Multimedia Network Security (Part II: Multimedia Security)ce.sharif.edu/courses/89-90/2/ce873-1/resources... · Direct usage of data to embed and extract Watermark e.g. voltage values

Multimedia Network Security

(Part II: Multimedia Security)

Hamid R. Rabiee

Mostafa Salehi, Fatemeh Dabiran, Hoda Ayatollahi

We have used the resources mentioned in the Reference section of this

presentation (on page 55) to prepare this lecture.

Spring 2011

2

Outlines

Watermarking

Introduction

Applications

Characteristics

Algorithms

Attacks

Secure Media Streaming

Security-enabled networks

Digital Rights Management (DRM) encryption

Copy protection in home networks

dynamic watermarking

Secure Scalable Streaming

Digital Media Lab - Sharif University of Technology

Information Hiding

Information Hiding…..started with

Steganography (art of hidden writing):

The art and science of writing hidden messages in such a way that no one apart

from the intended recipient knows of the existence of the message. The

existence of information is secret.

3 Digital Media Lab - Sharif University of Technology

What is Watermarking and Watermark?

A digital watermark is a “secret key dependent” signal “inserted” into digital

multimedia data.

Embedding Visible/Invisible Codes in Multimedia Data for Security Purpose

Digital Watermarking Media

Video

Audio

To design and implement a copyright protection scheme for music

Images


Steganography vs. Watermarking

Information Hiding (no security concern)

Watermarking (with security concern)


Watermarking Applications

Applications include

Rights management

Copyright protection and ownership Assertion

Authentication, verification and tamper proofing

Content labeling

Usage Control

Fingerprinting


Copyright Protection

Copyright Protection: To prove the

ownership of digital media

The primary reason for using

watermarks is to identify the owner

of the content by an invisible

hidden “mark” that is imprinted

into the image

7

Eg. Cut paste of images

Hidden Watermarks represent

the copyright information


Requirements of the Application

The watermark does not incur visible (or audible) artifacts to the ordinary

users.

The watermark is independent of the data format.

The information carried by the watermark is robust to content

manipulations, compression, and so on.

The watermark can be detected without the unwatermarked original

content.

The watermark can be identified by some kind of “keys” that are used to

identify large number of individual contents uniquely.


Tamper Proofing

Tamper proofing: To find out if

data was tampered.

The objective is not to protect the

contents from being copied or

stolen, but is to provide a method to

authenticate the image and assure

the integrity of the image.

It is especially used by automobile

insurance companies

9

Eg. Change meaning of images

Hidden Watermarks track

change in meaning Issues: Accuracy of detection


Tampering with images

The picture on the left shows an original photo of a car that has been protected

with a watermarking technology.

In the center, the same picture is shown but with a small modification: the

numbers on the license plate have been changed.

The picture on the right shows the photo after running the digital watermark

detection program on the tampered photo.


Requirements of the Application

Invisible to the ordinary users,

Applicable to compressed image format (most digital cameras use JPEG

compatible format)

Sensitive to content manipulations, compression, and so on


Quality Assessment

Quality Assessment: Degradation of Visual Quality

12

Loss of Visual Quality

Hidden Watermarks track change in visual quality


Usage Control

The embedded watermark is transparently passing through the

conventional data path, and will only be detected at the digital recorders.

When the watermark detection is mandated in these recorders, this

watermark can be used to trigger the copy protection mechanism

implemented in it.

the data called Copy Control Information (CCI) is embedded into the

video data to indicate that the status of the contents is “Never Copy”,

“One Copy Allowed” or “Copy Freely”. Recording devices will be

mandated to facilitate a “watermark detector” to detect the embedded

CCI from the incoming and outgoing video data.


Fingerprinting

Fingerprinting: Imperceptible watermarks used to label content for

identification purposes

If content is copied and improperly used, the watermark can be viewed

and the source of the copying can be found


Visible Watermark

Purpose:

Claim the ownership and prevent content piracy.

Properties:

Robust: Watermarks must be very difficult, if not impossible, to be removed.

Non-obtrusive: Watermarks must not affect the audiovisual contents too much.

Visible: It must be visible, but it had better to be insensible.


Visible reversible watermarking for electronic

distribution

Unlike other digital watermarking technologies

described above, the visible reversible watermark

is visible.

This unique form of watermarking technology

allows the content owners to embed a visible shape

or logo mark such as company’s logo on top of the

image

This mark is applied by modifying the Discrete

Cosine Transformation (DCT) coefficients of the

JPEG compressed image following certain pre-

defined rule and visual effect analysis


A watermark may be

Perceptible (e.g. author information in .doc)

Imperceptible (e.g. author information in images)


Watermarking Requirements

Tranparency: the watermark is not visible in the image under

typical viewing conditions

Capacity: ability to detect watermarks with a low probability of

error as the number of watermarked versions of the image increases

Robust: the watermark can still be detected after the image has

undergone some linear or non linear operations

Security: Only be accessible by authorized parties


The Metrics of Watermarking


Watermarking Process

Data (D), Watermark (W), Stego Key (K), Watermarked Data (Dw)

Embed (D, W, K) = Dw

Extract (Dw) = W’ and compare with W

(e.g. find the linear correlation and compare it to a threshold)

Q. How do we make this system secure ?

A. K is secret (Use cryptography to make information hidden more secure)


Data Domain Categorization

Spatial Watermarking

Direct usage of data to embed and extract Watermark

e.g. voltage values for audio data

Transform Based Watermarking

Conversion of data to another format to embed and extract.

e.g. Conversion to polar co-ordinate systems of 3D models, makes it

robust against scaling


Simplest Watermark – Changing Least Significant Bits

22

What are the drawbacks?


Example:LSB Encoding

23

Original Image Watermark


Example:LSB Encoding

24

4 LSBs Watermarked 7 LSBs Watermarked


Changing LSB in the block-based frequency domain


Changing LSB in the global frequency domain


Watermarking on Multimedia Content


Extraction Categorization

Informed (Private)

Extract using {D, K, W}

Semi - Blind (Semi-Private)

Extract using {K, W}

Blind (Public)

Extract using {K}

- Blind (requires less information storage)

- Informed techniques are more robust to tampering


Robustness Categorization

Fragile (for tamper proofing e.g. losing watermark implies

tampering)

The watermark should not resist tampering, or would resist

only up to a certain, predetermined extent

Semi-Fragile (robust against user level operations, e.g.

image compression)

Robust (against adversary based attack, e.g. noise addition

to images)

29


Watermarking Example

Application: Copyright Protection

Design Requirements:

- Transparency

- Capacity

- Robustness

- Security


Transparency

Stanford Bunny 3D Model Visible Watermarks in

Bunny Model Distortion

Watermarking

Stanford Bunny 3D Model

Watermarking

Invisible Watermarks in Bunny

Model Minimal Distortion


Robustness

Adversaries can attack the data set and remove the

watermark.

Attacks are generally data dependent e.g.

Compression that adds noise can be used as an

attack to remove the watermark. Different data

types can have different compression schemes.


Robustness

Value Change Attacks

Noise addition e.g. lossy compression

Uniform Affine Transformation e.g. 3D

Model being rotated in 3D space OR image being scaled

If encoding of watermarks are data value dependent

Watermark is lost Extraction process fails


Robustness

Sample loss Attacks

Cropping e.g. Cropping in images

Smoothing e.g. smoothing of audio signals e.g.

Change in Sample rates in audio data change

in sampling rate results in loss of samples

If watermarks are encoded in parts of data set which are

lost Watermark is lost Extraction process fails


Robustness

Reorder Attack

Reversal of sequence of data values e.g. reverse filter in audio signal reverses

the order of data values in time

If encoding is dependent on an order and the order is changed

Watermark is lost Extraction process fails

1 2 3 1 2 3 Attack

0 1 1 1 1 0

Samples in time Samples in time


Capacity

Multiple Watermarks can be supported.

More capacity implies more robustness since watermarks

can be replicated.


Security

In case the key used during watermark is lost anyone can

read the watermark and remove it.

In case the watermark is public, it can be encoded and

copyright information is lost.


Example: IBM Digital Music Content Platform Project

Automatic generation of cue sheets using audio watermarking

Secure and easy distribution of music content

Japanese government funding the project

Cooperation by popular FM radio stations and major Japanese labels


Watermark Attacks

Active Attacks.

Hacker attempts to remove or destroy the watermark.

Watermark detector unable to detect watermark.

Key issue in proof of ownership, fingerprinting, copy control.

Not serious for authentication or covert communication.

Passive Attacks.

Hacker tries to find if a watermark is present.

Removal of watermark is not an aim.

Serious for covert communications.


Watermark Attacks

Forgery Attacks.

Hacker tries to embed a valid watermark.

Serious in authentication.

If hacker embeds a valid authentication watermark, watermark detector can

accept bogus or modified media.

Collusion Attacks.

Hacker uses several copies of watermarked data (images, video etc.) to

construct a copy with no watermark.

Uses several copies to find the watermark.

Serious for fingerprinting applications.


SECURE MEDIA STREAMING


Introduction

Before setting up a secure media distribution system, it is a good idea to

look at your goals.

security analysis

The content

The monetary transaction

The server infrastructure

Although cracking the encryption may appear to be a common threat,

it is difficult and can take a very long time. The more usual threat is

theft of the keys.


Secure Streaming Techniques

Most popular secure video streaming techniques are

Security-enabled networks

Digital Rights Management (DRM) encryption


dynamic watermarking


It is important to understand that each represent a

different level of security and with higher security comes

more restricted distribution.


Choosing Security Level

The greater security method you deploy,

the more restricted the distribution of the content

The greater the security method, the more restricted the distribution of

content can be

Restricting the access to the content by placing on a secure private network would

rank as a high level security measure

watermarking the video with a brand would rank as a low-level measure


Secure Network Method

The easiest and most effective method of protecting your content is not to

allow anyone to be able access it

Restrict the ability for viewing to only those that you intend

The content is protected because only trusted viewers have access to the

network on which the content resides

Even if the intended viewer resides outside the network, they can use the

Microsoft Virtual Private Network (VPN) protocol

Another method of restricted access, even on a private network, is to

hide the IP address of the content

The streaming server itself provides additional security measures.

restricts the client’s ability to save the content


ENCRYPTION AND KEY METHOD (DRM)

In this model, the content is posted on a streaming media server residing

on the Internet

When a client clicks the link, they are required to perform an action such

as provide personal information or purchase a license to view the content

before the content is streamed to their PC.

DRM system components

Content that has been encrypted with DRM protection

License key that decrypts the DRM protected content

Third-party license provider



The primary responsibilities of a DRM system are:

secure delivery of content to users

prevention of unauthorized access

enforcement of usage rules

monitoring of the use of content

A DRM system uses cryptography (symmetric key ciphers, public-key

ciphers and digital signatures) as the centerpiece for security-related

functions, which generally include secure delivery of content, secure

delivery of the content key and the usage rights, and client

authentication.



DRM gives protection of the content and often includes the monetary

transaction.

First, you can encrypt content with DRM protection.

The license key itself will be created when the content is encrypted.

The license key is then securely transmitted or delivered to the third-party license

provider.

The encrypted content is placed on a streaming media server and the content access

link is placed on a web page.

When the client clicks the web link to view the content, the license provider will

transmit the license key to the client’s streaming media player.

The key will unlock the content and the client will be able to view the stream.

The license key is not transferable


DRM Security

Some licenses are valid for a short time period

one method that has been employed to fool such licenses is to change the

computer’s date and time.

A good DRM plug-in should be resistant to such manipulation.



A digital home network (DHN) is a cluster of digital A/V devices including

set-top boxes, TVs, VCRs, DVD players, and general-purpose computing

devices such as personal computers.

The problem of content protection in home networks has the following

dimensions:

protection of content across digital interfaces

protection of content on storage media

management of rights associated with content

2 technical solutions

Encryption based

watermark-based


Solutions

Encryption

makes the content unintelligible through a reversible mathematical

transformation based on a secret key

The theoretical level of security provided by encryption depends on the

cipher strength and key length.

Example: Secure Scalable Streaming

Watermarking

inserts data directly into the content at the expense of imperceptible

degradation in quality

Example: Live Streaming Watermarking


Branding Method

Adding content ownership and copyright information in the stream

header

Watermarking (more effective)

Watermarking aids tracing of stolen content

Video watermarking is quite different from document watermarking since it is

a series of images whereby each frame is imaged with a watermark.

This watermark image resides in an area of the video that will not restrict

the viewing of the content

When streaming video, adding a watermark is done during the encoding process.


Live Streaming Watermarking

For a live event, the content can be captured with and without a

watermark. This would require two encoding sessions

making one captured file an original archive without a watermark

A watermarked version for streaming distribution



Securing communication requires that the data is encrypted before being

transmitted.

SSS, supports end-to-end delivery of encrypted media content and transcoding

is performed without requiring decryption.

SSS encodes media into secure scalable packets using jointly designed scalable

coding, progressive encryption, and packetization techniques.

The SSS framework can in principle be used with any scalable media coder,

e.g. speech, audio, image, video.

It is being standardized as part of JPEG-2000 Part-8 Security (JPSEC)

SSS builds on well-studied cryptographic primitives, such as Advanced

Encryption Standard (AES) for encryption


References

C.Y. Lin, “Topics in Signal Processing and Multimedia Security System”,

Course Slides, Columbia University, New York,, USA, 2006.

Mark D. Fears, “SECURITY AND STREAMING MEDIA – HOW TO

SECURE YOUR VIDEO AND PROTECT YOUR REVENUE”, ViewCast

Corporation, USA, 2006.

A.M. Eskicioglu et al. ,” Security of digital entertainment content from

creation to consumption”, Signal Processing: Image Communication, vol.

18 ,pp 237–262, 2003


56

Any Question

Thank you!


Documents

Multimedia Network Security (Part II: Multimedia Security)ce.sharif.edu/courses/89-90/2/ce873-1/resources... · Direct usage of data to embed and extract Watermark e.g. voltage values