Upload
others
View
2
Download
4
Embed Size (px)
Citation preview
Multimedia Network Security
(Part II: Multimedia Security)
Hamid R. Rabiee
Mostafa Salehi, Fatemeh Dabiran, Hoda Ayatollahi
We have used the resources mentioned in the Reference section of this
presentation (on page 55) to prepare this lecture.
Spring 2011
2
Outlines
Watermarking
Introduction
Applications
Characteristics
Algorithms
Attacks
Secure Media Streaming
Security-enabled networks
Digital Rights Management (DRM) encryption
Copy protection in home networks
dynamic watermarking
Secure Scalable Streaming
Digital Media Lab - Sharif University of Technology
Information Hiding
Information Hiding…..started with
Steganography (art of hidden writing):
The art and science of writing hidden messages in such a way that no one apart
from the intended recipient knows of the existence of the message. The
existence of information is secret.
3 Digital Media Lab - Sharif University of Technology
What is Watermarking and Watermark?
A digital watermark is a “secret key dependent” signal “inserted” into digital
multimedia data.
Embedding Visible/Invisible Codes in Multimedia Data for Security Purpose
Digital Watermarking Media
Video
Audio
To design and implement a copyright protection scheme for music
Images
4 Digital Media Lab - Sharif University of Technology
Steganography vs. Watermarking
Information Hiding (no security concern)
Watermarking (with security concern)
5 Digital Media Lab - Sharif University of Technology
Watermarking Applications
Applications include
Rights management
Copyright protection and ownership Assertion
Authentication, verification and tamper proofing
Content labeling
Usage Control
Fingerprinting
6 Digital Media Lab - Sharif University of Technology
Copyright Protection
Copyright Protection: To prove the
ownership of digital media
The primary reason for using
watermarks is to identify the owner
of the content by an invisible
hidden “mark” that is imprinted
into the image
7
Eg. Cut paste of images
Hidden Watermarks represent
the copyright information
Digital Media Lab - Sharif University of Technology
Requirements of the Application
The watermark does not incur visible (or audible) artifacts to the ordinary
users.
The watermark is independent of the data format.
The information carried by the watermark is robust to content
manipulations, compression, and so on.
The watermark can be detected without the unwatermarked original
content.
The watermark can be identified by some kind of “keys” that are used to
identify large number of individual contents uniquely.
8 Digital Media Lab - Sharif University of Technology
Tamper Proofing
Tamper proofing: To find out if
data was tampered.
The objective is not to protect the
contents from being copied or
stolen, but is to provide a method to
authenticate the image and assure
the integrity of the image.
It is especially used by automobile
insurance companies
9
Eg. Change meaning of images
Hidden Watermarks track
change in meaning Issues: Accuracy of detection
Digital Media Lab - Sharif University of Technology
Tampering with images
The picture on the left shows an original photo of a car that has been protected
with a watermarking technology.
In the center, the same picture is shown but with a small modification: the
numbers on the license plate have been changed.
The picture on the right shows the photo after running the digital watermark
detection program on the tampered photo.
10 Digital Media Lab - Sharif University of Technology
Requirements of the Application
Invisible to the ordinary users,
Applicable to compressed image format (most digital cameras use JPEG
compatible format)
Sensitive to content manipulations, compression, and so on
11 Digital Media Lab - Sharif University of Technology
Quality Assessment
Quality Assessment: Degradation of Visual Quality
12
Loss of Visual Quality
Hidden Watermarks track change in visual quality
Digital Media Lab - Sharif University of Technology
Usage Control
The embedded watermark is transparently passing through the
conventional data path, and will only be detected at the digital recorders.
When the watermark detection is mandated in these recorders, this
watermark can be used to trigger the copy protection mechanism
implemented in it.
the data called Copy Control Information (CCI) is embedded into the
video data to indicate that the status of the contents is “Never Copy”,
“One Copy Allowed” or “Copy Freely”. Recording devices will be
mandated to facilitate a “watermark detector” to detect the embedded
CCI from the incoming and outgoing video data.
13 Digital Media Lab - Sharif University of Technology
Fingerprinting
Fingerprinting: Imperceptible watermarks used to label content for
identification purposes
If content is copied and improperly used, the watermark can be viewed
and the source of the copying can be found
14 Digital Media Lab - Sharif University of Technology
Visible Watermark
Purpose:
Claim the ownership and prevent content piracy.
Properties:
Robust: Watermarks must be very difficult, if not impossible, to be removed.
Non-obtrusive: Watermarks must not affect the audiovisual contents too much.
Visible: It must be visible, but it had better to be insensible.
15 Digital Media Lab - Sharif University of Technology
Visible reversible watermarking for electronic
distribution
Unlike other digital watermarking technologies
described above, the visible reversible watermark
is visible.
This unique form of watermarking technology
allows the content owners to embed a visible shape
or logo mark such as company’s logo on top of the
image
This mark is applied by modifying the Discrete
Cosine Transformation (DCT) coefficients of the
JPEG compressed image following certain pre-
defined rule and visual effect analysis
16 Digital Media Lab - Sharif University of Technology
A watermark may be
Perceptible (e.g. author information in .doc)
Imperceptible (e.g. author information in images)
17 Digital Media Lab - Sharif University of Technology
Watermarking Requirements
Tranparency: the watermark is not visible in the image under
typical viewing conditions
Capacity: ability to detect watermarks with a low probability of
error as the number of watermarked versions of the image increases
Robust: the watermark can still be detected after the image has
undergone some linear or non linear operations
Security: Only be accessible by authorized parties
18 Digital Media Lab - Sharif University of Technology
The Metrics of Watermarking
19 Digital Media Lab - Sharif University of Technology
Watermarking Process
Data (D), Watermark (W), Stego Key (K), Watermarked Data (Dw)
Embed (D, W, K) = Dw
Extract (Dw) = W’ and compare with W
(e.g. find the linear correlation and compare it to a threshold)
Q. How do we make this system secure ?
A. K is secret (Use cryptography to make information hidden more secure)
20 Digital Media Lab - Sharif University of Technology
Data Domain Categorization
Spatial Watermarking
Direct usage of data to embed and extract Watermark
e.g. voltage values for audio data
Transform Based Watermarking
Conversion of data to another format to embed and extract.
e.g. Conversion to polar co-ordinate systems of 3D models, makes it
robust against scaling
21 Digital Media Lab - Sharif University of Technology
Simplest Watermark – Changing Least Significant Bits
22
What are the drawbacks?
Digital Media Lab - Sharif University of Technology
Example:LSB Encoding
23
Original Image Watermark
Digital Media Lab - Sharif University of Technology
Example:LSB Encoding
24
4 LSBs Watermarked 7 LSBs Watermarked
Digital Media Lab - Sharif University of Technology
Changing LSB in the block-based frequency domain
25 Digital Media Lab - Sharif University of Technology
Changing LSB in the global frequency domain
26 Digital Media Lab - Sharif University of Technology
Watermarking on Multimedia Content
27 Digital Media Lab - Sharif University of Technology
Extraction Categorization
Informed (Private)
Extract using {D, K, W}
Semi - Blind (Semi-Private)
Extract using {K, W}
Blind (Public)
Extract using {K}
- Blind (requires less information storage)
- Informed techniques are more robust to tampering
28 Digital Media Lab - Sharif University of Technology
Robustness Categorization
Fragile (for tamper proofing e.g. losing watermark implies
tampering)
The watermark should not resist tampering, or would resist
only up to a certain, predetermined extent
Semi-Fragile (robust against user level operations, e.g.
image compression)
Robust (against adversary based attack, e.g. noise addition
to images)
29
Digital Media Lab - Sharif University of Technology
Watermarking Example
Application: Copyright Protection
Design Requirements:
- Transparency
- Capacity
- Robustness
- Security
30 Digital Media Lab - Sharif University of Technology
Transparency
Stanford Bunny 3D Model Visible Watermarks in
Bunny Model Distortion
Watermarking
Stanford Bunny 3D Model
Watermarking
Invisible Watermarks in Bunny
Model Minimal Distortion
31 Digital Media Lab - Sharif University of Technology
Robustness
Adversaries can attack the data set and remove the
watermark.
Attacks are generally data dependent e.g.
Compression that adds noise can be used as an
attack to remove the watermark. Different data
types can have different compression schemes.
32 Digital Media Lab - Sharif University of Technology
Robustness
Value Change Attacks
Noise addition e.g. lossy compression
Uniform Affine Transformation e.g. 3D
Model being rotated in 3D space OR image being scaled
If encoding of watermarks are data value dependent
Watermark is lost Extraction process fails
33 Digital Media Lab - Sharif University of Technology
Robustness
Sample loss Attacks
Cropping e.g. Cropping in images
Smoothing e.g. smoothing of audio signals e.g.
Change in Sample rates in audio data change
in sampling rate results in loss of samples
If watermarks are encoded in parts of data set which are
lost Watermark is lost Extraction process fails
34 Digital Media Lab - Sharif University of Technology
Robustness
Reorder Attack
Reversal of sequence of data values e.g. reverse filter in audio signal reverses
the order of data values in time
If encoding is dependent on an order and the order is changed
Watermark is lost Extraction process fails
1 2 3 1 2 3 Attack
0 1 1 1 1 0
Samples in time Samples in time
35 Digital Media Lab - Sharif University of Technology
Capacity
Multiple Watermarks can be supported.
More capacity implies more robustness since watermarks
can be replicated.
36 Digital Media Lab - Sharif University of Technology
Security
In case the key used during watermark is lost anyone can
read the watermark and remove it.
In case the watermark is public, it can be encoded and
copyright information is lost.
37 Digital Media Lab - Sharif University of Technology
Example: IBM Digital Music Content Platform Project
Automatic generation of cue sheets using audio watermarking
Secure and easy distribution of music content
Japanese government funding the project
Cooperation by popular FM radio stations and major Japanese labels
38 Digital Media Lab - Sharif University of Technology
Watermark Attacks
Active Attacks.
Hacker attempts to remove or destroy the watermark.
Watermark detector unable to detect watermark.
Key issue in proof of ownership, fingerprinting, copy control.
Not serious for authentication or covert communication.
Passive Attacks.
Hacker tries to find if a watermark is present.
Removal of watermark is not an aim.
Serious for covert communications.
39 Digital Media Lab - Sharif University of Technology
Watermark Attacks
Forgery Attacks.
Hacker tries to embed a valid watermark.
Serious in authentication.
If hacker embeds a valid authentication watermark, watermark detector can
accept bogus or modified media.
Collusion Attacks.
Hacker uses several copies of watermarked data (images, video etc.) to
construct a copy with no watermark.
Uses several copies to find the watermark.
Serious for fingerprinting applications.
40 Digital Media Lab - Sharif University of Technology
SECURE MEDIA STREAMING
41 Digital Media Lab - Sharif University of Technology
Introduction
Before setting up a secure media distribution system, it is a good idea to
look at your goals.
security analysis
The content
The monetary transaction
The server infrastructure
Although cracking the encryption may appear to be a common threat,
it is difficult and can take a very long time. The more usual threat is
theft of the keys.
42 Digital Media Lab - Sharif University of Technology
Secure Streaming Techniques
Most popular secure video streaming techniques are
Security-enabled networks
Digital Rights Management (DRM) encryption
Copy protection in home networks
dynamic watermarking
Secure Scalable Streaming
It is important to understand that each represent a
different level of security and with higher security comes
more restricted distribution.
43 Digital Media Lab - Sharif University of Technology
Choosing Security Level
The greater security method you deploy,
the more restricted the distribution of the content
The greater the security method, the more restricted the distribution of
content can be
Restricting the access to the content by placing on a secure private network would
rank as a high level security measure
watermarking the video with a brand would rank as a low-level measure
44 Digital Media Lab - Sharif University of Technology
Secure Network Method
The easiest and most effective method of protecting your content is not to
allow anyone to be able access it
Restrict the ability for viewing to only those that you intend
The content is protected because only trusted viewers have access to the
network on which the content resides
Even if the intended viewer resides outside the network, they can use the
Microsoft Virtual Private Network (VPN) protocol
Another method of restricted access, even on a private network, is to
hide the IP address of the content
The streaming server itself provides additional security measures.
restricts the client’s ability to save the content
45 Digital Media Lab - Sharif University of Technology
ENCRYPTION AND KEY METHOD (DRM)
In this model, the content is posted on a streaming media server residing
on the Internet
When a client clicks the link, they are required to perform an action such
as provide personal information or purchase a license to view the content
before the content is streamed to their PC.
DRM system components
Content that has been encrypted with DRM protection
License key that decrypts the DRM protected content
Third-party license provider
46 Digital Media Lab - Sharif University of Technology
ENCRYPTION AND KEY METHOD (DRM)
The primary responsibilities of a DRM system are:
secure delivery of content to users
prevention of unauthorized access
enforcement of usage rules
monitoring of the use of content
A DRM system uses cryptography (symmetric key ciphers, public-key
ciphers and digital signatures) as the centerpiece for security-related
functions, which generally include secure delivery of content, secure
delivery of the content key and the usage rights, and client
authentication.
47 Digital Media Lab - Sharif University of Technology
ENCRYPTION AND KEY METHOD (DRM)
DRM gives protection of the content and often includes the monetary
transaction.
First, you can encrypt content with DRM protection.
The license key itself will be created when the content is encrypted.
The license key is then securely transmitted or delivered to the third-party license
provider.
The encrypted content is placed on a streaming media server and the content access
link is placed on a web page.
When the client clicks the web link to view the content, the license provider will
transmit the license key to the client’s streaming media player.
The key will unlock the content and the client will be able to view the stream.
The license key is not transferable
48 Digital Media Lab - Sharif University of Technology
DRM Security
Some licenses are valid for a short time period
one method that has been employed to fool such licenses is to change the
computer’s date and time.
A good DRM plug-in should be resistant to such manipulation.
49 Digital Media Lab - Sharif University of Technology
Copy protection in home networks
A digital home network (DHN) is a cluster of digital A/V devices including
set-top boxes, TVs, VCRs, DVD players, and general-purpose computing
devices such as personal computers.
The problem of content protection in home networks has the following
dimensions:
protection of content across digital interfaces
protection of content on storage media
management of rights associated with content
2 technical solutions
Encryption based
watermark-based
50 Digital Media Lab - Sharif University of Technology
Solutions
Encryption
makes the content unintelligible through a reversible mathematical
transformation based on a secret key
The theoretical level of security provided by encryption depends on the
cipher strength and key length.
Example: Secure Scalable Streaming
Watermarking
inserts data directly into the content at the expense of imperceptible
degradation in quality
Example: Live Streaming Watermarking
51 Digital Media Lab - Sharif University of Technology
Branding Method
Adding content ownership and copyright information in the stream
header
Watermarking (more effective)
Watermarking aids tracing of stolen content
Video watermarking is quite different from document watermarking since it is
a series of images whereby each frame is imaged with a watermark.
This watermark image resides in an area of the video that will not restrict
the viewing of the content
When streaming video, adding a watermark is done during the encoding process.
52 Digital Media Lab - Sharif University of Technology
Live Streaming Watermarking
For a live event, the content can be captured with and without a
watermark. This would require two encoding sessions
making one captured file an original archive without a watermark
A watermarked version for streaming distribution
53 Digital Media Lab - Sharif University of Technology
Secure Scalable Streaming
Securing communication requires that the data is encrypted before being
transmitted.
SSS, supports end-to-end delivery of encrypted media content and transcoding
is performed without requiring decryption.
SSS encodes media into secure scalable packets using jointly designed scalable
coding, progressive encryption, and packetization techniques.
The SSS framework can in principle be used with any scalable media coder,
e.g. speech, audio, image, video.
It is being standardized as part of JPEG-2000 Part-8 Security (JPSEC)
SSS builds on well-studied cryptographic primitives, such as Advanced
Encryption Standard (AES) for encryption
54 Digital Media Lab - Sharif University of Technology
References
C.Y. Lin, “Topics in Signal Processing and Multimedia Security System”,
Course Slides, Columbia University, New York,, USA, 2006.
Mark D. Fears, “SECURITY AND STREAMING MEDIA – HOW TO
SECURE YOUR VIDEO AND PROTECT YOUR REVENUE”, ViewCast
Corporation, USA, 2006.
A.M. Eskicioglu et al. ,” Security of digital entertainment content from
creation to consumption”, Signal Processing: Image Communication, vol.
18 ,pp 237–262, 2003
55 Digital Media Lab - Sharif University of Technology
56
Any Question
Thank you!
Digital Media Lab - Sharif University of Technology