335 research outputs found
Joint Quantization and Diffusion for Compressed Sensing Measurements of Natural Images
Recent research advances have revealed the computational secrecy of the
compressed sensing (CS) paradigm. Perfect secrecy can also be achieved by
normalizing the CS measurement vector. However, these findings are established
on real measurements while digital devices can only store measurements at a
finite precision. Based on the distribution of measurements of natural images
sensed by structurally random ensemble, a joint quantization and diffusion
approach is proposed for these real-valued measurements. In this way, a
nonlinear cryptographic diffusion is intrinsically imposed on the CS process
and the overall security level is thus enhanced. Security analyses show that
the proposed scheme is able to resist known-plaintext attack while the original
CS scheme without quantization cannot. Experimental results demonstrate that
the reconstruction quality of our scheme is comparable to that of the original
one.Comment: 4 pages, 4 figure
Chosen-plaintext attack of an image encryption scheme based on modified permutation-diffusion structure
Since the first appearance in Fridrich's design, the usage of
permutation-diffusion structure for designing digital image cryptosystem has
been receiving increasing research attention in the field of chaos-based
cryptography. Recently, a novel chaotic Image Cipher using one round Modified
Permutation-Diffusion pattern (ICMPD) was proposed. Unlike traditional
permutation-diffusion structure, the permutation is operated on bit level
instead of pixel level and the diffusion is operated on masked pixels, which
are obtained by carrying out the classical affine cipher, instead of plain
pixels in ICMPD. Following a \textit{divide-and-conquer strategy}, this paper
reports that ICMPD can be compromised by a chosen-plaintext attack efficiently
and the involved data complexity is linear to the size of the plain-image.
Moreover, the relationship between the cryptographic kernel at the diffusion
stage of ICMPD and modulo addition then XORing is explored thoroughly
Adaptive 3D Mesh Steganography Based on Feature-Preserving Distortion
3D mesh steganographic algorithms based on geometric modification are
vulnerable to 3D steganalyzers. In this paper, we propose a highly adaptive 3D
mesh steganography based on feature-preserving distortion (FPD), which
guarantees high embedding capacity while effectively resisting 3D steganalysis.
Specifically, we first transform vertex coordinates into integers and derive
bitplanes from them to construct the embedding domain. To better measure the
mesh distortion caused by message embedding, we propose FPD based on the most
effective sub-features of the state-of-the-art steganalytic feature set. By
improving and minimizing FPD, we can efficiently calculate the optimal
vertex-changing distribution and simultaneously preserve mesh features, such as
steganalytic and geometric features, to a certain extent. By virtue of the
optimal distribution, we adopt the Q-layered syndrome trellis coding (STC) for
practical message embedding. However, when Q varies, calculating bit
modification probability (BMP) in each layer of Q-layered will be cumbersome.
Hence, we contrapuntally design a universal and automatic BMP calculation
approach. Extensive experimental results demonstrate that the proposed
algorithm outperforms most state-of-the-art 3D mesh steganographic algorithms
in terms of resisting 3D steganalysis.Comment: IEEE TVCG major revisio
Intellectual Property Protection for Deep Learning Models: Taxonomy, Methods, Attacks, and Evaluations
The training and creation of deep learning model is usually costly, thus it
can be regarded as an intellectual property (IP) of the model creator. However,
malicious users who obtain high-performance models may illegally copy,
redistribute, or abuse the models without permission. To deal with such
security threats, a few deep neural networks (DNN) IP protection methods have
been proposed in recent years. This paper attempts to provide a review of the
existing DNN IP protection works and also an outlook. First, we propose the
first taxonomy for DNN IP protection methods in terms of six attributes:
scenario, mechanism, capacity, type, function, and target models. Then, we
present a survey on existing DNN IP protection works in terms of the above six
attributes, especially focusing on the challenges these methods face, whether
these methods can provide proactive protection, and their resistances to
different levels of attacks. After that, we analyze the potential attacks on
DNN IP protection methods from the aspects of model modifications, evasion
attacks, and active attacks. Besides, a systematic evaluation method for DNN IP
protection methods with respect to basic functional metrics, attack-resistance
metrics, and customized metrics for different application scenarios is given.
Lastly, future research opportunities and challenges on DNN IP protection are
presented
- …