742 research outputs found
Copyright Protection of Color Imaging Using Robust-Encoded Watermarking
In this paper we present a robust-encoded watermarking method applied to color images for copyright protection, which presents robustness against several geometric and signal processing distortions. Trade-off between payload, robustness and imperceptibility is a very important aspect which has to be considered when a watermark algorithm is designed. In our proposed scheme, previously to be embedded into the image, the watermark signal is encoded using a convolutional encoder, which can perform forward error correction achieving better robustness performance. Then, the embedding process is carried out through the discrete cosine transform domain (DCT) of an image using the image normalization technique to accomplish robustness against geometric and signal processing distortions. The embedded watermark coded bits are extracted and decoded using the Viterbi algorithm. In order to determine the presence or absence of the watermark into the image we compute the bit error rate (BER) between the recovered and the original watermark data sequence. The quality of the watermarked image is measured using the well-known indices: Peak Signal to Noise Ratio (PSNR), Visual Information Fidelity (VIF) and Structural Similarity Index (SSIM). The color difference between the watermarked and original images is obtained by using the Normalized Color Difference (NCD) measure. The experimental results show that the proposed method provides good performance in terms of imperceptibility and robustness. The comparison among the proposed and previously reported methods based on different techniques is also provided
Ownership Protection of Generative Adversarial Networks
Generative adversarial networks (GANs) have shown remarkable success in image
synthesis, making GAN models themselves commercially valuable to legitimate
model owners. Therefore, it is critical to technically protect the intellectual
property of GANs. Prior works need to tamper with the training set or training
process, and they are not robust to emerging model extraction attacks. In this
paper, we propose a new ownership protection method based on the common
characteristics of a target model and its stolen models. Our method can be
directly applicable to all well-trained GANs as it does not require retraining
target models. Extensive experimental results show that our new method can
achieve the best protection performance, compared to the state-of-the-art
methods. Finally, we demonstrate the effectiveness of our method with respect
to the number of generations of model extraction attacks, the number of
generated samples, different datasets, as well as adaptive attacks
Digital watermarking in medical images
This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University, 05/12/2005.This thesis addresses authenticity and integrity of medical images using watermarking. Hospital Information Systems (HIS), Radiology Information Systems (RIS) and Picture Archiving and Communication Systems (P ACS) now form the information infrastructure for today's healthcare as these provide new ways to store, access and distribute medical data that also involve some security risk. Watermarking can be seen as an additional tool for security measures. As the medical tradition is very strict with the quality of biomedical images, the watermarking method must be reversible or if not, region of Interest (ROI) needs to be defined and left intact. Watermarking should also serve as an integrity control and should be able to authenticate the medical image. Three watermarking techniques were proposed. First, Strict Authentication Watermarking (SAW) embeds the digital signature of the image in the ROI and the image can be reverted back to its original value bit by bit if required. Second, Strict Authentication Watermarking with JPEG Compression (SAW-JPEG) uses the same principal as SAW, but is able to survive some degree of JPEG compression. Third, Authentication Watermarking with Tamper Detection and Recovery (AW-TDR) is able to localise tampering, whilst simultaneously reconstructing the original image
ClearMark: Intuitive and Robust Model Watermarking via Transposed Model Training
Due to costly efforts during data acquisition and model training, Deep Neural
Networks (DNNs) belong to the intellectual property of the model creator.
Hence, unauthorized use, theft, or modification may lead to legal
repercussions. Existing DNN watermarking methods for ownership proof are often
non-intuitive, embed human-invisible marks, require trust in algorithmic
assessment that lacks human-understandable attributes, and rely on rigid
thresholds, making it susceptible to failure in cases of partial watermark
erasure.
This paper introduces ClearMark, the first DNN watermarking method designed
for intuitive human assessment. ClearMark embeds visible watermarks, enabling
human decision-making without rigid value thresholds while allowing
technology-assisted evaluations. ClearMark defines a transposed model
architecture allowing to use of the model in a backward fashion to interwove
the watermark with the main task within all model parameters. Compared to
existing watermarking methods, ClearMark produces visual watermarks that are
easy for humans to understand without requiring complex verification algorithms
or strict thresholds. The watermark is embedded within all model parameters and
entangled with the main task, exhibiting superior robustness. It shows an
8,544-bit watermark capacity comparable to the strongest existing work.
Crucially, ClearMark's effectiveness is model and dataset-agnostic, and
resilient against adversarial model manipulations, as demonstrated in a
comprehensive study performed with four datasets and seven architectures.Comment: 20 pages, 18 figures, 4 table
Estimating Watermarking Capacity in Gray Scale Images Based on Image Complexity
Capacity is one of the most important parameters in image watermarking. Different works have been done on this subject with different assumptions on image and communication channel. However, there is not a global agreement to estimate watermarking capacity. In this paper, we suggest a method to find the capacity of images based on their complexities. We propose a new method to estimate image complexity based on the concept of Region Of Interest (ROI). Our experiments on 2000 images showed that the proposed measure has the best adoption with watermarking capacity in comparison with other complexity measures. In addition, we propose a new method to calculate capacity using proposed image complexity measure. Our proposed capacity estimation method shows better robustness and image quality in comparison with recent works in this field
A Covert Encryption Method for Applications in Electronic Data Interchange
A principal weakness of all encryption systems is that the output data can be ‘seen’ to be encrypted. In other words, encrypted data provides a ‘flag’ on the potential value of the information that has been encrypted. In this paper, we provide a new approach to ‘hiding’ encrypted data in a digital image.
In conventional (symmetric) encryption, the plaintext is usually represented as a binary stream and encrypted using an XOR type operation with a binary cipher. The algorithm used is ideally designed to: (i) generate a maximum entropy cipher so that there is no bias with regard to any bit; (ii) maximize diffusion in terms of key dependency so that a change in any bit of the key can effect any, and potentially all, bits of the cipher. In the work reported here, we consider an approach in which a binary or low-bit plaintext image is encrypted with a decimal integer or floating point cipher using a convolution operation and the output quantized into a 1-bit array generating a binary image ciphertext. This output is then ‘embedded’ in a host image to hide the encrypted information. Embedding is undertaken either in the lowest 1-bit layer or multiple 1-bit layers. Decryption is accomplished by: (i) extracting the binary image from the host image; (ii) correlating the result with the original cipher. In principle, any cipher generator can be used for this purpose and the method has been designed to operate with 24-bit colour images. The approach has a variety of applications and, in this paper, we focus on the authentication and self-authentication of e-documents (letters and certificates, for example) that are communicated over the Internet and are thereby vulnerable to attack (e.g. modification, editing, counterfeiting etc.). In addition to document authentication, the approach considered provides a way of propagating disinformation and a solution to scenarios that require ‘plausible deniability’
Resilient Digital Image Watermarking Using a DCT- Component Perturbation Model
The applications of the Discrete Cosine Transform (DCT) for Computer Generated Imagery, image processingand, in particular, image compression are well known and the DCT also forms the central kernel for a number ofdigital image watermarking methods. In this paper we consider the application of the DCT for producing a highlyrobust method of watermarking images using a block partitioning approach subject to a self-alignment strategyand bit error correction. The applications for the algorithms presented include the copyright protection of imagesand Digital Right Management for image libraries, for example. However, the principal focus of the researchreported in this paper is on the use of print-scan and e-display-scan image authentication for use in e-ticketswhere QR code, for example, are embedded in an full colour image of the ticket holder. This requires that a DCTembedding procedure is developed that is highly robust to blur, noise, geometric distortions such as rotation, shift and barrel and the partial removal of image segments, all of which are consider ed in regard to the resilience of the method proposed and its practical realisation in a real operating environment
Currency security and forensics: a survey
By its definition, the word currency refers to an agreed medium for exchange, a nation’s currency is the formal medium enforced by the elected governing entity. Throughout history, issuers have faced one common threat: counterfeiting. Despite technological advancements, overcoming counterfeit production remains a distant future. Scientific determination of authenticity requires a deep understanding of the raw materials and manufacturing processes involved. This survey serves as a synthesis of the current literature to understand the technology and the mechanics involved in currency manufacture and security, whilst identifying gaps in the current literature. Ultimately, a robust currency is desire
Identifying and Mitigating the Security Risks of Generative AI
Every major technical invention resurfaces the dual-use dilemma -- the new
technology has the potential to be used for good as well as for harm.
Generative AI (GenAI) techniques, such as large language models (LLMs) and
diffusion models, have shown remarkable capabilities (e.g., in-context
learning, code-completion, and text-to-image generation and editing). However,
GenAI can be used just as well by attackers to generate new attacks and
increase the velocity and efficacy of existing attacks.
This paper reports the findings of a workshop held at Google (co-organized by
Stanford University and the University of Wisconsin-Madison) on the dual-use
dilemma posed by GenAI. This paper is not meant to be comprehensive, but is
rather an attempt to synthesize some of the interesting findings from the
workshop. We discuss short-term and long-term goals for the community on this
topic. We hope this paper provides both a launching point for a discussion on
this important topic as well as interesting problems that the research
community can work to address
- …