A NOVEL JOINT PERCEPTUAL ENCRYPTION AND WATERMARKING SCHEME (JPEW) WITHIN JPEG FRAMEWORK

Due to the rapid growth in internet and multimedia technologies, many new commercial applications like video on demand (VOD), pay-per-view and real-time multimedia broadcast etc, have emerged. To ensure the integrity and confidentiality of the multimedia content, the content is usually watermarked and then encrypted or vice versa. If the multimedia content needs to be watermarked and encrypted at the same time, the watermarking function needs to be performed first followed by encryption function. Hence, if the watermark needs to be extracted then the multimedia data needs to be decrypted first followed by extraction of the watermark. This results in large computational overhead. The solution provided in the literature for this problem is by using what is called partial encryption, in which media data are partitioned into two parts - one to be watermarked and the other is encrypted. In addition, some multimedia applications i.e. video on demand (VOD), Pay-TV, pay-per-view etc, allow multimedia content preview which involves „perceptual‟ encryption wherein all or some selected part of the content is, perceptually speaking, distorted with an encryption key. Up till now no joint perceptual encryption and watermarking scheme has been proposed in the literature. In this thesis, a novel Joint Perceptual Encryption and Watermarking (JPEW) scheme is proposed that is integrated within JPEG standard. The design of JPEW involves the design and development of both perceptual encryption and watermarking schemes that are integrated in JPEG and feasible within the „partial‟ encryption framework. The perceptual encryption scheme exploits the energy distribution of AC components and DC components bitplanes of continuous-tone images and is carried out by selectively encrypting these AC coefficients and DC components bitplanes. The encryption itself is based on a chaos-based permutation reported in an earlier work. Similarly, in contrast to the traditional watermarking schemes, the proposed watermarking scheme makes use of DC component of the image and it is carried out by selectively substituting certain bitplanes of DC components with watermark bits. vi ii Apart from the aforesaid JPEW, additional perceptual encryption scheme, integrated in JPEG, has also been proposed. The scheme is outside of joint framework and implements perceptual encryption on region of interest (ROI) by scrambling the DCT blocks of the chosen ROI. The performances of both, perceptual encryption and watermarking schemes are evaluated and compared with Quantization Index modulation (QIM) based watermarking scheme and reversible Histogram Spreading (RHS) based perceptual encryption scheme. The results show that the proposed watermarking scheme is imperceptible and robust, and suitable for authentication. Similarly, the proposed perceptual encryption scheme outperforms the RHS based scheme in terms of number of operations required to achieve a given level of perceptual encryption and provides control over the amount of perceptual encryption. The overall security of the JPEW has also been evaluated. Additionally, the performance of proposed separate perceptual encryption scheme has been thoroughly evaluated in terms of security and compression efficiency. The scheme is found to be simpler in implementation, have insignificant effect on compression ratios and provide more options for the selection of control factor

Identification and Mitigation of Information Leakage Caused by Side Channel Vulnerabilities in Network Stack

Keeping users sensitive information secure and private in todays network is challenging. Networks are large, complicated distributed systems and are subject to a wide variety of attacks, such as eavesdropping, identity spoofing, hijacking, etc. What is worse, encrypting data is often not enough in light of advanced threats such as side channel attacks, which enable malicious attackers to infer sensitive data from insignificant network information unexpectedly. For this purpose, we pro- pose series of techniques to prevent such information leakage at different layers in network stacks, and raise awareness of its severity. More specifically, 1) we propose a practical physical (PHY) layer security framework FOG, for effective packet header obfuscation using MIMO, to keep eavesdroppers from receiving any meaningful packet information; 2) we identify and fix a subtle yet serious pure off-path side channel vulnerability (CVE-2016-5696) introduced in both TCP specification and its implementation in Linux kernel, which prevents malicious attackers from exploiting it to indicate arbitrary connections state, reset the connection or even further hijack the connection; 3) we propose a principled TCP side channel vulnerability discovery solution based on model checking and program analysis, and automatically identify 12 new side channel vulnerabilities (and 3 old ones) from TCP implementation in Linux and FreeBSD kernel code. The ultimate goal is to help guide the future design and implementation of network stacks.Keeping users’ sensitive information secure and private in today’s network is challenging. Network nowadays are subject to a wide variety of attacks, such as eavesdropping, identity spoofing, denial of service, etc. What is worse, encrypting sensitive data is often not enough in light of advanced threats such as side channel attacks, which enable malicious attackers to infer sensitive data from “insignificant” network information unexpectedly. For this purpose, we propose series of techniques to prevent such information leakage at different layers in network stack, and raise awareness of its severity. In our first work, we propose a practical physical (PHY) layer security framework FOG, for effective packet header obfuscation using MIMO, to prevent eavesdroppers from receiving any packet headers to profile users. Secondly, we identify and fix a subtle yet serious pure off-path side channel vulnerability (CVE-2016-5696) introduced in both TCP specification and its implementation in Linux kernel. This vulnerability allows malicious attackers to indicate arbitrary TCP connection’s state, reset the connection or even further hijack the connection. Motivated by the fact that most previous TCP side channel vulnerabilities are manually identified, in our last work, we propose a principled TCP side channel vulnerability discovery solution based on model checking and program analysis. It automatically identifies 12 new side channel vulnerabilities (and 3 old ones) from TCP implementation in Linux and FreeBSD kernel code. The ultimate goal of my research is to help guide the future design and implementation of network stacks

A NOVEL JOINT PERCEPTUAL ENCRYPTION AND WATERMARKING SCHEME (JPEW) WITHIN JPEG FRAMEWORK

Due to the rapid growth in internet and multimedia technologies, many new commercial applications like video on demand (VOD), pay-per-view and real-time multimedia broadcast etc, have emerged. To ensure the integrity and confidentiality of the multimedia content, the content is usually watermarked and then encrypted or vice versa. If the multimedia content needs to be watermarked and encrypted at the same time, the watermarking function needs to be performed first followed by encryption function. Hence, if the watermark needs to be extracted then the multimedia data needs to be decrypted first followed by extraction of the watermark. This results in large computational overhead. The solution provided in the literature for this problem is by using what is called partial encryption, in which media data are partitioned into two parts - one to be watermarked and the other is encrypted. In addition, some multimedia applications i.e. video on demand (VOD), Pay-TV, pay-per-view etc, allow multimedia content preview which involves „perceptual‟ encryption wherein all or some selected part of the content is, perceptually speaking, distorted with an encryption key. Up till now no joint perceptual encryption and watermarking scheme has been proposed in the literature. In this thesis, a novel Joint Perceptual Encryption and Watermarking (JPEW) scheme is proposed that is integrated within JPEG standard. The design of JPEW involves the design and development of both perceptual encryption and watermarking schemes that are integrated in JPEG and feasible within the „partial‟ encryption framework. The perceptual encryption scheme exploits the energy distribution of AC components and DC components bitplanes of continuous-tone images and is carried out by selectively encrypting these AC coefficients and DC components bitplanes. The encryption itself is based on a chaos-based permutation reported in an earlier work. Similarly, in contrast to the traditional watermarking schemes, the proposed watermarking scheme makes use of DC component of the image and it is carried out by selectively substituting certain bitplanes of DC components with watermark bits. vi ii Apart from the aforesaid JPEW, additional perceptual encryption scheme, integrated in JPEG, has also been proposed. The scheme is outside of joint framework and implements perceptual encryption on region of interest (ROI) by scrambling the DCT blocks of the chosen ROI. The performances of both, perceptual encryption and watermarking schemes are evaluated and compared with Quantization Index modulation (QIM) based watermarking scheme and reversible Histogram Spreading (RHS) based perceptual encryption scheme. The results show that the proposed watermarking scheme is imperceptible and robust, and suitable for authentication. Similarly, the proposed perceptual encryption scheme outperforms the RHS based scheme in terms of number of operations required to achieve a given level of perceptual encryption and provides control over the amount of perceptual encryption. The overall security of the JPEW has also been evaluated. Additionally, the performance of proposed separate perceptual encryption scheme has been thoroughly evaluated in terms of security and compression efficiency. The scheme is found to be simpler in implementation, have insignificant effect on compression ratios and provide more options for the selection of control factor

Audio watermarking using transformation techniques

Watermarking is a technique, which is used in protecting digital information like images, videos and audio as it provides copyrights and ownership. Audio watermarking is more challenging than image watermarking due to the dynamic supremacy of hearing capacity over the visual field. This thesis attempts to solve the quantization based audio watermarking technique based on both the Discrete Cosine Transform (DCT) and Discrete Wavelet Transform (DWT). The underlying system involves the statistical characteristics of the signal. This study considers different wavelet filters and quantization techniques. A comparison is performed on diverge algorithms and audio signals to help examine the performance of the proposed method. The embedded watermark is a binary image and different encryption techniques such as Arnold Transform and Linear Feedback Shift Register (LFSR) are considered. The watermark is distributed uniformly in the areas of low frequencies i.e., high energy, which increases the robustness of the watermark. Further, spreading of watermark throughout the audio signal makes the technique robust against desynchronized attacks. Experimental results show that the signals generated by the proposed algorithm are inaudible and robust against signal processing techniques such as quantization, compression and resampling. We use Matlab (version 2009b) to implement the algorithms discussed in this thesis. Audio transformation techniques for compression in Linux (Ubuntu 9.10) are applied on the signal to simulate the attacks such as re-sampling, re-quantization, and mp3 compression; whereas, Matlab program for de-synchronized attacks like jittering and cropping. We envision that the proposed algorithm may work as a tool for securing intellectual properties of the musicians and audio distribution companies because of its high robustness and imperceptibility

Tecnologias coerentes para redes ópticas flexíveis

Next-generation networks enable a broad range of innovative services with the best delivery by utilizing very dense wired/wireless networks. However, the development of future networks will require several breakthroughs in optical networks such as high-performance optical transceivers to support a very-high capacity optical network as well as optimization of the network concept, ensuring a dramatic reduction of the cost per bit. At the same time, all of the optical network segments (metro, access, long-haul) need new technology options to support high capacity, spectral efficiency and data-rate flexibility. Coherent detection offers an opportunity by providing very high sensitivity and supporting high spectral efficiency. Coherent technology can still be combined with polarization multiplexing. Despite the increased cost and complexity, the migration to dual-polarization coherent transceivers must be considered, as it enables to double the spectral efficiency. These dual-polarization systems require an additional digital signal processing (DSP) subsystem for polarization demultiplexing. This work seeks to provide and characterize cost-effective novel coherent transceivers for the development of new generation practical, flexible and high capacity transceivers for optical metro-access and data center interconnects. In this regard, different polarization demultiplexing (PolDemux) algorithms, as well as adaptive Stokes will be considered. Furthermore, low complexity and modulation format-agnostic DSP techniques based on adaptive Stokes PolDemux for flexible and customizable optical coherent systems will be proposed. On this subject, the performance of the adaptive Stokes algorithm in an ultra-dense wavelength division multiplexing (U-DWDM) system will be experimentally evaluated, in offline and real-time operations over a hybrid optical-wireless link. In addition, the efficiency of this PolDemux algorithm in a flexible optical metro link based on Nyquist pulse shaping U-DWDM system and hybrid optical signals will be assessed. Moreover, it is of great importance to find a transmission technology that enables to apply the Stokes PolDemux for long-haul transmission systems and data center interconnects. In this work, it is also proposed a solution based on the use of digital multi-subcarrier multiplexing, which improve the performance of long-haul optical systems, without increasing substantially, their complexity and cost.As redes de telecomunicações futuras permitirão uma ampla gama de serviços inovadores e com melhor desempenho. No entanto, o desenvolvimento das futuras redes implicará vários avanços nas redes de fibra ótica, como transcetores óticos de alto desempenho capazes de suportar ligações de muito elevada capacidade, e a otimização da estrutura da rede, permitindo uma redução drástica do custo por bit transportado. Simultaneamente, todos os segmentos de rede ótica (metropolitanas, acesso e longo alcance) necessitam de novas opções tecnológicas para suportar uma maior capacidade, maior eficiência espetral e flexibilidade. Neste contexto, a deteção coerente surge como uma oportunidade, fornecendo alta sensibilidade e elevada eficiência espetral. A tecnologia de deteção coerente pode ainda ser associada à multiplexação na polarização. Apesar de um potencial aumento ao nível do custo e da complexidade, a migração para transcetores coerentes de dupla polarização deve ser ponderada, pois permite duplicar a eficiência espetral. Esses sistemas de dupla polarização requerem um subsistema de processamento digital de sinal (DSP) adicional para desmultiplexagem da polarização. Este trabalho procura fornecer e caracterizar novos transcetores coerentes de baixo custo para o desenvolvimento de uma nova geração de transcetores mais práticos, flexíveis e de elevada capacidade, para interconexões óticas ao nível das futuras redes de acesso e metro. Assim, serão analisados diferentes algoritmos para a desmultiplexagem da polarização, incluindo uma abordagem adaptativa baseada no espaço de Stokes. Além disso, são propostas técnicas de DSP independentes do formato de modulação e de baixa complexidade baseadas na desmultiplexagem de Stokes adaptativa para sistemas óticos coerentes flexíveis. Neste contexto, o desempenho do algoritmo adaptativo de desmultiplexagem na polarização baseado no espaço de Stokes é avaliado experimentalmente num sistema U-DWDM, tanto em análises off-line como em tempo real, considerando um percurso ótico hibrido que combina um sistema de transmissão suportado por fibra e outro em espaço livre. Foi ainda analisada a eficiência do algoritmo de desmultiplexagem na polarização numa rede ótica de acesso flexível U-DWDM com formatação de pulso do tipo Nyquist. Neste trabalho foi ainda analisada a aplicação da técnica de desmultiplexagem na polarização baseada no espaço de Stokes para sistemas de longo alcance. Assim, foi proposta uma solução de aplicação baseada no uso da multiplexagem digital de múltiplas sub-portadoras, tendo-se demonstrado uma melhoria na eficiência do desempenho dos sistemas óticos de longo alcance, sem aumentar significativamente a respetiva complexidade e custo.Programa Doutoral em Engenharia Eletrotécnic

Improved Time and Frequency Synchronization Algorithm for 802.11a Wireless Standard based on the SIGNAL Field

International audienceTime and frequency synchronization in the IEEE 802.11a OFDM (Orthogonal Frequency Division Multiplexing) wireless communication system is addressed in this paper. Usually synchronization algorithms rely only on training sequences specified by the standard. To enhance the synchronization between stations, we propose to extract known information by both the transmitter and the receiver at the IEEE 802.11a physical layer to be then exploited by the receiver in addition to the training sequences. Indeed the parts of the identified SIGNAL field are either known or predictable from the RtS (Request to Send) control frame when the CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) mechanism is triggered jointly to bit-rate adaptation algorithms to the channel. Moreover the received RtS control frame allows the receiver to estimate the channel before time synchronization stage improving then the performance of the proposed synchronization algorithm. Simulation results show that the performance of the proposed synchronization algorithm is improved as compared to existing algorithms

Virtual Runtime Application Partitions for Resource Management in Massively Parallel Architectures

This thesis presents a novel design paradigm, called Virtual Runtime Application Partitions (VRAP), to judiciously utilize the on-chip resources. As the dark silicon era approaches, where the power considerations will allow only a fraction chip to be powered on, judicious resource management will become a key consideration in future designs. Most of the works on resource management treat only the physical components (i.e. computation, communication, and memory blocks) as resources and manipulate the component to application mapping to optimize various parameters (e.g. energy efficiency). To further enhance the optimization potential, in addition to the physical resources we propose to manipulate abstract resources (i.e. voltage/frequency operating point, the fault-tolerance strength, the degree of parallelism, and the configuration architecture). The proposed framework (i.e. VRAP) encapsulates methods, algorithms, and hardware blocks to provide each application with the abstract resources tailored to its needs. To test the efficacy of this concept, we have developed three distinct self adaptive environments: (i) Private Operating Environment (POE), (ii) Private Reliability Environment (PRE), and (iii) Private Configuration Environment (PCE) that collectively ensure that each application meets its deadlines using minimal platform resources. In this work several novel architectural enhancements, algorithms and policies are presented to realize the virtual runtime application partitions efficiently. Considering the future design trends, we have chosen Coarse Grained Reconfigurable Architectures (CGRAs) and Network on Chips (NoCs) to test the feasibility of our approach. Specifically, we have chosen Dynamically Reconfigurable Resource Array (DRRA) and McNoC as the representative CGRA and NoC platforms. The proposed techniques are compared and evaluated using a variety of quantitative experiments. Synthesis and simulation results demonstrate VRAP significantly enhances the energy and power efficiency compared to state of the art.Siirretty Doriast