2,324 research outputs found
Towards Automatic Risk Analysis and Mitigation of Software Applications
This paper proposes a novel semi-automatic risk analysis approach that not only identifies the threats against the assets in a software application, but it is also able to quantify their risks and to suggests the software protections to mitigate them. Built on a formal model of the software, attacks, protections and their relationships, our implementation has shown promising performance on real world applications. This work represents a first step towards a user-friendly expert system for the protection of software applications
Computer Methods and Programs in Biomedicine XXX (2013) XXX‐XXX 1 Effective Management of Medical Information through ROI-Lossless Fragile Image Watermarking Technique
In this article, we have proposed a blind, fragile and Region of Interest (ROI) lossless medical image watermarking (MIW) technique, providing an all-in-one solution tool to various medical data distribution and management issues like security, content authentication, safe archiving, controlled access retrieval and captioning etc. The proposed scheme combines lossless data compression and encryption technique to embed electronic health record (EHR)/DICOM metadata, image hash, indexing keyword, doctor identification code and tamper localization information in the medical images. Extensive experiments (both subjective and objective) were carried out to evaluate performance of the proposed MIW technique. The findings offer suggestive evidence that the proposed MIW scheme is an effective all-in-one solution tool to various issues of medical information management domain. Moreover, given its relative simplicity, the proposed scheme can be applied to the medical images to serve in many medical applications concerned with privacy protection, safety, and management etc. Keywords
Contextual biometric watermarking of fingerprint images
This research presents contextual digital watermarking techniques using face and demographic text data as multiple watermarks for protecting the evidentiary integrity of fingerprint image. The proposed techniques embed the watermarks into selected regions of fingerprint image in MDCT and DWT domains. A general image watermarking algorithm is developed to investigate the application of MDCT in the elimination of blocking artifacts. The application of MDCT has improved the performance of the watermarking technique compared to DCT. Experimental results show that modifications to fingerprint image are visually imperceptible and maintain the minutiae detail. The integrity of the fingerprint image is verified through high matching score obtained from the AFIS system. There is also a high degree of correlation between the embedded and extracted watermarks. The degree of similarity is computed using pixel-based metrics and human visual system metrics. It is useful for personal identification and establishing digital chain of custody. The results also show that the proposed watermarking technique is resilient to common image modifications that occur during electronic fingerprint transmission
Datasets, Clues and State-of-the-Arts for Multimedia Forensics: An Extensive Review
With the large chunks of social media data being created daily and the
parallel rise of realistic multimedia tampering methods, detecting and
localising tampering in images and videos has become essential. This survey
focusses on approaches for tampering detection in multimedia data using deep
learning models. Specifically, it presents a detailed analysis of benchmark
datasets for malicious manipulation detection that are publicly available. It
also offers a comprehensive list of tampering clues and commonly used deep
learning architectures. Next, it discusses the current state-of-the-art
tampering detection methods, categorizing them into meaningful types such as
deepfake detection methods, splice tampering detection methods, copy-move
tampering detection methods, etc. and discussing their strengths and
weaknesses. Top results achieved on benchmark datasets, comparison of deep
learning approaches against traditional methods and critical insights from the
recent tampering detection methods are also discussed. Lastly, the research
gaps, future direction and conclusion are discussed to provide an in-depth
understanding of the tampering detection research arena
Design, Implementation, and Automation of a Risk Management Approach for Man-at-the-End Software Protection
The last years have seen an increase in Man-at-the-End (MATE) attacks against
software applications, both in number and severity. However, software
protection, which aims at mitigating MATE attacks, is dominated by fuzzy
concepts and security-through-obscurity. This paper presents a rationale for
adopting and standardizing the protection of software as a risk management
process according to the NIST SP800-39 approach. We examine the relevant
constructs, models, and methods needed for formalizing and automating the
activities in this process in the context of MATE software protection. We
highlight the open issues that the research community still has to address. We
discuss the benefits that such an approach can bring to all stakeholders. In
addition, we present a Proof of Concept (PoC) decision support system that
instantiates many of the discussed construct, models, and methods and automates
many activities in the risk analysis methodology for the protection of
software. Despite being a prototype, the PoC's validation with industry experts
indicated that several aspects of the proposed risk management process can
already be formalized and automated with our existing toolbox and that it can
actually assist decision-making in industrially relevant settings.Comment: Preprint submitted to Computers & Security. arXiv admin note:
substantial text overlap with arXiv:2011.0726
- …