1. Note This is a translation article, outlines some basic characteristics and development status of fragile watermarks. The author is the US Purdue University videos and image processing laboratory Eugene T. LIN and Edward J. DELP. DELP is a well-known figure in the watermark industry, and the old man doing watermarks, and now a lot of watermarks and Workshop are all he calls. Translation is done by G.c.zhang from Tongji University. 2. Introduction
Today's digital multimedia era has facilitated the creation and distribution of image content, but it is easy to copy and edit, which provides conditions for unauthorized use, stealing and misleading. The content provider will naturally care about these issues and watermarks, which is to embed additional information (watermark) to a picture, which has been proposed to protect the owner's rights.
Many watermarks have been developed for a wide range of applications. The watermark can be visible or invisible, and a visible watermark can be easily detected by observation, and the inkwell watermark is designed to be transparent to the observer and detector of the use of the information processing technology. The process of embedding watermarks requires the modification of the original image and, from essentially this water-in-in-in-in-in-in-insertion of a certain number of deformations. This deformation recovery can be used to identify the owner of the image. Visible or visible watermarks utilize the human visual system to minimize the perceived deformation in the watermark image. In various visible watermarks, there is a class of in-depth from the technical perspective to be strong and fragile. A strong watermark is designed to resist attacks that try to remove or destroy the watermark. These attacks include loss of compression, filtering, and geometric zoom ratios. A fragile watermark is designed to detect minimal changes in the watermark image as much as possible. The main application of fragile watermarks is to identify content. As reported in literary works, most watermarking work is in the strong technical field. Many important applications can benefit from the use of fragile watermarks.
3. Application of fragile watermark
A fragile watermark is a mark that can be easily changed or destroyed when the main image is modified by a linear or non-linear transformation. Fragile watermark is not suitable for strengthening the copyright of the digital image, an attacker will try to ruin this already embedded watermark and fragile watermark, can see from the name, it is easy to destroy. Fragile watermarks are used for modified sensitivity such that it is used in image identification. In other words, the party and government organs may be interested in confirming that a picture is not edited from embedded watermarking.
The image identification system is suitable for legal, commercial, national defense and news. Since the digital image becomes easy to modify, a secure appraisal system is useful for proven that there is no tampering when the credibility of an image is suspected. Ordinary examples are embedded in the image in the database to detect tampering, use in the "Credit Camera" to make the news agency to ensure that an image is not forged or edited, and there is a business image. Used in the marker so that a purchaser can determine a trusted when receiving the image you bought. The additional situation is included in court evidence, news photography or image used in espionage.
Another method of checking authenticity of a digital product is to use a signature system. In a signature system, the summary of the data to be identified is included by the action of a messy signal written with a password. Then this summary is signed in a password to generate a signature that must be original data. Subsequently, a recipient is verified by checking the summary of the data (possibly amended) and cuts it to determine if this data is credible. Although the purpose of fragile watermarks and digital signature systems is similar, the watermark system has some advantages over the image data (watermark insertion) in image data compared to the signature system. Since a watermark is directly embedded in image data, it is not necessary for the authenticity test (this and the digital signature is not the same because the signature itself must contact the transmitted data). Therefore, the identification information required during the authenticity test is carefully hidden and more difficult than the digital signature is more difficult. Moreover, the digital signature system treats an image as an arbitrary bitstream and does not develop its unique structure. So a signature system may find an image is improved but cannot find changes. Many watermark systems can determine which parts of a watermarking image have changed and which parts are not, and can estimate the type of change. 3.1 Image Identification Framework
Frames that are embedded and detecting a fragile watermark and any watermark system are similar. One owner (or a separate third party authority) embeds watermarks to a raw image (see Figure 1).
This key is used to generate watermarks and is a representative identifier as assigned to the owner or image. In some applications such as digital cameras, the original image is confidentially or may not be available. This watermark image may be transferred, presented or distributed. The watermark image is exactly the same under normal observation and the original image. Look at FIG. 2 and FIG. 3 are an example of an original and use of a fragile watermark technology image as previously described.
When a user receives an image, they use the detection tool to evaluate the authenticity of the received image (refer to Figure 4).
This testing process also requires some "additional information" knowledge. This additional information may be a key, watermark, original image or other information. This detection tool often establishes the statistical detection theory generated by a test statistic and the image is determined by that test statistic is identified. If the image is not a trusted, it is desirable to use the detection tool to determine which part of the image is modified. The additional information used by the detection tool is very important for the use of the entire fragile watermark. The technique requiring the test tool has the original image is considered to be a private watermark to require the testing tool to have a technique that has the original image is considered to be a common watermark. A fragile watermark system must be a public technology. In many applications, this original image may always be unavailable because it may be embedded in watermarking when generated.
In the application of the database, the owner of the watermark to the image is often the person who is not interested in the inspection image for a period of time. For example, in a medical database, it is important to detect any changes to the image. In addition, in additional applications, such as business, testing personnel and tag entities are very different. In these cases, it is necessary to select a system that mark and detect information. In such a system, the ability to detect image authenticity does not guarantee the ability to mark the image. This step cannot be achieved in the very large fragile watermark system described in the current literature.
4. Characteristics of fragile watermarking systems
We now introduce the ideal characteristics of the fragile watermark system, noted that the relative importance of these features is based on the application. In addition to the supplements of the characteristics will be described below and the ideal props we have mentioned, the application may require it to other items, and other props can be found in [4] [12] [13]:
1. Detect tamper. A fragile watermark system should detect any tampering (with high possibility) for a watermark image. This is the most basic characteristic of fragile watermarks and is reliably testing a request for image authenticity. In many applications, it is also necessary to provide an indication that generates how much changes or destruction and production.
2. Visible transparency. An embedded watermark should not be visible or affecting the functionality of the image under normal observation. In most cases this means that the aesthetic quality to retain an image, however, if an app is also performed in the watermark image (such as feature extraction), then these operations cannot be affected. It is a pity that "noise" generated by the embedded watermark process affects the other image processing operations without too much information. This is an open research problem. Similarly, the transparency may be a personal (subjective) problem in a specific application field and a close-related method of perceived image quality, which may be difficult. 3. Testing does not require the original image. This is a detailed discussion in the third part. As mentioned above, the original image may not exist or this owner may have a very good reason to do not believe in a third party (because the third party can embed them on the original image and then claim that this is their own of).
4. The detector should be able to find out and exhibit changes to a watermark image. This includes the ability to find space places in a confident or destroyed image. Detectors should also be able to estimate which changes have occurred.
5. Watermarks can be detected when "cut". In some applications, the capacity of the watermark can be detected after "cut". For example, one may be interested in a part of a relatively large watermark image (terrain, people, etc.). In other applications, this feature is not satisfactory because the "cut" is treated as a modification.
6. Watermark generated by different keys should be "orthogonal" during the watermark detection. In an image, the watermark generated by using a specific key must only be detected by detecting additional information provided to the detector. All other additional information provided to the detector should not detect watermarks.
7. The scope of use of keys must be wide. This is to provide a large number of users, and even if the hostile side does not know where a particular picture is not encrypted and encrypted, it can hinder the behavior of a particular key to obtain a particular key by detailing.
8. The key must be difficult to speculate from the detection additional information. This is especially important for systems with distinct embedding and detection keys. Usually embedded in such a system is private, while the corresponding detection additional information may be provided to other sectors. If other departments can pose a key from the detection information, they may be able to embed the keys in those who have never wanted to encrypt.
9. It should be difficult to embed watermarks without authorized departments. One special attack mentioned in [4] is to remove watermark from a watermark image and then embed it into another picture.
10. Watermark must be able to be embedded in the compressed domain. This and the watermark can be not the same as if the picture is compressed, which can be seen as an attack. In many applications, the ability to embed watermarks in the compressed domain has meaningful advantages.
5. Attack on fragile watermark
We must pay attention to malicious organized potential attacks when designing and assessing tag systems. To design a system, it is almost impossible to attack any kind of attack, and the new method of defeating the marking system will be invented in time. But of course, for the design of the improved system, the knowledge of ordinary attack mode is required.
The first attack is blindly modified to a watermark picture (that is, modify the picture anywhere without watermark). Although we mentioned this attack because it may be the most common kind of tag system, it must be easily recognized by any fragile water. This attack includes transplantation and local alternatives (such as replacing a face with other people). One of the modifications later is why an application may be able to display an important reason for the partially destroyed picture.
Another attack is an attempt to modify the watermark image itself or establish a new watermark that can be accepted and considered trusted by the detector without affecting the watermark already embedded. Some unsuitable fragile watermarks can easily detect a chaotic change of the image but may not detect a modification of a careful constructor. An example is a fragile watermark embedded in the least important plane in an image. Trying to modify the picture if the watermark is compressed in the LSB algorithm is likely to disturb the watermark and detected. However, an attacker may try to modify the picture without disrupting any LSB algorithm or replacing a new LSB algorithm in a modified image that is believed to be credible. The attack may also include watermarks using known effective watermarks from a watermark image as another arbitrary image. If you can speculate how the watermark is embedded, the attack of the watermark transfer is easy. This type of attack can also be performed on the same picture. First, the watermark is removed, then the image is modified, and the final watermark is rejected.
An attacker may be completely removal of watermarks and there is no residual interest (perhaps they can deny the fear of an image evidence that has been embedded in their watermarks already embedded. In order to achieve this, an attacker may try to add any noise to the image, use the design technology to destroy the watermark, or use statistical analysis or infer to speculate the original image.
An attacker may also try to speculate on the key used to generate watermarks. The key and an embedded watermark are closely related, so if the attacker that can separate the watermark then you can analyze it and try to speculate the key (or reduce the search range of the key). Once the key is speculated, the attacker will fake the key into any image.
There is also known to include an identification model and a lot of a specific watermark in a picture. The attacks on the identification system on the unreliable channel are also discussed in [8] and similar attacks apply to the watermark system.
6. Examples of fragile watermarking systems
We now investigate some of the fragile watermark systems described in the literature. We can classify technology into a spatial or transform domain.
6.1 Spatial Watermark
Early fragile watermarking systems embed watermark directly into a spatial domain of a picture, such as the technique described in Walton [16] and Van Schyndel [17]. These techniques embed the watermark to the least important horizontal plane in a perceived transparency. Their major disadvantages involve it easy to bypass the safety system they provide and cannot achieve lossless compression without destroying the watermark.
Wolfgang and DELP continue to work for Schyndel to improve their vs. VW2D technology vitality and limitations. Watermark is embedded by adding one of the two poles in the spatial domain. Detection is performed by a modified correlator. For local, a modular structure is used when embedding and detecting. This mark has been compared with other methods of using a messy signal function.
P. Wong introduces additional fragile watermarking technologies in [19], which includes a classification using a messy signal function. The image, image size, and key are messy during embedding and is used to modify the least important plane in the original image. This operation is implemented in the following manner, when the correct detection edge information and the unmodified watermark image are provided to the detector, the double-layer image selected by the owner is observed. This technology has a local propgonore and can identify a region that has been modified in a watermark image.
