31-12-2009, 07:37 PM
[attachment=968][attachment=969]
ABSTRACT
Automatic video surveillance (AVS) systems are used for continuous and effective monitoring of dangerous and remote sites. Video data acquired by the automatic video surveillance system can be recorded and presented as a proof in front of court law. But digital video data lacks legal validity due to the ease to manipulate them without leaving any trace of modification. Image authentication is the process of giving a legal validity to the video data. By authentication technique content tampering can be detected and we can indicate the true origin of the data. There are two types of authentication schemes, which are
1. Cryptographic data authentication.
2. Watermarking-based authentication.
In this presentation an attempt is made to present the basic features of the image authentication techniques.
1. INTRODUCTION
This paper explores the various techniques used to authenticate the visual data recorded by the automatic video surveillance system. Automatic video surveillance systems are used for continuous and effective monitoring and reliable control of remote and dangerous sites. Some practical issues must be taken in to account, in order to take full advantage of the potentiality of VS system. The validity of visual data acquired, processed and possibly stored by the VS system, as a proof in front of a court of law is one of such issues. But visual data can be modified using sophisticated processing tools without leaving any visible trace of the modification. So digital or image data have no value as legal proof, since doubt would always exist that they had been intentionally tampered with to incriminate or exculpate the defendant. Besides, the video data can be created artificially by computerized techniques such as morphing. Therefore the true origin of the data must be indicated to use them as legal proof. By data authentication we mean here a procedure capable of ensuring that data have not been tampered with and of indicating their true origin.
2. AUTOMATIC VISUAL SURVEILLANCE SYSTEM
Automatic Visual Surveillance system is a self monitoring system which consists of a video camera unit, central unit and transmission networks.(figure)
A pool of digital cameras is in charge of frame the scene of interest and sent corresponding video sequence to central unit. The central unit is in charge of analyzing the sequence and generating an alarm whenever a suspicious situation is detected. Central unit also transmits the video sequences to an intervention centre such as security service provider, the police department or a security guard unit. Somewhere in the system the video sequence or some part of it may be stored and when needed the stored sequence can be used as a proof in front of court of law. If the stored digital video sequences have to be legally credible, some means must be envisaged to detect content tampering and reliably trace back to the data origin
3. AUTHENTICATION TECHNIQUES
Authentication techniques are performed on visual data to indicate that the data is not a forgery; they should not damage visual quality of the video data. At the same time, these techniques must indicate the malicious modifications include removal or insertion of certain frames, change of faces of individual, time and background etc. Only a properly authenticated video data has got the value as legal proof. There are two major techniques for authenticating video data. They are as follows
1. Cryptographic Data Authentication
It is a straight forward way to provide video authentication, namely through the joint use of asymmetric key encryption and the digital Hash function.
Cameras calculate a digital summary (digest) of the video by means of hash function. Then they encrypt the digest with their private key, thus obtaining a signed digest which is transmitted to the central unit together with acquired sequences. This digest is used to prove data integrity or to trace back to their origin. Signed digest can only read by using public key of the camera.
2. Watermarking- based authentication
Watermarking data authentication is the modern approach to authenticate visual data by imperceptibly embedding a digital watermark signal on the data.
Digital watermarking is the art and science of embedding copyright information in the original files. The information embedded is called ˜watermarks ˜. Digital watermarks are difficult to remove without noticeably degrading the content and are a covert means in situation where copyright fails to provide robustness.
4. CRYPTOGRAPHY
Mounting concern over the new threats to privacy and security has lead to wide spread adoption of cryptography. Cryptography is the science of transforming documents. It has mainly two functions
¢ Encryption
¢ Decryption
The purpose of encryption is to render a document unreadable by all except those who authorize to read it. Cryptographers refer to the content of the original document as plain text. Plain text is converted in to cipher form using an algorithm and a variable or key. The key is a randomly selected string of numbers.
Only after decoding the cipher text using the key the content of the document is revealed to the common people. Encryption schemes are classified in to
1. Symmetric encryption
In which the same key is used to both encode and decode the document.
2. Public key or asymmetric encryption
It requires a pair of keys: one for encrypting the plain text and the other for decrypting the cipher text. A file encrypted with one key of a pair can be decrypted with other key of the same pair.
5. CRYPTOGRAPHIC DATA AUTHENTICATION
To authenticate visual data each video camera is assigned a different public or private key pair, with private key hardwired within the cameras. A document encrypted with the private key of any particular camera can be decrypted with its own public key. This property is used to provide center authentication that is to trace back to the true origin of the data.
Before sending the video sequence to the central unit, cameras calculate a digital summary or digest of the video by means of a proper hash function. The digest is then encrypted with their private key. Encryption is done by considering the digitized value of the brightness of each pixel. Digital signal is a sequence of zeros and ones and it is encrypted with the private key using a proper algorithm. The signed digest thus obtained is then transmitted to the central unit together with the acquired visual sequence.
Later the signal digest is used to prove data integrity or to trace back to their origin. The signed digest is read using the public key of the camera which produce the video and check if it corresponds to the digest derived from the decrypted video content using the same hash function.
Any manipulation of the data will change the calculated image digest derived from the decrypted data. Any discrepancy between the decrypted digest and calculated image digest indicate that the data has been tampered, with identical digest indicates that the data is genuine.
Value of the visual data can be added by tying each frame to the particular label of the instant the frame has been produced yet. This can be achieved by printing date and time of creation of each frame. Any modification of either the date or time could be easily revealed since it would change the locally calculated image digest.
5.1 DRAWBACKS OF CRYPTOGRAPHIC AUTHENTICATION
Even though cryptographic data authentication is highly resistant to content tampering, it suffers from few drawbacks. They are as follows:
1. Knowledge of private key
If the manipulator knows the private key of the camera, he can change the digest to involve the modifications he had made on the actual sequence. But the possibility of such a thing is very small because the private key is hardwired within the camera.
2. Impossible to distinguish between malicious and innocuous modification
It is difficult to distinguish between malicious and innocuous manipulations if cryptography is used. Innocuous modifications include compression of the video sequences. These modifications are usually performed by the central unit whereas digest is calculated on the basis of the uncompressed data by the camera. So on compression the correspondence between the digest and data would be lost.
3. High requirements of video camera
To avoid the above discussed problem, the video camera should perform the compression of the video sequences prior to digest calculation. This requires the video camera to have high computation as storage requirements.
4. Delay in transmission
Digest calculations and encryption introduces a delay in transmission of video documents. This is harmful in system where the timely generation of alarm is critical.
5. Protecting privacy is difficult
A part of the program cannot be removed for privacy reasons since it will alter the calculated digest.
6. WATERMARKING
A digital watermark is a signal that is imperceptibly embedded within digital data. This signal can be detected or extracted by means of computations to make some assertions about the host data.
Digital watermark is a signal which added to a document to authenticate it and to prove the ownership. A commonly encountered digital watermark is the logo most television channels display on the top of the television screen. Not only does it advertise the channel but also provides the legal benefit of having a source signature persist during video recording. Watermark task consists of two main steps
1. Watermark casting:-in which the signal represented by the watermark is transmitted over the channel, that is in watermark casting an encoder function takes a host image Ëœfâ„¢ and a watermark Ëœwâ„¢ and generate a new image
Fw= (f, w)
2. Watermark detection:-in which the signal is received and extracted from possibly corrupted image.
6.1 CLASSIFICATION OF WATERMARKING AUTHENTICATION SCHEMS
The characteristics of watermarking system largely depend on its application scenario. For instant copy write protection application require that the watermark is robust against most common data manipulation,ie its presents can still be detected after nondestructive transformation of host document. Two approaches for watermarking data authentication are possible
1. Fragile watermarking
2. Robust watermarking
Fragile watermarking refers to the case where watermark inserted within the data is lost or altered as soon as host data undergoes any modification. Watermark loss or alternation is taken as evidence that data has been tampered with, whereas the information contained within data used to demonstrate data origin
In case of robust watermarking a summary of the candidate frame or video sequence is computed and is inserted within the video sequence. Information about the data origin is also with the summary. To prove data integrity the information conveyed by the watermark is recovered and compared with the actual content of the sequence. Their mismatch is taken as an evidence of data tampering. The capability to localize the manipulation will depend on the summary of which is embedded in to the image.
6.1.1 ROBUST VERSUS FRAGILE WATERMARK
Semi fragile watermark is more mature than robust watermarking. Tamper localization is easier in fragile watermarking but it is difficult to distinguish between malicious and innocuous manipulations.
Image authentication by means of robust watermarking is very promising with regards to the distinction between malicious and innocuous manipulations. The robustness of such technique depends on the number of bits that can be hidden in to the image.
6.2 REQIREMENTS OF WATERMARKING BASED VS DATA AUTHENTICATION
In order to highlight the peculiarities of VS data authentication. Let us consider the most common requirements for watermarking authentication techniques.
1. The authentication technique must not deteriorate the visual quality of data quality.
2. The authentication technique should be able to identify any unauthorized processing acquired to visual data.
3. The authentication technique should not consider innocuous manipulation, e.g., image compression and zooming, as valid authentication attacks.
4. It should be difficult for unauthorized person to forge an authenticated image.
5. The authentication checking procedure should be easily performed by authorized persons.
6. The authentication checking procedure should localize data tampering.
By considering particular cases the requirement for the authentication of VS data are following.
6.2.1 THE INVISIBILITY CONSTRAINT
The requirement on the deterioration of the visual quality of authenticated data is usually referred to us as invisibility constraint.
The authentication technique must not deteriorate the visual quality of data. In this VS case however this is not crucial issue since VS do not exhibit a quality comparable that of visual data used in a media. VS data acquired by inexpensive, low quality devices. Visual analysis would possibly be carried out in a low court will focus on the semantic content of the image, rather than on their visual quality.
6.2.2 MALICIOUS VERSUS INNOCUOS MANIPULATIONS
The authentication technique should be able to identify any nonauthorized or malicious processing occurred to the visual data. Besides the authentication technique should not consider innocuous manipulation Eg: Image compression or Zooming, as valid authentication techniques.
When data compression is done in central unit the authentication is performed before compression and must survive it. To satisfy privacy complaints, some processing is done on the authenticated video, before it is stored. E.g. for obscuring the faces of persons which are unimportant on the law point of view. This kind of processing as to be considered as innocuous. On the other side, the same processing procedure as to be considered as malicious when information that is important for a court law is removed.
A solution to this problem is offered by authentication techniques capable of localizing manipulations. Once the modification is precisely localized, it will be up to the court law to decide if it is malicious of innocuous.
6.2.3 OTHER REQUIREMENTS
The authentication checking procedure should be easily performed by authorized person and it should be difficult for non authorized person to forge an authenticated image.
6.2.4 VS “ SPECIFIC REQUIREMENTS
Since water marking is performed inside the video camera, water mark embedding should not have high computational demands and should be compressing resistant.
To ensure data integrity, the video sequence is tied to the time and date it has been produced. The easiest way to detect the removal of one or more frames although alternation of the original frame order is to embed on each image a serial number before authenticating tools are applied. In fact such a number can neither be removed nor modified without affecting the authentication check, this making it impossible to remove or change the position of any frame of the sequence.
By embedding in each frame the time and date of its creation in dissoluble page link is created between the sequence content and the time instant, so that legal value of the sequence is completely preserved.
The embedded water mark can be made to depend on the frame number and to bear time information. Frame exchange or substitution would thus be easily detected and acquisition time can be reliably extracted.
In figure below a sketch of a simple VS system in which water marking is used to authenticate VS data in its raw form is given. Time, date and frame serial number are over written to every single frame before authentication. The authenticated sequence is possessed by a central unit for detecting pre-alarm situations and then is compressed for storage purposes. In this case authentication tools should be transparent to the image possessing algorithms applied by the central unit and resistant to compression.
7. WATERMARKING ALGORITHM
A watermarking algorithm for VS data authentication based on semi-fragile watermarking of each frame of the video sequence is described in this section. The various steps for the watermarking process are as follows.
7.1 WATERMARK GENERATION AND EMBEDDING
Watermark generation aims at producing a binary or ternary watermark W(X) using a digital key K and host image f(x). The watermark key corresponds to the image owner or camera that has captured the image. The block diagram of watermark generation and embedding is shown below.
In the proposed method as indicating in the figure the watermark generation by using a pseudo random number generator and appropriate thresholding.
The watermark key used for watermarking a specific frame in the sequence is composed of the camera id and frame number. Generating the watermark key using frame number provides the advantage of producing frame“dependent watermarks.
In this case, frame removal or frame substitution can be easily detected as non authentic. To perform authenticity check, the detection should first know the frame number in the sequence which is always zero.
Watermark embedding is performed by altering all the pixels of the original frame according to the following formula.
Fw(x) = f(x) if w(x) = 0
g1 (f(x), n(x)) if w(x) =-1
g2 (f(x), n(x) if w(x) =1
Where g1g2 are suitably designed function based on x.
n(x) denotes a function that depends on neighborhood of x.
The function g1g2 are called embedding function and are selected so as to detect the inverse detection function. D (fw(x), n(x)). The detection function, when applied to the watermarked image fw(x), produces the watermark w(x).
D (fw(x), N(x)) = w(x)
7.2 WATERMARK DETECTION
In the watermark detection procedure, the detector generates first the water mark for each frame to be checked. To do so, the id number of camera that produce the sequence and the frame number are needed.
A detection function D is defined such that by applying the detection function to the watermarked image a detection image d(x) is produced.
d(x) = D (fw(x), n(x))
Now we frame the false detection image given by
Ew(x) = 1if w(x) 0 and w(x) d(x)
0 otherwise
The false detection image has value 1 if a watermarked pixel is falsely detected and 0 otherwise. The watermarked detection ratio is given by the ratio of the correctly detected pixel to the sum of the watermarked pixels in the image.
Water mark detection ratio Quality loss (%)
(a) (b)
7.3 AUTHENTICATION CHECK
Authentication check is a two level process. A first level decision on image authenticity is taken by comparing the watermark detection of the text image with a pre specified threshold T.
If the first level decision test indicates that the image is somehow altered but authentic, a second level decision test should be performed. This test indicates whether the alternations made on the image are concentrated in certain regions (Malicious tampering) or one spread on the image (innocuous alternations).
(a) (b) ©
a) Initial tampered frame b) False detection image c) Detected tampered regions
8. OTHER APPLICATIONS
1. To protect the intellectual property right of a music publisher who distributes music scores over digital media.
Digital piracy is a serious concern to the musical industry. Customers receive music in digital data format and such data can be pirated and redistributed very easily. By using image score watermarking we can prevent this.
2. It can be used for everything from sending e-mail and storing medical records and legal contracts to conducting on-line transactions.
9. ADVANTATGES
1. Robustness to high quality lossy image compression.
2. Automatic discrimination between malicious and innocuous manipulations.
3. Controllable visual deterioration of the VS sequence by varying the watermark embedding power.
4. Watermark embedding and detection can be performed in real time for digital data.
10. DISADVANTAGES
1. Frame independent watermark can be easily found by comparative analysis of all image sequence frames and then could be easily added again to fake frames.
2. The detector should know the frame number in order to perform authenticity check.
11. CONCLUSION
In these modern eras, visual surveillance system finds application in almost all fields, ranging from commercial to defense. The video data acquired by VS system are forming vital evidence for several legal situations. So for such situations, the importance of authenticating their content is very high. Cryptography and watermarking based authenticating techniques are quite safe and efficient for this purpose and they are likely to remain for quite for some while.
12. REFERENCES
1. C. Ragazoni, G.Fabri, Image Authentication Techniques for VS, Proceedings of IEEE, October 2001.
2. M.M.Yeung and F.Mintzer A watermark for digital image IEEE Spectrum, April 2002.
3. Digital Watermarking for protecting piracy, Electronics for you, January 2003.
4. Encryption wars, IEEE Spectrum, April 2000.
5. ctr.columbia.edu
6. citeseer.nj.necwolfgang96watermark.html
ACKNOWLEDGEMENT
I extend my sincere gratitude towards Prof. P.Sukumaran Head of Department for giving us his invaluable knowledge and wonderful technical guidance
I express my thanks to Mr. Muhammed Kutty our group tutor and also to our staff advisors Ms. Biji Paul, Mr. Noushad V Moosa, Mr. Baiju Karan for their kind co-operation and guidance for preparing and presenting this seminars.
I also thank all the other faculty members of AEI department and my friends for their help and support.
CONTENTS
1. INTRODUCTION
2. AUTOMATIC VISUAL SURVEILLANCE SYSTEM
3. AUTHENTICATION TECHNIQUES
4. CRYPTOGRAPHY
5. CRYPTOGRAPHIC DATA AUTHENTICATION
5.1 DRAWBACKS OF CRYPTOGRAPHIC AUTHENTICATION
6. WATERMARKING
6.1 CLASSIFICATION OF WATERMARKING AUTHENTICATION SCHEMS
6.2 REQIREMENTS OF WATERMARKING BASED VS DATA AUTHENTICATION
7. WATERMARKING ALGORITHM
7.1 WATERMARK GENERATION AND EMBEDDING
7.2 WATERMARK DETECTION
7.3 AUTHENTICATION CHECK
8. OTHER APPLICATIONS
9. ADVANTATGES
10. DISADVANTAGES
11. CONCLUSION
12. REFERENCES
