Buyer-seller watermarking protocol in digital cinema

Master'sMASTER OF SCIENC

Application of Digital Fingerprinting: Duplicate Image Detection

Identifying the content automatically is the most necessary condition to detect and fight piracy. Watermarking the image is the most basic and common technique to fight piracy. But the effectiveness of watermark is limited. Image fingerprinting provides an alternate and efficient solution for managing and identifying the multimedia content. After registering the original image contents, by comparing the colluded image with the original one, the percentage of distortion can be calculated. In this paper presented are one such fingerprinting-based forensic application: Duplicate image detection. To authenticate image content perceptual hash is an efficient solution. Perceptual hashes of almost similar images or near duplicate images are very similar to each other making it easier to compare images unlike cryptographic hashes which vary very radically even in the case of small distortions. Potential applications are unlimited including digital forensics, protection of copyrighted material etc. However, conventional image hash algorithms only offer a limited authentication level for the protection of overall content. In this work, we compared and contrasted different perceptual hashes and proposed a image hashing algorithm which is an excellent trade off of accuracy and speed

Behavior Modeling and Forensics for Multimedia Social Networks

Within the past decades, the explosive combination of multimedia signal processing, communications and networking technologies has facilitated the sharing of digital multimedia data and enabled pervasive digital media distribution over all kinds of networks. People involved in the sharing and distribution of multimedia contents form \emph{multimedia social networks} in which users share and exchange multimedia content, as well as other resources. Users in a multimedia social network have different objectives and influence each other's decision and performance. It is of ample importance to understand how users interact with and respond to each other and analyze the impact of human factors on multimedia systems. This thesis illustrates various aspects of issues and problems in multimedia social networks via two case studies of human behavior in multimedia fingerprinting and peer-to-peer live streaming. Since media security and content protection is a major issue in current multimedia systems, this thesis first studies the user dynamics of multimedia fingerprinting social networks. We investigate the side information which improves the traitor-tracing performance and provide the optimal strategies for both users (fingerprint detector and the colluders) in the multimedia fingerprinting social network. Furthermore, before a collusion being successfully mounted, the colluders must be stimulated to cooperate with each other and all colluders have to agree on the attack strategy. Therefore, not all types of collusion are possible. We reduce the possible collusion set by analyzing the incentives and bargaining behavior among colluders. We show that the optimal strategies designed based on human behavior can provide more information to the fingerprint detector and effectively improve the collusion resistance. The second part of this thesis focuses on understanding modelling and analyzing user dynamics for users in various types of peer-to-peer live streaming social networks. We stimulate user cooperation by designing the optimal, cheat-proof, and attack-resistant strategies for peer-to-peer live streaming social networks over Internet as well as wireless networks. Also, as more and more smart-phone users subscribe to the live-streaming service, a reasonable market price has to be set to prevent the users from reselling the live video. We start from analyzing the equilibrium between the users who want to resell the video and the potential buyers to provide the optimal price for the content owner

Information Leakage Attacks and Countermeasures

The scientific community has been consistently working on the pervasive problem of information leakage, uncovering numerous attack vectors, and proposing various countermeasures. Despite these efforts, leakage incidents remain prevalent, as the complexity of systems and protocols increases, and sophisticated modeling methods become more accessible to adversaries. This work studies how information leakages manifest in and impact interconnected systems and their users. We first focus on online communications and investigate leakages in the Transport Layer Security protocol (TLS). Using modern machine learning models, we show that an eavesdropping adversary can efficiently exploit meta-information (e.g., packet size) not protected by the TLS’ encryption to launch fingerprinting attacks at an unprecedented scale even under non-optimal conditions. We then turn our attention to ultrasonic communications, and discuss their security shortcomings and how adversaries could exploit them to compromise anonymity network users (even though they aim to offer a greater level of privacy compared to TLS). Following up on these, we delve into physical layer leakages that concern a wide array of (networked) systems such as servers, embedded nodes, Tor relays, and hardware cryptocurrency wallets. We revisit location-based side-channel attacks and develop an exploitation neural network. Our model demonstrates the capabilities of a modern adversary but also presents an inexpensive tool to be used by auditors for detecting such leakages early on during the development cycle. Subsequently, we investigate techniques that further minimize the impact of leakages found in production components. Our proposed system design distributes both the custody of secrets and the cryptographic operation execution across several components, thus making the exploitation of leaks difficult

The Dark Side(-Channel) of Mobile Devices: A Survey on Network Traffic Analysis

In recent years, mobile devices (e.g., smartphones and tablets) have met an increasing commercial success and have become a fundamental element of the everyday life for billions of people all around the world. Mobile devices are used not only for traditional communication activities (e.g., voice calls and messages) but also for more advanced tasks made possible by an enormous amount of multi-purpose applications (e.g., finance, gaming, and shopping). As a result, those devices generate a significant network traffic (a consistent part of the overall Internet traffic). For this reason, the research community has been investigating security and privacy issues that are related to the network traffic generated by mobile devices, which could be analyzed to obtain information useful for a variety of goals (ranging from device security and network optimization, to fine-grained user profiling). In this paper, we review the works that contributed to the state of the art of network traffic analysis targeting mobile devices. In particular, we present a systematic classification of the works in the literature according to three criteria: (i) the goal of the analysis; (ii) the point where the network traffic is captured; and (iii) the targeted mobile platforms. In this survey, we consider points of capturing such as Wi-Fi Access Points, software simulation, and inside real mobile devices or emulators. For the surveyed works, we review and compare analysis techniques, validation methods, and achieved results. We also discuss possible countermeasures, challenges and possible directions for future research on mobile traffic analysis and other emerging domains (e.g., Internet of Things). We believe our survey will be a reference work for researchers and practitioners in this research field.Comment: 55 page

“And all the pieces matter...” Hybrid Testing Methods for Android App's Privacy Analysis

Smartphones have become inherent to the every day life of billions of people worldwide, and they are used to perform activities such as gaming, interacting with our peers or working. While extremely useful, smartphone apps also have drawbacks, as they can affect the security and privacy of users. Android devices hold a lot of personal data from users, including their social circles (e.g., contacts), usage patterns (e.g., app usage and visited websites) and their physical location. Like in most software products, Android apps often include third-party code (Software Development Kits or SDKs) to include functionality in the app without the need to develop it in-house. Android apps and third-party components embedded in them are often interested in accessing such data, as the online ecosystem is dominated by data-driven business models and revenue streams like advertising. The research community has developed many methods and techniques for analyzing the privacy and security risks of mobile apps, mostly relying on two techniques: static code analysis and dynamic runtime analysis. Static analysis analyzes the code and other resources of an app to detect potential app behaviors. While this makes static analysis easier to scale, it has other drawbacks such as missing app behaviors when developers obfuscate the app’s code to avoid scrutiny. Furthermore, since static analysis only shows potential app behavior, this needs to be confirmed as it can also report false positives due to dead or legacy code. Dynamic analysis analyzes the apps at runtime to provide actual evidence of their behavior. However, these techniques are harder to scale as they need to be run on an instrumented device to collect runtime data. Similarly, there is a need to stimulate the app, simulating real inputs to examine as many code-paths as possible. While there are some automatic techniques to generate synthetic inputs, they have been shown to be insufficient. In this thesis, we explore the benefits of combining static and dynamic analysis techniques to complement each other and reduce their limitations. While most previous work has often relied on using these techniques in isolation, we combine their strengths in different and novel ways that allow us to further study different privacy issues on the Android ecosystem. Namely, we demonstrate the potential of combining these complementary methods to study three inter-related issues: • A regulatory analysis of parental control apps. We use a novel methodology that relies on easy-to-scale static analysis techniques to pin-point potential privacy issues and violations of current legislation by Android apps and their embedded SDKs. We rely on the results from our static analysis to inform the way in which we manually exercise the apps, maximizing our ability to obtain real evidence of these misbehaviors. We study 46 publicly available apps and find instances of data collection and sharing without consent and insecure network transmissions containing personal data. We also see that these apps fail to properly disclose these practices in their privacy policy. • A security analysis of the unauthorized access to permission-protected data without user consent. We use a novel technique that combines the strengths of static and dynamic analysis, by first comparing the data sent by applications at runtime with the permissions granted to each app in order to find instances of potential unauthorized access to permission protected data. Once we have discovered the apps that are accessing personal data without permission, we statically analyze their code in order to discover covert- and side-channels used by apps and SDKs to circumvent the permission system. This methodology allows us to discover apps using the MAC address as a surrogate for location data, two SDKs using the external storage as a covert-channel to share unique identifiers and an app using picture metadata to gain unauthorized access to location data. • A novel SDK detection methodology that relies on obtaining signals observed both in the app’s code and static resources and during its runtime behavior. Then, we rely on a tree structure together with a confidence based system to accurately detect SDK presence without the need of any a priory knowledge and with the ability to discern whether a given SDK is part of legacy or dead code. We prove that this novel methodology can discover third-party SDKs with more accuracy than state-of-the-art tools both on a set of purpose-built ground-truth apps and on a dataset of 5k publicly available apps. With these three case studies, we are able to highlight the benefits of combining static and dynamic analysis techniques for the study of the privacy and security guarantees and risks of Android apps and third-party SDKs. The use of these techniques in isolation would not have allowed us to deeply investigate these privacy issues, as we would lack the ability to provide real evidence of potential breaches of legislation, to pin-point the specific way in which apps are leveraging cover and side channels to break Android’s permission system or we would be unable to adapt to an ever-changing ecosystem of Android third-party companies.The works presented in this thesis were partially funded within the framework of the following projects and grants: • European Union’s Horizon 2020 Innovation Action program (Grant Agreement No. 786741, SMOOTH Project and Grant Agreement No. 101021377, TRUST AWARE Project). • Spanish Government ODIO NºPID2019-111429RB-C21/PID2019-111429RBC22. • The Spanish Data Protection Agency (AEPD) • AppCensus Inc.This work has been supported by IMDEA Networks InstitutePrograma de Doctorado en Ingeniería Telemática por la Universidad Carlos III de MadridPresidente: Srdjan Matic.- Secretario: Guillermo Suárez-Tangil.- Vocal: Ben Stoc

An Approach to Guide Users Towards Less Revealing Internet Browsers

When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the sender’s device, browser, and operating system. Previous research has shown that there are numerous privacy and security risks result from exposing sensitive information in the User-Agent string. For example, it enables device and browser fingerprinting and user tracking and identification. Our large analysis of thousands of User-Agent strings shows that browsers differ tremendously in the amount of information they include in their User-Agent strings. As such, our work aims at guiding users towards using less exposing browsers. In doing so, we propose to assign an exposure score to browsers based on the information they expose and vulnerability records. Thus, our contribution in this work is as follows: first, provide a full implementation that is ready to be deployed and used by users. Second, conduct a user study to identify the effectiveness and limitations of our proposed approach. Our implementation is based on using more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available and the solution has been deployed

COLLUDING FINGERPRINTED VIDEO USING THE GRADIENT ATTACK

Digital �ngerprinting is an emerging tool to protect multimedia content from unauthorized distribution by embedding a unique �ngerprint into each user’s copy. Although several �ngerprinting schemes have been proposed in related work, disproportional effort has been targeted towards identifying effective collusion attacks on �ngerprinting schemes. Recent introduction of the gradient attack has re�ned the de�nition of an optimal attack and demonstrated strong effect on direct-sequence, uniformly distributed, and Gaussian spread spectrum �ngerprints when applied to synthetic signals. In this paper, we apply the gradient attack on an existing well-engineered video �ngerprinting scheme, re�ne the attack procedure, and demonstrate that the gradient attack is effective on Laplace �ngerprints. Finally, we explore an improvement on �ngerprint design to thwart the gradient attack. Results suggest that Laplace �ngerprint should be avoided. However, we show that a signal mixed of Laplace and Gaussian �ngerprints may serve as a design strategy to disable the gradient attack and force pirates into averaging as a form of adversary collusion. Index Terms – Multimedia �ngerprinting, collusion resistance, gradient attack