Pub Date : 2014-12-01DOI: 10.1109/WIFS.2014.7084309
Jingyang Lu, R. Niu
In this paper, the problem of false information injection attack on the Kalman filter in dynamic systems is investigated. It is assumed that the Kalman filter system has no knowledge of the existence of the attacks. To be concrete, a target tracking system is used as an example in the paper. From the adversary's point of view, the best attack strategies are obtained under different scenarios, including a single-sensor system with both position and velocity measurements, and a multi-sensor system with position and velocity measurements. The optimal solutions are solved by maximizing the determinant of the mean squared estimation error matrix, under a constraint on the total power of the injected bias noises. Numerical results are also provided in order to illustrate the effectiveness of the proposed attack strategies.
{"title":"Malicious attacks on state estimation in multi-sensor dynamic systems","authors":"Jingyang Lu, R. Niu","doi":"10.1109/WIFS.2014.7084309","DOIUrl":"https://doi.org/10.1109/WIFS.2014.7084309","url":null,"abstract":"In this paper, the problem of false information injection attack on the Kalman filter in dynamic systems is investigated. It is assumed that the Kalman filter system has no knowledge of the existence of the attacks. To be concrete, a target tracking system is used as an example in the paper. From the adversary's point of view, the best attack strategies are obtained under different scenarios, including a single-sensor system with both position and velocity measurements, and a multi-sensor system with position and velocity measurements. The optimal solutions are solved by maximizing the determinant of the mean squared estimation error matrix, under a constraint on the total power of the injected bias noises. Numerical results are also provided in order to illustrate the effectiveness of the proposed attack strategies.","PeriodicalId":220523,"journal":{"name":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127837536","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/WIFS.2014.7084313
Cecilia Pasquini, G. Boato, F. Pérez-González
The analysis of JPEG compressed images is one of the most studied problems in image forensics, because of the extensive use and the characteristic traces left by such coding operation. In this paper, we propose a novel statistical framework for the identification of previous multiple aligned compressions in JPEG images and the estimation of the quality factors applied. The method has been tested on different datasets and forensic scenarios, where up to three JPEG compressions are considered. Moreover, both in the case of double and triple JPEG encoding with different quality factors, the compression history of each image is estimated. The experiments show good performance and, in most cases, higher accuracies with respect to state-of-the-art methods.
{"title":"Multiple JPEG compression detection by means of Benford-Fourier coefficients","authors":"Cecilia Pasquini, G. Boato, F. Pérez-González","doi":"10.1109/WIFS.2014.7084313","DOIUrl":"https://doi.org/10.1109/WIFS.2014.7084313","url":null,"abstract":"The analysis of JPEG compressed images is one of the most studied problems in image forensics, because of the extensive use and the characteristic traces left by such coding operation. In this paper, we propose a novel statistical framework for the identification of previous multiple aligned compressions in JPEG images and the estimation of the quality factors applied. The method has been tested on different datasets and forensic scenarios, where up to three JPEG compressions are considered. Moreover, both in the case of double and triple JPEG encoding with different quality factors, the compression history of each image is estimated. The experiments show good performance and, in most cases, higher accuracies with respect to state-of-the-art methods.","PeriodicalId":220523,"journal":{"name":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126619543","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/WIFS.2014.7084322
R. Cogranne, Tomáš Denemark, J. Fridrich
The FLD ensemble classifier is a widely used machine learning tool for steganalysis of digital media due to its efficiency when working with high dimensional feature sets. This paper explains how this classifier can be formulated within the framework of optimal detection by using an accurate statistical model of base learners' projections and the hypothesis testing theory. A substantial advantage of this formulation is the ability to theoretically establish the test properties, including the probability of false alarm and the test power, and the flexibility to use other criteria of optimality than the conventional total probability of error. Numerical results on real images show the sharpness of the theoretically established results and the relevance of the proposed methodology.
{"title":"Theoretical model of the FLD ensemble classifier based on hypothesis testing theory","authors":"R. Cogranne, Tomáš Denemark, J. Fridrich","doi":"10.1109/WIFS.2014.7084322","DOIUrl":"https://doi.org/10.1109/WIFS.2014.7084322","url":null,"abstract":"The FLD ensemble classifier is a widely used machine learning tool for steganalysis of digital media due to its efficiency when working with high dimensional feature sets. This paper explains how this classifier can be formulated within the framework of optimal detection by using an accurate statistical model of base learners' projections and the hypothesis testing theory. A substantial advantage of this formulation is the ability to theoretically establish the test properties, including the probability of false alarm and the test power, and the flexibility to use other criteria of optimality than the conventional total probability of error. Numerical results on real images show the sharpness of the theoretically established results and the relevance of the proposed methodology.","PeriodicalId":220523,"journal":{"name":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125156349","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/WIFS.2014.7084295
A. Sgroi, K. Bowyer, P. Flynn
Metadata about a given face image can include information such as the subject's year of birth, subject gender, and date of acquisition. By determining the degree of metadata matches between the gallery and probe images (such as two subjects having the same gender) we hypothesize that more metadata values that match for an impostor image pair increases the likelihood of a false match. In this work, we explore year of birth, gender, date of acquisition, and expression in an attempt to understand variations in match scores produced by impostor image pairs. Impostor pairs that fall in the weak partition as identified by the previously developed SNoW technique have a slightly larger number of matching metadata values. However, there is little to no statistically significant difference in the scores produced by image pairs with more matching metadata between strong and weak impostor pairs.
{"title":"Metadata-based understanding of impostor pair score variations","authors":"A. Sgroi, K. Bowyer, P. Flynn","doi":"10.1109/WIFS.2014.7084295","DOIUrl":"https://doi.org/10.1109/WIFS.2014.7084295","url":null,"abstract":"Metadata about a given face image can include information such as the subject's year of birth, subject gender, and date of acquisition. By determining the degree of metadata matches between the gallery and probe images (such as two subjects having the same gender) we hypothesize that more metadata values that match for an impostor image pair increases the likelihood of a false match. In this work, we explore year of birth, gender, date of acquisition, and expression in an attempt to understand variations in match scores produced by impostor image pairs. Impostor pairs that fall in the weak partition as identified by the previously developed SNoW technique have a slightly larger number of matching metadata values. However, there is little to no statistically significant difference in the scores produced by image pairs with more matching metadata between strong and weak impostor pairs.","PeriodicalId":220523,"journal":{"name":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"149 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134379701","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/WIFS.2014.7084328
J. François, O. Festor
While the threats in Internet are still increasing and evolving (like intra multi-tenant data center attacks), protection and detection mechanisms are not fully accurate. Therefore, forensics is vital for recovering from an attack but also to identify the responsible entities. Therefore, this paper focuses on tracing back to the sources of an anomaly in the network. In this paper, we propose a method leveraging the Software Defined Networking (SDN) paradigm to passively identify switches composing the network path of an anomaly. As SDN technologies tend to be deployed in the next generation of networks including in data centers, they provide a helpful framework to implement our proposal without developing dedicated routers like usual IP traceback techniques. We evaluated our scheme with different network topologies (Internet and data centers) by considering distributed attacks with numerous hosts.
{"title":"Anomaly traceback using software defined networking","authors":"J. François, O. Festor","doi":"10.1109/WIFS.2014.7084328","DOIUrl":"https://doi.org/10.1109/WIFS.2014.7084328","url":null,"abstract":"While the threats in Internet are still increasing and evolving (like intra multi-tenant data center attacks), protection and detection mechanisms are not fully accurate. Therefore, forensics is vital for recovering from an attack but also to identify the responsible entities. Therefore, this paper focuses on tracing back to the sources of an anomaly in the network. In this paper, we propose a method leveraging the Software Defined Networking (SDN) paradigm to passively identify switches composing the network path of an anomaly. As SDN technologies tend to be deployed in the next generation of networks including in data centers, they provide a helpful framework to implement our proposal without developing dedicated routers like usual IP traceback techniques. We evaluated our scheme with different network topologies (Internet and data centers) by considering distributed attacks with numerous hosts.","PeriodicalId":220523,"journal":{"name":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132694331","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/WIFS.2014.7084300
Pawel Korus, Jaroslaw Bialas, A. Dziech
In this paper we propose a novel scheme for semifragile self-recovery based on iterative filtering of randomly sampled image sections. The scheme exhibits very good robustness against both malicious tampering and lossy JPEG compression with only slight deterioration of the reconstruction quality with attack strength. We describe the operation of the proposed scheme and present the results of its experimental evaluation. We also compare our approach with two state-of-the-art alternatives described in the literature.
{"title":"Iterative filtering for semi-fragile self-recovery","authors":"Pawel Korus, Jaroslaw Bialas, A. Dziech","doi":"10.1109/WIFS.2014.7084300","DOIUrl":"https://doi.org/10.1109/WIFS.2014.7084300","url":null,"abstract":"In this paper we propose a novel scheme for semifragile self-recovery based on iterative filtering of randomly sampled image sections. The scheme exhibits very good robustness against both malicious tampering and lossy JPEG compression with only slight deterioration of the reconstruction quality with attack strength. We describe the operation of the proposed scheme and present the results of its experimental evaluation. We also compare our approach with two state-of-the-art alternatives described in the literature.","PeriodicalId":220523,"journal":{"name":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116486865","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/WIFS.2014.7084327
M. Barni, B. Tondi
We study a new variant of the source identification game with training data in which part of the training data is corrupted by an adversary. In such a scenario, the defender wants to decide whether a test sequence ξn has been drawn from the same source which generated a training sequence tN, part of which has been corrupted by the adversary. By adopting a game theoretical formulation, we derive the unique rationalizable equilibrium of the game in the asymptotic setup. Moreover, by mimicking Stein's lemma, we derive the best achievable performance for the defender, permitting us to analyze the ultimate distinguishability of the two sources.We conclude the paper by comparing the performance of the test with corrupted training to the simpler case in which the adversary can not modify the training sequence, and by deriving the percentage of samples that the adversary needs to modify to make source identification impossible.
{"title":"Source distinguishability under corrupted training","authors":"M. Barni, B. Tondi","doi":"10.1109/WIFS.2014.7084327","DOIUrl":"https://doi.org/10.1109/WIFS.2014.7084327","url":null,"abstract":"We study a new variant of the source identification game with training data in which part of the training data is corrupted by an adversary. In such a scenario, the defender wants to decide whether a test sequence ξn has been drawn from the same source which generated a training sequence tN, part of which has been corrupted by the adversary. By adopting a game theoretical formulation, we derive the unique rationalizable equilibrium of the game in the asymptotic setup. Moreover, by mimicking Stein's lemma, we derive the best achievable performance for the defender, permitting us to analyze the ultimate distinguishability of the two sources.We conclude the paper by comparing the performance of the test with corrupted training to the simpler case in which the adversary can not modify the training sequence, and by deriving the percentage of samples that the adversary needs to modify to make source identification impossible.","PeriodicalId":220523,"journal":{"name":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125186932","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/WIFS.2014.7084323
T. Bianchi, E. Magli
Recent results have shown that the compressed sensing (CS) framework can provide a form of data confidentiality when the signals are sensed by a fully random matrix. In this paper, we extend those results by considering the security achievable by partially circulant sensing matrices generated from a vector of random variables. Circulant matrices, having similar CS recovery performance as fully random matrices and admitting a fast implementation by means of a fast Fourier transform, are more suitable for practical CS systems. Compared to fully random Gaussian matrices, which leak only the energy of the sensed signal, we show that circulant matrices leak also some information on the autocorrelation of the sensed signal. In order to characterize the above information leakage, we propose an operational definition of security linked to the difficulty of distinguishing equal energy signals and we propose practical attacks to test this definition. The results provide interesting insights on the security of such matrices, showing that a properly randomized partially circulant matrix can provide a weak encryption layer if the signal is sparse in the sensing domain.
{"title":"Analysis of the security of compressed sensing with circulant matrices","authors":"T. Bianchi, E. Magli","doi":"10.1109/WIFS.2014.7084323","DOIUrl":"https://doi.org/10.1109/WIFS.2014.7084323","url":null,"abstract":"Recent results have shown that the compressed sensing (CS) framework can provide a form of data confidentiality when the signals are sensed by a fully random matrix. In this paper, we extend those results by considering the security achievable by partially circulant sensing matrices generated from a vector of random variables. Circulant matrices, having similar CS recovery performance as fully random matrices and admitting a fast implementation by means of a fast Fourier transform, are more suitable for practical CS systems. Compared to fully random Gaussian matrices, which leak only the energy of the sensed signal, we show that circulant matrices leak also some information on the autocorrelation of the sensed signal. In order to characterize the above information leakage, we propose an operational definition of security linked to the difficulty of distinguishing equal energy signals and we propose practical attacks to test this definition. The results provide interesting insights on the security of such matrices, showing that a properly randomized partially circulant matrix can provide a weak encryption layer if the signal is sparse in the sensing domain.","PeriodicalId":220523,"journal":{"name":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130539959","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/WIFS.2014.7084298
T. Furon, Mathieu Desoubeaux
This paper deals with active fingerprinting a.k.a. traitor tracing where a collusion of dishonest users merges their individual versions of a content to yield a pirated copy. The Tardos codes are one of the most powerful tools to fight against such collusion process by identifying the colluders. Instead of studying as usual the necessary and sufficient code length in a theoretical setup, we adopt the point of view of the practitioner. We call this the operational mode, i.e. a practical setup where a Tardos code has already been deployed and a pirated copy has been found. This new paradigm shows that the known bounds on the probability of accusing an innocent in the theoretical setup are way too pessimistic. Indeed the practitioner can resort to much tighter bounds because the problem is fundamentally much simpler under the operational mode. In the end, we benchmark under the operational mode several single decoders recently proposed in the literature. We believe this is a fair comparison reflecting what matters in reality.
{"title":"Tardos codes for real","authors":"T. Furon, Mathieu Desoubeaux","doi":"10.1109/WIFS.2014.7084298","DOIUrl":"https://doi.org/10.1109/WIFS.2014.7084298","url":null,"abstract":"This paper deals with active fingerprinting a.k.a. traitor tracing where a collusion of dishonest users merges their individual versions of a content to yield a pirated copy. The Tardos codes are one of the most powerful tools to fight against such collusion process by identifying the colluders. Instead of studying as usual the necessary and sufficient code length in a theoretical setup, we adopt the point of view of the practitioner. We call this the operational mode, i.e. a practical setup where a Tardos code has already been deployed and a pirated copy has been found. This new paradigm shows that the known bounds on the probability of accusing an innocent in the theoretical setup are way too pessimistic. Indeed the practitioner can resort to much tighter bounds because the problem is fundamentally much simpler under the operational mode. In the end, we benchmark under the operational mode several single decoders recently proposed in the literature. We believe this is a fair comparison reflecting what matters in reality.","PeriodicalId":220523,"journal":{"name":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131770810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-12-01DOI: 10.1109/WIFS.2014.7084301
Séverine Baudry, B. Chupeau, Mario de Vito, G. Doërr
Camcording a screen is a common and easy way for a pirate to capture a protected video and circumvent any cryptography-based protection system like DRM. Therefore, antipiracy methods like watermarking should be robust to this type of attack. One effect very often encountered is the flicker effect: image luminance varies periodically along the video, and scrolling stripes may also be observed. Such an effect is due to aliasing, because the higher frequency backlight of the screen is sampled at a lower rate by the camcorder. The stripe effect appears because each line of the image is captured with a small delay with CMOS sensors. We show that the amplitude of the flicker depends on the luminance of the displayed image, as well as on the luminosity of the screen and on the exposure setting of the camcorder. We propose a method to blindly estimate the flicker parameters by studying the spectrum of the camcorded video; then we show how the flicker can be selectively removed without impairing other frequential components of the video. Experiments on camcorded videos show that removing the flicker enable significant improvement in the watermarking detection performances.
{"title":"Modeling the flicker effect in camcorded videos to improve watermark robustness","authors":"Séverine Baudry, B. Chupeau, Mario de Vito, G. Doërr","doi":"10.1109/WIFS.2014.7084301","DOIUrl":"https://doi.org/10.1109/WIFS.2014.7084301","url":null,"abstract":"Camcording a screen is a common and easy way for a pirate to capture a protected video and circumvent any cryptography-based protection system like DRM. Therefore, antipiracy methods like watermarking should be robust to this type of attack. One effect very often encountered is the flicker effect: image luminance varies periodically along the video, and scrolling stripes may also be observed. Such an effect is due to aliasing, because the higher frequency backlight of the screen is sampled at a lower rate by the camcorder. The stripe effect appears because each line of the image is captured with a small delay with CMOS sensors. We show that the amplitude of the flicker depends on the luminance of the displayed image, as well as on the luminosity of the screen and on the exposure setting of the camcorder. We propose a method to blindly estimate the flicker parameters by studying the spectrum of the camcorded video; then we show how the flicker can be selectively removed without impairing other frequential components of the video. Experiments on camcorded videos show that removing the flicker enable significant improvement in the watermarking detection performances.","PeriodicalId":220523,"journal":{"name":"2014 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114453368","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: