks.

The sensitivity analysis attacks by Kalker et al. constitute a known family of watermark removal attacks exploiting a vulnerability in some watermarking protocols: the attacker's unlimited access to the watermark detector. In this paper, a new attack on spread spectrum schemes is designed. We first examine one of Kalker's algorithms and prove its convergence using the law of large numbers, which gives more insight into the problem. Next, a new algorithm is presented and compared to existing ones. Various detection algorithms are considered including correlation detectors and normalized correlation detectors, as well as other, more complicated algorithms. Our algorithm is noniterative and requires at most n+1 operations, where n is the dimension of the signal. Moreover, the new approach directly estimates the watermark by exploiting the simple geometry of the detection boundary and the information leaked by the detector.

This article proposes a theory of watermarking security based on a cryptanalysis point of view. The main idea is that information about the secret key leaks from the observations, for instance watermarked pieces of content, available to the opponent. Tools from information theory (Shannon's mutual information and Fisher's information matrix) can measure this leakage of information. The security level is then defined as the number of observations the attacker needs to successfully estimate the secret key. This theory is applied to common watermarking methods: the substitutive scheme and spread spectrum based techniques. Their security levels are calculated against three kinds of attack.

This second part focuses on estimation of secret parameters of some practical watermarking techniques. The first part reveals some theoretical bounds of information leakage about secret keys from observations. However, as usual in information theory, nothing has been said about practical algorithms which pirates use in real life application. Whereas Part One deals with the necessary number of observations to disclose secret keys (see definitions of security levels), this part focuses on the complexity or the computing power of practical estimators. Again, we are inspired here by the work of Shannon as in his famous article, he has already made a clear cut between the unicity distance and the work of opponents' algorithm. Our experimental work also illustrates how Blind Source Separation (especially Independent Component Analysis) algorithms help the opponent exploiting this information leakage to disclose the secret carriers in the spread spectrum case. Simulations assess the security levels theoretically derived in Part One.

In spread-spectrum watermarking, the watermarked document is obtained from the addition of an attenuated watermark signal to a cover multimedia document. A traditional strategy consists of optimising the detector for a given embedding function. In general, this leads to sub-optimal detection and much improvement can be obtained by exploiting side-information available at the embedder. In some prior art, the authors showed that for blind detection of low-power signals, maximum detection power is obtained to first order by setting the watermark signal to the gradient of the detector. In the first part of the paper, we develop this idea further and extend Costa's decoding theory to the problem of watermarking detection. In the second part, we propose a practical implementation of this work using non-linear detectors based on our family of polynomial functions which demonstrate some improved performance of the technique. Finally, the robustness of our side-informed scheme is assessed by computer simulations on real audio signals in the presence of additive, multiplicative and coloured noise resulting from perceptual coding for a low watermark to content power ratio.

Today two technologies are applied when protecting audio data in digital rights management (DRM) environments: Encryption and digital watermarking. Encryption renders the data unreadable for those not in the possession of a key enabling decryption. This is especially of interest for access control, as usage of the audio data is restricted to those owning a key. Digital watermarking adds additional information into an audio file without influencing quality our file size. This additional information can be used for inserting copyright information or a customer identity into the audio file. The later method is of special interest for DRM as it is the only protection mechanism enabling tracing illegal usage to a certain customer even after the audio data has escaped the secure DRM environment. Existing methods combine these methods in first embedding the watermark and than encrypting the content. As a more efficient alternative, we introduce a combined watermarking and encryption scheme where both mechanisms are transparent to each other. A watermark is embedded in and detected from an encrypted or unencrypted file. The watermark also does not influence the encryption mechanism. The only requirement for this method is a common key available to both algorithms.

A high-capacity, data-hiding algorithm that lets the user embed a large amount of data in a digital audio signal is presented in this paper. The algorithm also lets the user restore the original digital audio from the watermarked digital audio after retrieving the hidden data. The hidden information can be used to authenticate the audio, communicate copyright information, facilitate audio database indexing and information retrieval without degrading the quality of the original audio signal, or enhance the information content of the audio. It also allows secret communication between two parties over a digital communication link. The proposed algorithm is based on a generalized, reversible, integer transform, which calculates the average and pair-wise differences between the elements of a vector composed from the audio samples. The watermark is embedded into the pair-wise difference coefficients of selected vectors by replacing their least significant bits (LSB) with watermark bits. Most of these coefficients are shifted left by one bit before replacing their LSB. The vectors are carefully selected such that they remain identifiable after embedding and they do not suffer from overflow or underflow after embedding. To ensure reversibility, the locations of the shifted coefficients and the original LSBs are appended to the payload. Simulation results of the algorithm and its performance are presented and discussed in the paper.