Show all abstracts
View Session
- Front Matter: Volume 6505
- Steganalysis
- Audio
- Attacks
- Theoretical Methods
- Benchmarking
- Forensics I
- Forensics II
- Natural Language Watermarking
- Biometrics
- BOWS
- Video
- Forensics III
- Embedding I
- Embedding II
- Other Domains
Front Matter: Volume 6505
Front Matter: Volume 6505
Show abstract
This PDF file contains the front matter associated with SPIE Proceedings Volume 6505, including the Title Page, Copyright information, Table of Contents, Introduction (if any), and the Conference Committee listing.
Steganalysis
Practical methods for minimizing embedding impact in steganography
Show abstract
In this paper, we propose a general framework and practical coding methods for constructing steganographic
schemes that minimize the statistical impact of embedding. By associating a cost of an embedding change with
every element of the cover, we first derive bounds on the minimum theoretically achievable embedding impact
and then propose a framework to achieve it in practice. The method is based on syndrome codes with low-density
generator matrices (LDGM). The problem of optimally encoding a message (e.g., with the smallest embedding
impact) requires a binary quantizer that performs near the rate-distortion bound. We implement this quantizer
using LDGM codes with a survey propagation message-passing algorithm. Since LDGM codes are guaranteed
to achieve the rate-distortion bound, the proposed methods are guaranteed to achieve the minimal embedding
impact (maximal embedding efficiency). We provide detailed technical description of the method for practitioners
and demonstrate its performance on matrix embedding.
Merging Markov and DCT features for multi-class JPEG steganalysis
Show abstract
Blind steganalysis based on classifying feature vectors derived from images is becoming increasingly more powerful.
For steganalysis of JPEG images, features derived directly in the embedding domain from DCT coefficients
appear to achieve the best performance (e.g., the DCT features10 and Markov features21). The goal of this paper
is to construct a new multi-class JPEG steganalyzer with markedly improved performance. We do so first by extending
the 23 DCT feature set,10 then applying calibration to the Markov features described in21 and reducing
their dimension. The resulting feature sets are merged, producing a 274-dimensional feature vector. The new feature
set is then used to construct a Support Vector Machine multi-classifier capable of assigning stego images to
six popular steganographic algorithms-F5,22 OutGuess,18 Model Based Steganography without ,19 and with20
deblocking, JP Hide&Seek,1 and Steghide.14 Comparing to our previous work on multi-classification,11, 12 the
new feature set provides significantly more reliable results.
Batch steganography and the threshold game
Show abstract
In Batch Steganography we assume that a Steganographer has to choose how to allocate a fixed amount of data
between a large number of covers. Given the existence of a steganalysis method for individual objects (satisfying
certain assumptions) we assume that a Warden attempts to detect the payload by pooling the evidence from all
the objects. This paper works out the details of a particular method for the Warden, which counts the number
of objects of which the detection statistic surpasses a certain threshold. This natural pooling method leads to a
game between the Warden and Steganographer, and there are different varieties depending on whether the moves
are sequential or simultaneous. The solutions are intriguing, suggesting that the Steganographer should always
concentrate the payload in as few covers as possible, or exactly the reverse, but never adopt an intermediate
strategy. Furthermore, the Warden's optimal strategies are instructive for the benchmarking of quantitative
steganalysis methods. Experimental results show that some steganography and steganalysis methods' empirical
performance accords with this theory.
Mel-cepstrum based steganalysis for VoIP steganography
Show abstract
Steganography and steganalysis in VoIP applications are important research topics as speech data is an appropriate
cover to hide messages or comprehensive documents. In our paper we introduce a Mel-cepstrum based
analysis known from speaker and speech recognition to perform a detection of embedded hidden messages. In
particular we combine known and established audio steganalysis features with the features derived from Melcepstrum
based analysis for an investigation on the improvement of the detection performance. Our main focus
considers the application environment of VoIP-steganography scenarios.
The evaluation of the enhanced feature space is performed for classical steganographic as well as for watermarking
algorithms. With this strategy we show how general forensic approaches can detect information hiding
techniques in the field of hidden communication as well as for DRM applications. For the later the detection of
the presence of a potential watermark in a specific feature space can lead to new attacks or to a better design of
the watermarking pattern. Following that the usefulness of Mel-cepstrum domain based features for detection is
discussed in detail.
Optimally weighted least-squares steganalysis
Show abstract
Quantitative steganalysis aims to estimate the amount of payload in a stego object, and such estimators seem
to arise naturally in steganalysis of Least Significant Bit (LSB) replacement in digital images. However, as with
all steganalysis, the estimators are subject to errors, and their magnitude seems heavily dependent on properties
of the cover. In very recent work we have given the first derivation of estimation error, for a certain method of
steganalysis (the Least-Squares variant of Sample Pairs Analysis) of LSB replacement steganography in digital
images. In this paper we make use of our theoretical results to find an improved estimator and detector. We also
extend the theoretical analysis to another (more accurate) steganalysis estimator (Triples Analysis) and hence
derive an improved version of that estimator too. Experimental results show that the new steganalyzers have
improved accuracy, particularly in the difficult case of never-compressed covers.
Blind source separation for steganalytic secret message estimation
Show abstract
A blind source separation method for steganalysis of linear
additive embedding techniques is presented. The paper formulates
steganalysis as a blind source separation problem -- statistically
separate the host and secret message carrying signals. A
probabilistic model of the source distributions is defined based
on its sparsity. The problem of having fewer observations than the
number of sources is effectively handled exploiting the sparsity
and a maximum a posteriori probability (MAP) estimator is
developed to chose the best estimate of the sources. Experimental
details are provided for steganalysis of a discrete cosine
transform (DCT) domain data embedding technique.
Audio
Robust message authentication code algorithm for digital audio recordings
Show abstract
Current systems and protocols for integrity and authenticity verification of media data do not distinguish between
legitimate signal transformation and malicious tampering that manipulates the content. Furthermore, they
usually provide no localization or assessment of the relevance of such manipulations with respect to human
perception or semantics. We present an algorithm for a robust message authentication code (RMAC) to verify the
integrity of audio recodings by means of robust audio fingerprinting and robust perceptual hashing. Experimental
results show that the proposed algorithm provides both a high level of distinction between perceptually different
audio data and a high robustness against signal transformations that do not change the perceived information.
Blind audio watermark synchronization by passive audio fingerprinting
Show abstract
Synchronization is still one of the most important issues in digital watermarking. Many attacks do not remove the
watermark from the cover, but only disable the synchronization between the watermark and the detector. Most
watermarking algorithms feature some synchronization strategy, but especially in audio watermarking this may not be
sufficient to fight de-synchronization attacks: As the watermark is embedded over a given length of audio data, a good
synchronization at the starting point of the retrieval process may be lost during retrieval. An example for this is time
stretching, where the effects of playback speed modification sums up during retrieval. We introduce a novel
synchronization approach applying passive audio fingerprinting to synchronize each watermarking bit individually.
Storage of the fingerprint values is not necessary in our approach, improving the usability compared to existing solutions
in this area.
Audio watermarking robust to geometrical distortions based on dyadic wavelet transform
Show abstract
Geometrical transforms such as time-scale modification (TSM), random removal(RR), random duplication(RD), and
cropping, are of common operations on audio signals while presents many challenges to robust audio watermarking. The
existing algorithms aiming at solving the geometrical distortions have various drawbacks e.g. high false alarm
probability, heavy computation load, small data hiding capacity, and low robustness performance. In this paper an audio
watermarking algorithm based on dyadic wavelet transform robust to geometrical distortions is proposed. Watermark
synchronization is achieved using the geometrical invariant properties of dyadic wavelet transform. A well-designed
coding scheme is proposed for lowering the bit error rate of the watermark. The experimental results show that the
watermark is robust to geometrical transforms and other common operations. Compared with other existing algorithms
the proposed algorithm has several advantages of high robustness, large data hiding capacity and low computation load.
Attacks
Efficient non-interactive zero-knowledge watermark detector robust to sensitivity attacks
Show abstract
Zero-knowledge watermark detectors presented to date are based on a linear correlation between the asset features
and a given secret sequence. This detection function is susceptible of being attacked by sensitivity attacks, for
which zero-knowledge does not provide protection.
In this paper, an efficient zero-knowledge version of the Generalized Gaussian Maximum Likelihood (ML)
detector is introduced. The inherent robustness that this detector presents against sensitivity attacks, together
with the security provided by the zero-knowledge protocol that conceals the keys that could be used to remove
the watermark or to produce forged assets, results in a robust and secure protocol.
Two versions of the zero-knowledge detector are presented; the first one makes use of two new zero-knowledge
proofs for modulus and square root calculation; the second is an improved version applicable when the spreading
sequence is binary, and it has minimum communication complexity.
Completeness, soundness and zero-knowledge properties of the developed protocols are proved, and they are
compared with previous zero-knowledge watermark detection protocols in terms of receiver operating characteristic,
resistance to sensitivity attacks and communication complexity.
Reverse-engineering a detector with false alarms
Show abstract
Inspired by results from the Break Our Watermarking System (BOWS) contest, we explored techniques to
reverse-engineer watermarking algorithms via oracle attacks. We exploit a principle called "superrobustness,"
which allows a watermarking algorithm to be characterized by its resistance to specific distortions. The generic
application of this principle to an oracle attack seeks to find a severe false alarm, or a point on the watermark
detection region as far as possible from the watermarked image.
For specific types of detection regions, these severe false positives can leak information about the feature
space as well as detector parameters. We explore the specific case of detectors using normalized correlation, or
correlation coefficient.
On distortion measures associated to random desynchronization attacks
Show abstract
Desynchronization attacks based on fine resampling of a watermarked signal can be very effective from the point of view of degrading decoding performance. Nevertheless, the actual perceptual impact brought about by these attacks has not been considered in enough depth in previous research. In this work, we investigate geometric distortion measures which aim at being simultaneously general, related to human perception, and easy to compute in stochastic contexts. Our approach is based on combining the stochastic characterization of the sampling grid jitter applied by the attacker with empirically relevant perceptual measures. Using this procedure, we show that the variance of the sampling grid, which is a customary geometric distortion measure, has to be weighted in order to carry more accurate perceptual meaning. Indeed, the spectral characteristics of the geometric jitter signal have to be relevant from a perceptual point of view, as intuitively seen when comparing constant shift resampling and white jitter resampling. Finally, as the geometric jitter signal does not describe in full the resampled signal, we investigate more accurate approaches to producing a geometric distortion measure that takes into account the amplitude modifications due to resampling.
Fast and automatic watermark resynchronization based on Zernike moments
Show abstract
In some applications such as real-time video applications, watermark detection needs to be performed in real time.
To address image watermark robustness against geometric transformations such as the combination of rotation, scaling,
translation and/or cropping (RST), many prior works choose exhaustive search method or template matching method to
find the RST distortion parameters, then reverse the distortion to resynchronize the watermark. These methods typically
impose huge computation burden because the search space is typically a multiple dimensional space. Some other prior
works choose to embed watermarks in an RST invariant domain to meet the real time requirement. But it might be
difficult to construct such an RST invariant domain. Zernike moments are useful tools in pattern recognition and image
watermarking due to their orthogonality and rotation invariance property. In this paper, we propose a fast watermark
resynchronization method based on Zernike moments, which requires only search over scaling factor to combat RST
geometric distortion, thus significantly reducing the computation load. We apply the proposed method to circularly
symmetric watermarking. According to Plancherel's Theorem and the rotation invariance property of Zernike moments,
the rotation estimation only requires performing DFT on Zernike moments correlation value once. Thus for RST attack,
we can estimate both rotation angle and scaling factor by searching for the scaling factor to find the overall maximum
DFT magnitude mentioned above. With the estimated rotation angle and scaling factor parameters, the watermark can be
resynchronized. In watermark detection, the normalized correlation between the watermark and the DFT magnitude of
the test image is used. Our experimental results demonstrate the advantage of our proposed method. The watermarking
scheme is robust to global RST distortion as well as JPEG compression. In particular, the watermark is robust to
print-rescanning and randomization-bending local distortion in Stirmark 3.1.
Theoretical Methods
Security of spread-spectrum-based data hiding
Show abstract
This paper presents an information-theoretic analysis of security for data hiding methods based on spread
spectrum. The security is quantified by means of the mutual information between the observed watermarked
signals and the secret carrier (a.k.a. spreading vector) that conveys the watermark, a measure that can be used
to bound the number of observations needed to estimate the carrier up to a certain accuracy. The main results of
this paper permit to establish fundamental security limits for this kind of methods and to draw conclusions about
the tradeoffs between robustness and security. Specifically, the impact of the dimensionality of the embedding
function, the host rejection, and the embedding distortion in the security level is investigated, and in some cases
explicitly quantified.
Trellis coded modulation to improve dirty paper trellis watermarking
Show abstract
Lattice codes and quantization-based techniques have received considerable attention as a method of digital watermarking
with side information. However, these algorithms are also recognized to be highly sensitive to common
signal processing primitives such as valuemetric scaling, e.g. changes in volume of a song, or re-quantization,
e.g. JPEG compression. Hence, it is reasonable to investigate alternative codes which may offer the potential
for superior performance. In previous work, we designed a new class of codes, called dirty paper trellis codes
(DPTC), which are by construction immune to valuemetric scaling. Although DPTC have shown themselves to
be resistant to certain classes attacks, the trellises were generated randomly, thus leading to suboptimal codes.
In this paper, Ungerboeck's work on trellis coded modulation (TCM) is exploited to significantly improve the
performance of the DPTC. Experimental results show that the resulting trellises significantly outperform the
original design.
Cramer-Rao bound on watermark desynchronization parameter estimation accuracy
Show abstract
Various decoding algorithms have been proposed in the literature to combat desynchronization attacks on quantization index modulation (QIM) blind watermarking schemes. Nevertheless, these results have been fairly poor so far. The need to investigate fundamental limitations on the decoder's performance under a desynchronization attack is thus clear. In this paper, we look at the class of estimator-decoders which estimate the desynchronization attack parameter(s) for using in the decoding step. We model the desynchronization attack as an arbitrary (but invertible) linear time-invariant (LTI) system. We then come up with an encoding-decoding scheme for these attacks on cubic QIM watermarking schemes, and derive Cramer-Rao bounds on the estimation error for the desynchronization parameter at the decoder. As an example, we consider the case of a cyclic shift attack and present some numerical findings.
A novel interpretation of content authentication
Show abstract
This work deals with practical and theoretical issues raised by the information-theoretical framework for authentication
with distortion constraints proposed by Martinian et al.1 The optimal schemes proposed by these
authors rely on random codes which bear close resemblance to the dirty-paper random codes which show up
in data hiding problems. On the one hand, this would suggest to implement practical authentication methods
employing lattice codes, but these are too easy to tamper with within authentication scenarios. Lattice codes
must be randomized in order to hide their structure. One particular multimedia authentication method based
on randomizing the scalar lattice was recently proposed by Fei et al.2 We reexamine here this method under the
light of the aforementioned information-theoretical study, and we extend it to general lattices thus providing a
more general performance analysis for lattice-based authentication. We also propose improvements to Fei et al.'s
method based on the analysis by Martinian et al., and we discuss some weaknesses of these methods and their
solutions.
Capacity and optimal collusion attack channels for Gaussian fingerprinting games
Show abstract
In content fingerprinting, the same media covertext - image, video, audio, or text - is distributed to many users.
A fingerprint, a mark unique to each user, is embedded into each copy of the distributed covertext. In a collusion
attack, two or more users may combine their copies in an attempt to "remove" their fingerprints and forge a
pirated copy. To trace the forgery back to members of the coalition, we need fingerprinting codes that can reliably
identify the fingerprints of those members. Researchers have been focusing on designing or testing fingerprints
for Gaussian host signals and the mean square error (MSE) distortion under some classes of collusion attacks,
in terms of the detector's error probability in detecting collusion members. For example, under the assumptions
of Gaussian fingerprints and Gaussian attacks (the fingerprinted signals are averaged and then the result is
passed through a Gaussian test channel), Moulin and Briassouli1 derived optimal strategies in a game-theoretic
framework that uses the detector's error probability as the performance measure for a binary decision problem
(whether a user participates in the collusion attack or not); Stone2 and Zhao et al.3 studied average and other
non-linear collusion attacks for Gaussian-like fingerprints; Wang et al.4 stated that the average collusion attack
is the most efficient one for orthogonal fingerprints; Kiyavash and Moulin5 derived a mathematical proof of the
optimality of the average collusion attack under some assumptions.
In this paper, we also consider Gaussian cover signals, the MSE distortion, and memoryless collusion attacks.
We do not make any assumption about the fingerprinting codes used other than an embedding distortion
constraint. Also, our only assumptions about the attack channel are an expected distortion constraint, a memoryless
constraint, and a fairness constraint. That is, the colluders are allowed to use any arbitrary nonlinear
strategy subject to the above constraints. Under those constraints on the fingerprint embedder and the colluders,
fingerprinting capacity is obtained as the solution of a mutual-information game involving probability density
functions (pdf's) designed by the embedder and the colluders. We show that the optimal fingerprinting strategy
is a Gaussian test channel where the fingerprinted signal is the sum of an attenuated version of the cover signal
plus a Gaussian information-bearing noise, and the optimal collusion strategy is to average fingerprinted signals
possessed by all the colluders and pass the averaged copy through a Gaussian test channel. The capacity result
and the optimal strategies are the same for both the private and public games. In the former scenario, the original
covertext is available to the decoder, while in the latter setup, the original covertext is available to the encoder
but not to the decoder.
Sphere packing lower bound on fingerprinting error probability
Show abstract
We study the statistical performance of spherical fingerprints for a focused detector which decides whether
a user of interest is among the colluders. The colluders create a noise-free forgery by preprocessing their
individual copies, and then adding a white Gaussian noise sequence to form the actual forgery. Let N be
the codelength, M the number of users, and K the number of colluders. We derive a sphere packing lower bound on the error probability, valid for any triple (N,M,K) and any spherical fingerprinting code.
Benchmarking
Nested object watermarking: comparison of block-luminance and blue channel LSB wet paper code image watermarking
Show abstract
Annotation watermarking (sometimes also called caption or illustration watermarking) denotes a specific application of
watermarks, which embeds supplementary information directly in the media, so that additional information is
intrinsically linked to media content and does not get separated from the media by non-malicious processing steps such
as image cropping or compression. Recently, nested object annotation watermarking (NOAWM) has been introduced as
a specialized annotation watermarking domain, whereby hierarchical object information is embedded in photographic
images. In earlier work, the Hierarchical Graph Concept (HGC) has been suggested as a first approach to model object
relations, which are defined by users during editing processes, into a hierarchical tree structure. The original HGC
method uses a code-book decomposition of the annotation tree and a block-luminance algorithm for embedding.
In this article, two new approaches for embedding nested object annotations are presented and experimentally compared
to the original HGC approach. The first one adopts the code-book scheme of HGC using an alternative embedding based
on Wet Paper Codes in blue-channel LSB domain, whereas the second suggests a new method based on the concept of
intrinsic signal inheritance by sub-band energy and phase modulation of image luminance blocks. A comparative
experimental evaluation based on more than 100 test images is presented in the paper, whereby aspects of transparency
and robustness with respect to the most relevant image modifications to annotations, cropping and JPEG compression,
are discussed comparatively for the two code-book schemes and the novel inheritance approach.
Deterring watermark collusion attacks using signal processing techniques
Show abstract
Collusion attack is a malicious watermark removal attack in which the hacker has access to multiple copies of the
same content with different watermarks and tries to remove the watermark using averaging. In the literature, several
solutions to collusion attacks have been reported. The main stream solutions aim at designing watermark codes
that are inherently resistant to collusion attacks. The other approaches propose signal processing based solutions
that aim at modifying the watermarked signals in such a way that averaging multiple copies of the content leads
to a significant degradation of the content quality. In this paper, we present signal processing based technique
that may be deployed for deterring collusion attacks. We formulate the problem in the context of electronic music
distribution where the content is generally available in the compressed domain. Thus, we first extend the collusion
resistance principles to bit stream signals and secondly present experimental based analysis to estimate a bound on
the maximum number of modified versions of a content that satisfy good perceptibility requirement on one hand
and destructive averaging property on the other hand.
Experimental study on watermark interference in multiple re-watermarking
Show abstract
Watermark interference is a threat to reliable detection in multiple re-watermarking scenarios. The impact of
using disjoint frequency bands and/or different embedding domains in limiting those interferences is evaluated
and compared. Employing disjoint frequency bands for embedding different watermarks turns out to be more
effective and is capable of maintaining reasonable detection correlation in multiple embedding applications.
Evaluation of standard watermarking techniques
Show abstract
In the last decade digital watermarking techniques have been devised to answer the ever-growing need to protect the
intellectual property of digital still images, video sequences or audio from piracy attacks. Because of the proliferation of
watermarking algorithms and their applications some benchmarks have been created in order to help watermarkers
comparing their algorithms in terms of robustness against various attacks (i.e. Stirmark, Checkmark). However, no equal
attention has been devoted to the proposition of benchmarks tailored to assess the watermark perceptual transparency. In
this work, we study several watermarking techniques in terms of the mark invisibility through subjective experiments.
Moreover, we test the ability of several objective metrics, used in the literature mainly to evaluate distortions due to the
coding process, to be correlated with subjective scores. The conclusions drawn in the paper are supported by extensive
experimentations using both several watermarking techniques and objective metrics.
Forensics I
Digital imaging sensor identification (further study)
Show abstract
In this paper, we revisit the problem of digital camera sensor identification using photo-response non-uniformity noise
(PRNU). Considering the identification task as a joint estimation and detection problem, we use a simplified model for
the sensor output and then derive a Maximum Likelihood estimator of the PRNU. The model is also used to design
optimal test statistics for detection of PRNU in a specific image. To estimate unknown shaping factors and determine
the distribution of the test statistics for the image-camera match, we construct a predictor of the test statistics on small
image blocks. This enables us to obtain conservative estimates of false rejection rates for each image under Neyman-
Pearson testing. We also point out a few pitfalls in camera identification using PRNU and ways to overcome them by
preprocessing the estimated PRNU before identification.
Joint forensics and watermarking approach for video authentication
Show abstract
In our paper we discuss and compare the possibilities and shortcomings of both content-fragile watermarking and
digital forensics and analyze if the combination of both techniques allows the identification of more than the sum
of all manipulations identified by both techniques on their own due to synergetic effects. The first part of the
paper discusses the theoretical possibilities offered by a combined approach, in which forensics and watermarking
are considered as complementary tools for data authentication or deeply combined together, in order to reduce
their error rate and to enhance the detection efficiency. After this conceptual discussion the paper proposes
some concrete examples in which the joint approach is applied to video authentication. Some specific forensics
techniques are analyzed and expanded to handle efficiently video data. The examples show possible extensions
of passive-blind image forgery detection to video data, where the motion and time related characteristics of video
are efficiently exploited.
Image splicing detection using 2D phase congruency and statistical moments of characteristic function
Show abstract
A new approach to efficient blind image splicing detection is proposed in this paper. Image splicing is the process of
making a composite picture by cutting and joining two or more photographs. The spliced image may introduce a number
of sharp transitions such as lines, edges and corners. Phase congruency has been known as a sensitive measure of these
sharp transitions and hence been proposed as features for splicing detection. In addition to the phase information, the
magnitude information is also used for splicing detection. Specifically, statistical moments of characteristic functions of
wavelet subbands have been examined to catch the difference between the authentic images and spliced images.
Consequently, the proposed scheme extracts image features from moments of wavelet characteristic functions and 2-D
phase congruency for image splicing detection. The experiments have demonstrated that the proposed approach can
achieve a higher detection rate as compared with the state-of-the-art.
Forensics II
Robust scanner identification based on noise features
Show abstract
A large portion of digital image data available today is acquired using digital cameras or scanners. While cameras
allow digital reproduction of natural scenes, scanners are often used to capture hardcopy art in more controlled
scenarios. This paper proposes a new technique for non-intrusive scanner model identification, which can be
further extended to perform tampering detection on scanned images. Using only scanned image samples that
contain arbitrary content, we construct a robust scanner identifier to determine the brand/model of the scanner
used to capture each scanned image. The proposed scanner identifier is based on statistical features of scanning
noise. We first analyze scanning noise from several angles, including through image de-noising, wavelet analysis,
and neighborhood prediction, and then obtain statistical features from each characterization. Experimental
results demonstrate that the proposed method can effectively identify the correct scanner brands/models with
high accuracy.
Detection of malevolent changes in digital video for forensic applications
Show abstract
In this paper we present a new method for the detection of forgeries in digital videos, using the sensor's pattern noise. The
camera pattern noise is a unique stochastic high frequency characteristic of imaging sensors and the detection of a forged
frame in a video is determined by comparing the correlation between the noise within the frame itself and the reference
pattern noise with an empirical threshold. The reference pattern is created for the identification of the camera and the
authentication of the video too. Such a pattern is defined as self building because it is created from the video sequence
during the time develop, with a technique applied frame per frame, by averaging the noise extracted from each frame. The
method has been inherited from an existing system created by Fridrich et al.1 for still images. By using this method we
are able to identify if all the scenes of a video sequence have been taken with the same camera and if the number and/or
the content of the frames of the video have been modified. A large section of the paper is dedicated to the experimental
results, where we demonstrate that it is possible to perform a reliable identification even from video that has undergone
MPEG compression or frame interpolation.
Forensic classification of imaging sensor types
Show abstract
Digital images can be captured or generated by a variety of sources including digital cameras and scanners. In
many cases it is important to be able to determine the source of a digital image. Methods exist to authenticate
images generated by digital cameras or scanners, however they rely on prior knowledge of the image source
(camera or scanner). This paper presents methods for determining the class of the image source (camera or
scanner). The method is based on using the differences in pattern noise correlations that exist between digital
cameras and scanners. To improve the classification accuracy a feature vector based approach using an SVM
classifier is used to classify the pattern noise.
Natural Language Watermarking
Information hiding through errors: a confusing approach
Show abstract
A substantial portion of the text available online is of a kind that tends to contain many typos and ungrammatical
abbreviations, e.g., emails, blogs, forums. It is therefore not surprising that, in such texts, one can carry out
information-hiding by the judicious injection of typos (broadly construed to include abbreviations and acronyms).
What is surprising is that, as this paper demonstrates, this form of embedding can be made quite resilient.
The resilience is achieved through the use of computationally asymmetric transformations (CAT for short):
Transformations that can be carried out inexpensively, yet reversing them requires much more extensive semantic
analyses (easy for humans to carry out, but hard to automate). An example of CAT is transformations that
consist of introducing typos that are ambiguous in that they have many possible corrections, making them harder
to automatically restore to their original form: When considering alternative typos, we prefer ones that are also
close to other vocabulary words. Such encodings do not materially degrade the text's meaning because, compared
to machines, humans are very good at disambiguation. We use typo confusion matrices and word level ambiguity
to carry out this kind of encoding. Unlike robust synonym substitution that also cleverly used ambiguity, the
task here is harder because typos are very conspicuous and an obvious target for the adversary (synonyms are
stealthy, typos are not). Our resilience does not depend on preventing the adversary from correcting without
damage: It only depends on a multiplicity of alternative corrections. In fact, even an adversary who has boldly
"corrected" all the typos by randomly choosing from the ambiguous alternatives has, on average, destroyed
around w/4 of our w-bit mark (and incurred a high cost in terms of the damage done to the meaning of the
text).
A comprehensive bibliography of linguistic steganography
Show abstract
In this paper, we will attempt to give a comprehensive bibliographic account of the work in linguistic steganography published up to date. As the field is still in its infancy there is no widely accepted publication venue. Relevant work on the subject is scattered throughout the literature on information security, information hiding, imaging and watermarking, cryptology, and natural language processing. Bibliographic references within the field are very sparse. This makes literature research on linguistic steganography a tedious task and a comprehensive bibliography a valuable aid to the researcher.
Syntactic tools for text watermarking
Hasan M. Meral,
Emre Sevinç,
Ersin Ünkar,
et al.
Show abstract
This paper explores the morphosyntactic tools for text watermarking and develops a syntax-based natural language
watermarking scheme. Turkish, an agglutinative language, provides a good ground for the syntax-based natural language
watermarking with its relatively free word order possibilities and rich repertoire of morphosyntactic structures. The
unmarked text is first transformed into a syntactic tree diagram in which the syntactic hierarchies and the functional
dependencies are coded. The watermarking software then operates on the sentences in syntax tree format and executes
binary changes under control of Wordnet to avoid semantic drops. The key-controlled randomization of morphosyntactic
tool order and the insertion of void watermark provide a certain level of security. The embedding capacity is calculated
statistically, and the imperceptibility is measured using edit hit counts.
The syntax of concealment: reliable methods for plain text information hiding
Show abstract
Many plain text information hiding techniques demand deep semantic processing, and so suffer in reliability. In contrast,
syntactic processing is a more mature and reliable technology. Assuming a perfect parser, this paper evaluates a set of
automated and reversible syntactic transforms that can hide information in plain text without changing the meaning or
style of a document. A large representative collection of newspaper text is fed through a prototype system. In contrast to
previous work, the output is subjected to human testing to verify that the text has not been significantly compromised by
the information hiding procedure, yielding a success rate of 96% and bandwidth of 0.3 bits per sentence.
Statistically constrained shallow text marking: techniques, evaluation paradigm, and results
Show abstract
We present three natural language marking strategies based on fast and reliable shallow parsing techniques, and on widely
available lexical resources: lexical substitution, adjective conjunction swaps, and relativiser switching. We test these
techniques on a random sample of the British National Corpus. Individual candidate marks are checked for goodness of
structural and semantic fit, using both lexical resources, and the web as a corpus. A representative sample of marks is given
to 25 human judges to evaluate for acceptability and preservation of meaning. This establishes a correlation between corpus
based felicity measures and perceived quality, and makes qualified predictions. Grammatical acceptability correlates with
our automatic measure strongly (Pearson's r = 0.795, p = 0.001), allowing us to account for about two thirds of variability
in human judgements. A moderate but statistically insignificant (Pearson's r = 0.422, p = 0.356) correlation is found with
judgements of meaning preservation, indicating that the contextual window of five content words used for our automatic
measure may need to be extended.
Biometrics
Adaptive and distributed cryptography for signature biometrics protection
Show abstract
The most emerging technology for people identification and authentication is biometrics. In contrast with
traditional recognition approaches, biometric authentication relies on who a person is or what a person does,
being based on strictly personal traits, much more difficult to be forgotten, lost, stolen, copied or forged than
traditional data. In this paper, we focus on two vulnerable points of biometric systems: the database where the
templates are stored and the communication channel between the stored templates and the matcher. Specifically,
we propose a method, based on user adaptive error correction codes, to achieve securitization and cancelability of
the stored templates applied to dynamic signature features. More in detail, the employed error correction code is
tailored to the intra-class variability of each user's signature features. This leads to an enhancement of the system
performance expressed in terms of false acceptance rate. Moreover, in order to avoid corruption or interception
of the stored templates in the transmission channels, we propose a scheme based on threshold cryptography:
the distribution of the certificate authority functionality among a number of nodes provides distributed, fault-tolerant,
and hierarchical key management services. Experimental results show the effectiveness of our approach,
when compared to traditional non-secure correlation-based classifiers.
Analyzing a multimodal biometric system using real and virtual users
Show abstract
Three main topics of recent research on multimodal biometric systems are addressed in this article: The lack of
sufficiently large multimodal test data sets, the influence of cultural aspects and data protection issues of multimodal
biometric data. In this contribution, different possibilities are presented to extend multimodal databases by generating
so-called virtual users, which are created by combining single biometric modality data of different users. Comparative
tests on databases containing real and virtual users based on a multimodal system using handwriting and speech are
presented, to study to which degree the use of virtual multimodal databases allows conclusions with respect to
recognition accuracy in comparison to real multimodal data. All tests have been carried out on databases created from
donations from three different nationality groups. This allows to review the experimental results both in general and in
context of cultural origin. The results show that in most cases the usage of virtual persons leads to lower accuracy than
the usage of real users in terms of the measurement applied: the Equal Error Rate. Finally, this article will address the
general question how the concept of virtual users may influence the data protection requirements for multimodal
evaluation databases in the future.
Digital watermarking of biometric speech references: impact to the EER system performance
Show abstract
The evaluation of digital watermarks has grown into an important research area. The usage of profiles for application
oriented evaluation provides an efficient and aimed strategy to evaluate and compare watermarking schemes according to
a predefined watermark parameter setting. Based on first evaluations in [5, 16], in this paper, we present a new
application profile (called Biometrics) and exemplary test results for audio watermarking evaluations. Therefore, we
combine digital watermark evaluation and a biometric authentication system. This application scenario is as follows:
Audio watermarking schemes are used to embed metadata into the speech reference data of the biometric speaker
recognition system. Metadata in our context may consist of feature template representations complementary to the speech
modality, such as iris codes or biometric hashes, ancillary information about the social, cultural or biological context of
the owner of the biometric data or technical details of the sensor. As during watermark embedding the cover signal is
changed, the test results show how different watermarking schemes affect the biometric error rates and speech
performance of the biometric system depending on the embedding capacity and embedding transparency. Therefore, the
biometric error rates are measured for each watermarking scheme, the effect of embedding is shown, and its influence is
analyzed. The transparency of an embedding function is manly measured with subjective or objective tests. In this paper,
we introduce a new objective test called Biometric Difference Grade (BDG) to evaluate the quality for biometric speech
signal modifications on the example of four audio watermarking algorithms.
How to protect biometric templates
Show abstract
In addition to the inherent qualities that biometrics posses, powerful signal processing tools enabled widespread
deployment of the biometric-based identification/verification systems. However, due to the nature of biometric
data, well-established cryptographic tools (such as hashing, encryption, etc.) are not sufficient for solving one of
the most important problems related to biometric systems, namely, template security. In this paper, we examine
and show how to apply a recently proposed secure sketch scheme in order to protect the biometric templates.
We consider face biometrics and study how the performance of the authentication scheme would be affected after
the application of the secure sketch. We further study the trade-off between the performance of the scheme and
the bound of the entropy loss from the secure sketch.
Error exponent analysis of person identification based on fusion of dependent/independent modalities
Show abstract
In this paper we analyze performance limits of multimodal biometric identification systems. We consider impact
of the inter-modal dependencies on the attainable probabilities of error and demonstrate that an expected
performance gain from fusion of dependent modalities is significantly higher than in the case when one fuses
independent signals. Finally, in order to demonstrate the efficiency of dependent modality fusion, we perform the
problem analysis in the Gaussian formulation and show the performance enhancement versus the independent
case.
BOWS
The first BOWS contest (Break Our Watermarking System)
Show abstract
In the framework of the activities carried out by the European Network of Excellence for Cryptology ECRYPT, a 4-year
network of excellence funded within the Information Societies Technology (IST) Programme of the European Commission's
Sixth Framework Programme (FP6), it was proposed to launch the BOWS Contest. BOWS, acronym of Break Our
Watermarking System, was designed to allow to investigate how and when an image watermarking system can be broken
though preserving the highest possible quality of the modified content, in case that the watermarking system is subjected to
a world-wide attack. BOWS contest was not intended as an attempt to prove how well-performing a watermarking system
is, but it was expected by means of this test to better understand which are the disparate possible attacks, perhaps unknown
at the moment of the start of the contest, the BOWS participants could carry out to perform their action and comprehend
in this way the degree of difficulty of breaking the embedded watermark. This paper describes how the Contest has been
designed and analyzes the general progress of the attacks during the Contest.
The good, the bad, and the ugly: three different approaches to break their watermarking system
Show abstract
The Good is Blondie, a wandering gunman with a strong personal sense of honor. The Bad is Angel Eyes, a sadistic hitman who always hits his mark. The Ugly is Tuco, a Mexican bandit who's always only looking out for himself. Against the backdrop of the BOWS contest, they search for a watermark in gold buried in three images. Each knows only a portion of the gold's exact location, so for the moment they're dependent on each other. However, none are particularly inclined to share...
Watermarking attack: BOWS contest
Show abstract
In this paper, we describe some attack strategies we have applied to three different grayscale watermarked images
in the particular context of BOWS (Break Our Watermarking System) Contest1; we also propose a possible use
of BOWS as a teaching tool for master students.
Tangential sensitivity analysis of watermarks using prior information
John W. Earl
Show abstract
A novel sensitivity analysis attack is introduced in the context of the BOWS (Break Our Watermarking System)
contest.1 The method follows the boundary of the detection region, rather than directly estimating the normal
to the boundary, so it is applicable even if the boundary is not well approximated by a hyperplane. To improve
efficiency, we employ search directions scaled using a model of perceptual masking.
Tackling BOWS with the sensitivity attack
Show abstract
We present our results in the first BOWS
challenge (Break Our Watermarking System). There were three
given digital photos containing an invisible watermark that
was introduced using informed coding and embedding. The goal
was to remove the watermark from the photos while keeping a
minimum quality of at least 30 dB PSNR (peak signal to noise
ratio).
We focus on the method used to win the second phase of the
contest with about 58 dB PSNR (18 dB ahead of the best
fellow contributions). This method will be viewed from three
different perspectives: Phase one and two of the contest as
well as with complete knowledge about the implementation and
the secret key.
Two different approaches for attacking BOWS
Show abstract
From December 15, 2005 to June 15, 2006 the watermarking community was challenged to remove the watermark
from 3 different 512×512 watermarked images while maximizing the Peak Signal to Noise Ratio (PSNR) measured
by comparing the watermarked signals with their attacked counterparts. This challenge, which bore the inviting
name of Break Our Watermarking System (BOWS),1 and was part of the activities of the European Network
of Excellence ECRYPT, had as its main objective to enlarge the current knowledge on attacks to watermarking
systems; in this sense, BOWS was not aimed at checking the vulnerability of the specific chosen watermarking
scheme against attacks, but to inquire in the different strategies the attackers would follow to achieve their target.
In this paper the main results obtained by the authors when attacking the BOWS system are introduced.
Mainly, the strategies followed can be divided into two different approaches: blind sensitivity attacks and exhaustive
search of the secret key.
How we broke the BOWS watermark
Show abstract
From December 2005 to March of 2006, the Break Our Watermarking System (BOWS) contest challenged
researchers to break an image watermark of unknown design. The attacked images had to possess a minimum
quality level of 30 dB PSNR, and the winners would be those of highest average quality over three images.
Our research team won this challenge, employing the strategy of reverse-engineering the watermark before any
attempts to attack it in earnest. We determined the frequency transform, sub-band, and an exploitable quirk in
the detector that made it sensitive to noise spikes. Of interest is our overall methodology of reverse-engineering
through severe false alarms, and we introduce a new concept, "superrobustness," which despite its positive name
is a security flaw.
Video
Adaptive MPEG-2 video data hiding scheme
Show abstract
We have investigated adaptive mechanisms for high-volume transform-domain data hiding in MPEG-2 video
which can be tuned to sustain varying levels of compression attacks. The data is hidden in the uncompressed domain
by scalar quantization index modulation (QIM) on a selected set of low-frequency discrete cosine transform
(DCT) coefficients. We propose an adaptive hiding scheme where the embedding rate is varied according to the
type of frame and the reference quantization parameter (decided according to MPEG-2 rate control scheme) for
that frame. For a 1.5 Mbps video and a frame-rate of 25 frames/sec, we are able to embed almost 7500 bits/sec.
Also, the adaptive scheme hides 20% more data and incurs significantly less frame errors (frames for which the
embedded data is not fully recovered) than the non-adaptive scheme. Our embedding scheme incurs insertions
and deletions at the decoder which may cause de-synchronization and decoding failure. This problem is solved
by the use of powerful turbo-like codes and erasures at the encoder. The channel capacity estimate gives an idea
of the minimum code redundancy factor required for reliable decoding of hidden data transmitted through the
channel. To that end, we have modeled the MPEG-2 video channel using the transition probability matrices
given by the data hiding procedure, using which we compute the (hiding scheme dependent) channel capacity.
Digital video watermarking in P-frames
Show abstract
Most video watermarking algorithms embed the watermark in I-frames, which are essential for the video signal,
but refrain from embedding anything in P- and B-frames that are highly compressed by motion compensation.
Furthermore, these algorithms do not take advantage of temporal masking in subjective perception of the video.
In this paper, we explore the capacity of P-frames and the temporal masking effect in the video signal. The
challenge in embedding watermark bits in P-frames is that the video bit rate can increase significantly. Thus, we
choose to embed watermark bits only in nonzero AC residuals in P-frames. Changing zero-valued coefficients to
nonzero values can significantly increase the video bit rate because H.264 (and earlier coders as well) uses run
length codes. We show that avoiding zero-valued coefficients significantly reduces the percentage increase in the
compressed video bit rate and makes watermark embedding in P-frames practical. Since the nonzero residuals
in P-frames correspond to non-flat areas that are in motion, temporal and texture masking will be exploited at
the same time. This is confirmed by showing the resemblance of the plots of the number of nonzero residuals in
each frame to motion intensity plots.
Framework for combined video frame synchronization and watermark detection
Show abstract
Most of the MPEG watermarking schemes can only be embedded into I-frames. The other frames will not be marked.
Different attacks like frame rate changing can change the frame type of the marked I-frames. Thus the watermark could
be detected from wrong I-frames.
Due to these attacks an important issue of digital watermarking solutions for MPEG video is the temporal
synchronization of the video material to the proportions before the attacks to detect the watermark successfully. The
synchronization information can be embed as part of the information watermark or as a second watermark. The
weakness point is with the destruction of the synchronization information the watermark can not be detected more.
We provide a solution which analyzes the I-frames based on a robust image hash system. The hash solution was
developed for JPEG images and can also be used for MPEG I-frames because of their similar structure. The hash values
are robust against common manipulations, like compression, and can be used to detect the marked frames also after
manipulations at the video material. We analyze the usability of the image hash system and develop a concept based on
video and MPEG properties.
Forensics III
Source digital camcorder identification using sensor photo response non-uniformity
Show abstract
Photo-response non-uniformity (PRNU) of digital sensors was recently proposed [1] as a unique identification fingerprint
for digital cameras. The PRNU extracted from a specific image can be used to link it to the digital camera that took the
image. Because digital camcorders use the same imaging sensors, in this paper, we extend this technique for
identification of digital camcorders from video clips. We also investigate the problem of determining whether two video
clips came from the same camcorder and the problem of whether two differently transcoded versions of one movie came
from the same camcorder. The identification technique is a joint estimation and detection procedure consisting of two
steps: (1) estimation of PRNUs from video clips using the Maximum Likelihood Estimator and (2) detecting the presence
of PRNU using normalized cross-correlation. We anticipate this technology to be an essential tool for fighting piracy of
motion pictures. Experimental results demonstrate the reliability and generality of our approach.
Blind identification of cellular phone cameras
Show abstract
In this paper, we focus on blind source cell-phone identification problem. It is known various artifacts in the image processing pipeline, such as pixel defects or unevenness of the responses in the CCD sensor, black current noise, proprietary interpolation algorithms involved in color filter array [CFA] leave telltale footprints. These artifacts, although often imperceptible, are statistically stable and can be considered as a signature of the camera type or even of the individual device. For this purpose, we explore a set of forensic features, such as binary similarity measures, image quality measures and higher order wavelet statistics in conjunction SVM classifier to identify the originating cell-phone type. We provide identification results among 9 different brand cell-phone cameras. In addition to our initial results, we applied a set of geometrical operations to original images in order to investigate how much our proposed method is robust under these manipulations.
Forensics for flatbed scanners
Show abstract
Within this article, we investigate possibilities for identifying the origin of images acquired with flatbed scanners. A current method for the identification of digital cameras takes advantage of image sensor noise, strictly speaking, the spatial noise. Since flatbed scanners and digital cameras use similar technologies, the utilization of image sensor noise for identifying the origin of scanned images seems to be possible.
As characterization of flatbed scanner noise, we considered array reference patterns and sensor line reference patterns. However, there are particularities of flatbed scanners which we expect to influence the identification. This was confirmed by extensive tests: Identification was possible to a certain degree, but less reliable than digital camera identification. In additional tests, we simulated the influence of flatfielding and down scaling as examples for such particularities of flatbed scanners on digital camera identification. One can conclude from the results achieved so far that identifying flatbed scanners is possible. However, since the analyzed methods are not able to determine the image origin in all cases, further investigations are necessary.
Intrinsic fingerprints for image authentication and steganalysis
Show abstract
With growing popularity of digital imaging devices and low-cost image editing software, the integrity of image
content can no longer be taken for granted. This paper introduces a methodology for forensic analysis of
digital camera images, based on the observation that many in-camera and post-camera processing operations
leave distinct traces on digital images. We present methods to identify these intrinsic fingerprint traces of
the various processing operations and employ them to verify the authenticity of digital data. We develop
an explicit imaging model to characterize the properties that should be satisfied by a direct camera output,
and model any further processing applied to the camera captured image by a manipulation filter. Utilizing
the manipulation filter coefficients and reference patterns estimated from direct camera outputs using blind
deconvolution techniques, the proposed methods are capable of detecting manipulations made by previously
unseen operations and steganographic embedding.
Scanner identification using sensor pattern noise
Show abstract
Digital images can be captured or generated by a variety of sources including digital cameras and scanners. In
many cases it is important to be able to determine the source of a digital image. This paper presents methods for
authenticating images that have been acquired using flatbed desktop scanners. The method is based on using the
pattern noise of the imaging sensor as a fingerprint for the scanner, similar to methods that have been reported
for identifying digital cameras. To identify the source scanner of an image a reference pattern is estimated for
each scanner and is treated as a unique fingerprint of the scanner. An anisotropic local polynomial estimator is
used for obtaining the reference patterns. To further improve the classification accuracy a feature vector based
approach using an SVM classifier is used to classify the pattern noise. This feature vector based approach is
shown to achieve a high classification accuracy.
A generalized Benford’s law for JPEG coefficients and its applications in image forensics
Show abstract
In this paper, a novel statistical model based on Benford's law for the probability distributions of the first digits of the
block-DCT and quantized JPEG coefficients is presented. A parametric logarithmic law, i.e., the generalized Benford's
law, is formulated. Furthermore, some potential applications of this model in image forensics are discussed in this paper,
which include the detection of JPEG compression for images in bitmap format, the estimation of JPEG compression Qfactor
for JPEG compressed bitmap image, and the detection of double compressed JPEG image. The results of our
extensive experiments demonstrate the effectiveness of the proposed statistical model.
Embedding I
Distortion-free robust watermarking: a case study
Show abstract
This paper investigates the distortion-free robust watermarking by multiple marking. Robust watermarking
is first performed. Then, by reversible watermarking, the information needed to invert both the robust and
the reversible watermarking is embedded. In case of no attacks, the robust watermark is detected and the
authorized party exactly recovers the original. In case of attacks, one can suppose that the robust watermark
can still be detected, but the reversibility is lost. The approach relies on the embedded capacity of the reversible
watermarking. The overall scheme inherits the robustness of the ?rst marking stage. The selection of the robust
and of the reversible watermarking schemes is discussed. In order to improve the robustness of the first marking
stage against the second one a joint marking procedure is proposed. A case study of reversible watermarking
providing very good robustness against JPEG compression is presented.
Hidden context highlighting with JPEG2000 imagery
Show abstract
This contribution motivates and proposes the new idea of embedding and hiding a highlighting of particular
regions within a raster image. Existing approaches tightly combine content and means for highlighting, and
thus, do not allow access control to the emphasized contents or a removal of the accentuation. This is overcome
by the introduced approach taking advantage of the Depth of Field effect of the Human Visual System for
highlighting and features of the JPEG2000 image coding standard for its fast implementation. The proposed
method can be applied to already encoded or plain imagery. The achieved results show that hidden context
highlighting is rather appropriate for emphasizing pre-defined image regions and able to control the access to
the respective contents.
Embedding II
Perceptual data hiding in tree structured Haar transform domain
Show abstract
In this paper a novel, fast, and robust data hiding technique based on key-dependent basis functions is presented.
The particular domain chosen for the embedding is built on the Tree-Structured Haar basis. A weight
function, based on Human Visual System features, is used as a mask for selecting the coefficients to be marked.
Experimental results show the effectiveness of the proposed method.
Other Domains
A method of text watermarking using presuppositions
Show abstract
We propose a method for watermarking texts of arbitrary length using natural-language semantic structures. For the key
of our approach we use the linguistic semantic phenomenon of presuppositions. Presupposition is the implicit
information considered as well-known or which readers of the text are supposed to treat as well-known; this information
is a semantic component of certain linguistic expressions (lexical items and syntactical constructions called
presupposition triggers). The same sentence can be used with or without presupposition, or with a different
presupposition trigger, provided that all the relations between subjects, objects and other discourse referents are
preserved - such transformations will not change the meaning of the sentence. We define the distinct rules for
presupposition identification for each trigger and regular transformation rules for using/non-using the presupposition in
a given sentence (one bit per sentence in this case). Isolated sentences can carry the proposed watermarks. However, the
longer is the text, the more efficient is the watermark. The proposed approach is resilient to main types of random
transformations, like passivization, topicalization, extraposition, preposing, etc. The web of resolved presupposed
information in the text will hold the watermark of the text (e.g. integrity watermark, or prove of ownership), introducing
"secret ordering" into the text structure to make it resilient to "data loss" attacks and "data altering" attacks.
An evaluation of lightweight JPEG2000 encryption with anisotropic wavelet packets
Show abstract
In this paper we evaluate a lightweight encryption scheme for JPEG2000 which relies on a secret transform
domain constructed with anisotropic wavelet packets. The pseudo-random selection of the bases used for transformation
takes compression performance into account, and discards a number of possible bases which lead to
poor compression performance. Our main focus in this paper is to answer the important question of how many
bases remain to construct the keyspace. In order to determine the trade-off between compression performance
and keyspace size, we compare the approach to a method that selects bases from the whole set of anisotropic
wavelet packet bases following a pseudo-random uniform distribution. The compression performance of both
approaches is compared to get an estimate of the range of compression quality in the set of all bases. We then
analytically investigate the number of bases that are discarded for the sake of retaining compression performance
in the compression-oriented approach as compared to selection by uniform distribution. Finally, the question of
keyspace quality is addressed, i.e. how much similarity between the basis used for analysis and the basis used for
synthesis is tolerable from a security point of view and how this affects the lightweight encryption scheme.
Tamper-proofing of electronic and printed text documents via robust hashing and data-hiding
Show abstract
In this paper, we deal with the problem of authentication and tamper-proofing of text documents that can be distributed in electronic or printed forms. We advocate the combination of robust text hashing and text data-hiding technologies as an efficient solution to this problem. First, we consider the problem of text data-hiding in the scope of the Gel'fand-Pinsker data-hiding framework. For illustration, two modern text data-hiding methods, namely color index modulation (CIM) and location index modulation (LIM), are explained. Second, we study two approaches to robust text hashing that are well suited for the considered problem. In particular, both approaches are compatible with CIM and LIM. The first approach makes use of optical character recognition (OCR) and a classical cryptographic message authentication code (MAC). The second approach is new and can be used in some scenarios where OCR does not produce consistent results. The experimental work compares both approaches and shows their robustness against typical intentional/unintentional document distortions including electronic format conversion, printing, scanning, photocopying, and faxing.
Channel model and operational capacity analysis of printed text documents
Show abstract
In today's digital world securing different forms of content is
very important in terms of protecting copyright and verifying
authenticity. One example is watermarking of digital audio and images.
We believe that a marking scheme analogous to digital watermarking
but for documents is very important.
In this paper we describe the use of laser amplitude modulation
in electrophotographic printers to embed information in a text
document. In particular we describe an embedding and detection process
which allows the embedding of between 2 and 8 bits in a single line of text.
For a typical 12 point document this translates to between 100 and 400
bits per page. We also perform an operational analysis to compare two
decoding methods using different embedding densities.
Watermarking geographic vector-data using a variable strip-size scheme
Show abstract
A blind watermarking system for geographic vector-data is proposed which is robust against the following attacks:
polyline simplifications, cropping and shifting of data-points as well as small perturbations caused by random
noise. The watermark information is embedded by changing the x/y-coordinates of the data-points within the
tolerance range of the data. For that purpose the map is divided into horizontal and vertical stripes whose widths
depend on a secret key. Each strip possesses a 0-line and a 1-line. Depending on the watermark information
all points within a stripe are shifted on either one of the two lines. As a consequence of the variable strip-size
structure no extra bits for synchronization are necessary. The application of the proposed scheme is not restricted
to the case of vector geo-data, other kinds of vector-graphics data can be treated in the same way.
Authentication of H.264 streams by direct watermarking of CAVLC blocks
Show abstract
In this work we report on the first H.264 authentication watermarker that operates directly in the bitstream, needing
no video decoding or partial decompression. The main contribution of the work is identification of a watermarkable
code space in H.264 protocol. The algorithm creates "exceptions" in H.264 code space that only the decoder
understands while keeping the bitstream syntax compliant The code space is defined over the Context Adaptive
Variable Length Coded(CAVLC) portion of protocol. What makes this algorithm possible is the discovery that most
of H.264 code space is in fact unused. The watermarker securely maps eligible CAVLC to unused portions of the
code space. Security is achieved through a shared key between embedder and decoder. The watermarked stream
retains its file size, remains visually transparent, is secure against forging and detection. Since the watermark is
placed post compression it remains fragile to re encoding and other tampering attempts.