1. Contrast and Brightness Adjusted Images
Authenticating
Contrast and Brightness Adjusted Images
Using Distributed Source Coding and
Expectation Maximization
Yao-Chung Lin, David Varodayan, and Bernd Girod
Information Systems Laboratory
Stanford University
Torsten Fink and Erwin Bellers
TriMedia Center of Excellence
NXP Semiconductors
Distributed source coding has been applied in many applications, such as low complexity video coding, compression of encrypted signals, and distributed stereo image compression. Today we are going to discuss a new application: image authentication and tampering localization. This is joint work with David and Prof. Girod.

2. Motivation Legitimate Illegitimate
In many applications, media would require compression and transcoding to different format, such as media distribution over P2P multicast, archiving surveillance video, etc. The media at the user side would suffer from two kinds of degradation. Here is an example. The image on the left hand side is compressed and reconstructed by JPEG2000, and we consider this as legitimate. On the right hand side, the image is additionally overplayed by an illegal copyright banner.
After subtracting from original image, the residues on the left hand side are small, but on the right hand side, we could see high magnitude residues. Then we could easily distinguish which is legitimate and which is illegitimate. However, in the media distribution scenario, the original content is usually not available at clients. How can we distinguish legitimate and illegitimate degradations without access to the original?
Legitimate
Illegitimate

3. Outline Review of image authentication
Distributed source codes for image authentication
Authenticating contrast and brightness adjusted images
Before we get into the proposed image authentication scheme, I would like to give some reviews on some existing authentication mechanisms and how to use distributed source codes to authenticate images. Then, I will introduce a Space-vary two-state channel model and how to localize the tampering using distributed source coding. Finally we will discuss about how much data we need to localize the tampering and its performance.

4. Previous Work Fragile/semi-fragile watermarking Robust hashing
[Yeung and Mintzer, 1997], [Wu and Liu, 1998], …
Robust hashing
[Lin and Chang, 2001], [Lu and Liao, 2003], [Swaminathan, Mao, and Wu, 2006]…
Secure biometrics
[Martinian, Yekhanin, and Yedidia, 2005]
[Draper, et al., 2007]
Image authentication using distributed source coding
[Lin, Varodayan, and Girod, 2007]
Distributed grayscale stereo image coding with unsupervised learning of disparity
[Varodayan, et al., 2007]
The media can be embedded with authentication messages by digital watermarking technology. The p2p media distribution requires blind semi-fragile watermarks, since the original media are not available at the receiver, and lossy compressions are necessary. However, the watermarking would require more bit rate for compression and it is not backward-compatible: unmarked content can not be authenticated later.
Media hashing is inspired by cryptographic hashing. A common approach of media hashing is extracting perceptually important features which should also survive compression. The authentication data are generated from compressing these feature or generating their hash values. The users verify the received contents by comparing the hash values to authentication data. Our scheme is related to this method and we also exploit the knowledge of editing variations. We are inspired by the work from MERL: Secure biometrics using syndrome codes.

5. Distributed Source Coding
Admissible rate: ,
Probability of decoding error can be arbitrarily small
Let’s review the last ingredient. This is a specific case of distributed source coding. X and Y are statistically dependent, and Y is only available at the decoder. The Slepian-Wolf result shows that X can be reconstructed with arbitrarily small probability of error when the rate is greater than the conditional entropy of X given Y. This result supports many distributed source coding applications. Every coin has two sides, so does this result. When the rate is less than the conditional entropy of X given Y, the decoding error probability is bounded away from zero. Now, let’s talk about how to use the both sides to authenticate images.
Inadmissible rate: ,
Probability of decoding error bounded away from zero
[Slepian and Wolf, 1973]

6. Two-state Lossy Channel
We first model the image-to-be-authenticated as the output of a two-state lossy channel. In the legitimate state, the channel consists JPEG2000/JPEG compression and reconstruction. In the illegitimate state, the channel additionally applies malicious attacks.

7. Proposed Scheme
We now step by step to introduce the proposed authentication scheme.
The first element is the Slepian-Wolf coded quantized pseudo-random projection coefficients of original image. The projection is blockwise, and the projection basis is the averager dithered by Gaussian pseudo random noise with small variance. This prevents the attack in the null space of fixed projections. Since the authentication data can be requested AFTER receiving the image and the server changes the random seed for each response, the null space of random projection is unknown to attackers.
The receiver generates the side information by using the same projection, and decodes the Slepian-Wolf bitstream. To ensure the decoded result is correctly, we need additional information.
The image digest and the random seed are signed by the private key of the authentication server to form the signature. Now the decoder can confirm the correctness of reconstructed image projection by comparing the image digest in the signature with the hashed reconstructed image projection.

8. Minimum Rate for Successful Decoding
Experiment:
JPEG2000 compression
+ illegitimate text banner
Illegitimate test images
MMSP2007
ICIP2007
ICME2008
PCS2007
We use test images in 512x512 8-bit gray level. The legitimate channel consists of JPEG or JPEG2000 compression, and the illegitimate channel additionally places text banner at a random location.
This plot shows the minimum decodable rate of slepian-wolf bitstream at different legitimate reconstruction qualities.
We use 16x16 blockwise pseudo random projection with dithering variance 0.2 which is empirical selected. The projection coefficient is quantized in 3 bits.
As can be seen, there is a huge rate gap between the legitimate and illegitimate states. The better the legitimate reconstruction quality the smaller the rate for legitimate state, but the rate for the illegitimate state stays high. We select the rate which is just sufficiently to authenticate both legitimate 30dB JPEG2000 and JPEG reconstructions. This rate is very low.
Selected Slepian-Wolf bit rate
JPEG2000 compression
[Lin, Varodayan, and Girod, ICIP’07]

9. Contrast and Brightness Adjustment
©IEEE2008
Stanford
ICME2008
ICME2008
IVMSGroup
Illegitimate
Legitimate
0.8 20
0.9 10
1.0
1.1
-10
1.2
-20 a b

10. Oracle Decoder

11. Practical Decoder
Similar to
[Varodayan, et al., DCC’ 07]

12. Simulation Results Illegitimate Legitimate Oracle decoder 0.8 20 0.9
ICME2008
Illegitimate
ICME2008
ICME2008
Legitimate
Oracle decoder
0.8 20
0.9 10
1.0
1.1
-10
1.2
-20 a b

14. Conclusions
Novel image authentication using distributed source coding combined with EM
Extended robustness against contrast and brightness adjustment
Can localize tampering in contrast and brightness adjusted images (ICIP’08)
Can authenticate cropped and resized images (Submitted to SPIE’09)

15. Further Interest

16. Parameter Estimation If we have complete knowledge of X and Y, then
using the least-squares estimation

17. Estimation for Quantized Signal
Given Y and Xq, ,where Xq = q(X), and we know
Optimality conditions

18. Expectation Maximization Algorithm
Only Y and S(Xq) available at the decoder
E-step gives Qi(xq) = Papp([Xq]i=xq), through one iteration of LDPC decoding
M-step estimates (a,b), by maximizing the lower bound of L(a,b):

19. Revised Two-State Lossy Channel