Computers and Electrical Engineering 36 (2010) 578584

Contents lists available at ScienceDirect

Computers and Electrical Engineering

journal homepage: www.elsevier.com/locate/compeleceng

Technical Communication

Authentication and recovery of images using multiple watermarks

Raullah Chamlawi, Asifullah Khan *, Imran Usman
Department of Computer and Information Sciences, Pakistan Institute of Engineering and Applied Sciences, Room No. A-116, Nilore 45650, Islamabad, Pakistan

a r t i c l e

i n f o

a b s t r a c t
A novel wavelet domain based semi-fragile watermarking scheme is presented for securing digital content and to concisely determine the regions where the integrity fails. In addition, another watermark is embedded to perform self-recovery in case of malicious attack. The security weaknesses of the traditional block-based approaches are circumvented by correlating the watermark bits with wavelet coefcients of the approximation subband of the host image. Semi-fragility exhibits robustness to JPEG compression, while recovery attribute makes the scheme suitable for video surveillance and remote sensing applications. Experimental investigations are performed to evaluate the performance of the proposed multiple semi-fragile watermarks and shows the suitability of the proposed approach for accurate authentication and recovery based applications. 2009 Elsevier Ltd. All rights reserved.

Article history: Received 1 April 2009 Accepted 10 December 2009 Available online 25 January 2010 Keywords: Watermarking Authentication Integer Wavelet Transform (IWT) Discrete Cosine Transform (DCT) selfrecovery Multimedia Security

1. Introduction The revolution in digital information has brought about profound changes in our society. Many of the advantages of digital information have also generated new challenges and new opportunities for innovation. Authenticating digital information with fair enough imperceptibility and high detection resolution is the challenge of todays research. The objective for image authentication is to reject the malicious manipulations and accept content-preserving manipulations for which the traditional cryptographic signature may not be suitable. Several watermarking techniques are proposed to authenticate digital images [1]. Applications of watermarking based authentication include trusted cameras, video surveillance, digital insurance claim evidence, journalistic photography, and digital rights management systems. It can be used commercially, such as GeoVisions GV-Series digital video recorders for digital video surveillance to prevent tampering [2]. It can also be used for real time services such as broadcast monitoring and security in communication. For this purpose, a dual technique has been proposed [3] to authenticate the image as well as perform the quality of service (QoS) assessment for digital media through wireless channel. Various robust watermarking techniques have been proposed [46] to protect the content. However, it is difcult for such techniques to detect a variety of distortions including malicious attacks. Therefore fragile watermarking algorithms have been proposed, which are sensitive to distortions. In this regard, Kundur and Hatzinakos [7] proposed Tamper Assessment Function to check the integrity of images. Discrete Cosine Transform (DCT) based techniques and vector-quantization based watermarking systems are also proposed to prevent tampering and make the content secure [8,9]. These approaches are able to detect the distortions but they fail against incidental manipulations like JPEG compression. Thus, semi-fragile watermarking techniques [10,11] have been proposed which are tolerant towards incidental manipulations, but sensitive to malicious attacks. Besides authentication, recently some researchers proposed watermarking techniques which have the additional ability of image recovery. Piva et al. [12] proposed a technique to authenticate the image but fail to accurately detect the

* Corresponding author. Tel.: +92 52 2208069; mobile: +92 345 9411426; fax: +92 51 2208070. E-mail addresses: chamlawi@gmail.com (R. Chamlawi), asif@pieas.edu.pk (A. Khan), imran.usman@gmail.com (I. Usman). 0045-7906/$ - see front matter 2009 Elsevier Ltd. All rights reserved. doi:10.1016/j.compeleceng.2009.12.003

R. Chamlawi et al. / Computers and Electrical Engineering 36 (2010) 578584

579

tampered regions. Similarly [13] authenticate the image accurately but cannot recover it. Chamlawi et al. [14] described a technique in which the image is accurately authenticated and can be recovered but at the cost of security and imperceptibility. The security of watermarking algorithms relies on some secret information that is available to the receiver. In this regard, a secret key is generally used [15]. However, some illicit manipulations may intend to specically destroy the coefcients/blocks selected for embedding to render the technique undeliverable. In our approach, we use LL1 subband for correlation and then the correlated watermark is embedded in other subbands [16,17]. Thus the selected coefcients are made safe and there is no conict while choosing the coefcients for watermark correlation and embedding. In this work, we develop two watermarks to be embedded in independent wavelet subbands. Firstly a binary watermark is used to accurately authenticate the content as well as determine and classify the alterations. Second watermark (image digest), which is a highly compressed version of the host image is used to recover the approximation of the image. The rst watermark helps in accurately detecting the alteration, while not ensuring the recovery of the image. The second watermark helps the users to obtain the estimated image but leave the users to judge the authenticity themselves. We reduce the embedding payload by using suitable coefcients for watermarks to be embedded. Thus both watermarks in combination can lead to accurate authentication and recovery. We correlate the rst watermark with image coefcients to make it robust against counterfeiting/collage attack. Before embedding, we permute the coefcients randomly to enhance the security against local attacks. All subbands are involved in embedding process, so there is no free area for an attacker to change the content. Semi-fragility shows tolerance of the method against JPEG compression. Alteration sensitivity is improved in comparison to traditional block-based approaches. Parameterized Integer Wavelet Transform (IWT) is used to improve the processing speed. Thus, the secure semi-fragile watermarking technique is addressed to authenticate the image accurately and is useful for video surveillance and remote sensing applications through self-recovery technique. In summary, we are able to achieve high capability of authentication, tamper localization, and recovery of the estimated image. Rest of paper is organized as follows: Section 2 explains in detail our proposed semi-fragile watermarking scheme. Section 3 presents some experimental results. We analyze our proposed scheme in Section 4. Section 5 concludes the paper. 2. Proposed algorithm 2.1. Watermarks generation and embedding Two watermarks W1 and W2 are generated and embedded in the wavelet coefcients of the image. W1 is used for accurate authentication and W2 is used for recovery of the image. W1 is a binary watermark correlated with LL1 [14] of the image and embedded in the subbands (Teal color in Fig. 1) of the image. W1 is correlated with LL1 using Eq. (1)

Fig. 1. Embedding process.

580

R. Chamlawi et al. / Computers and Electrical Engineering 36 (2010) 578584

W1

  av g mod2 w; Qp

where avg is the averaged value of four adjacent pixels in LL1, w is the binary matrix, and Qp is the quantization parameter that determines the sensitivity of the collage attack. The coefcients in the teal subbands are divided into groups. One watermark bit is embedded in each group. The watermark W1 is embedded by modifying the weighted means of the wavelet groups. The weighted mean of every group g is dened in Eq. (2)

 gj

jgj1 X i0

pi jfi ij;

where fi(i) is the ith coefcient in the jth group. jgj is the group size and p is the bipolar random sequence generated by a secret key with uniform distribution p 2 f1; 1g. We quantize (mapping of integer to binary value) the weighted mean(s) in Eqs. (3) and (4) [13]

   gj Q Dj ; Q 8 j k > 0 if gj is even; < Q  j k Quang j > 1 if gj is odd; : Q  gj

where Q is the quantization step and Dj is the quantization residue.   The watermark bit W1(j) is embedded by modifying the weighted mean g j so that Quang j becomes equal to W1(j). We select the rst g number of bits to be embedded. The modication of the weighted mean is performed by using Eq. (5)

(  g 0j

  bg j Q =2c Q Q ; if Quang j Q =2 W 1 j; 2   bg j Q =2c Q Q ; if Quang j Q =2 W 1 j; 2

 where g 0j is the expected weighted mean of the jth group. We modify the wavelet coefcient with the greatest magnitude in a group, which causes less noticeable artifacts. Random permutation ensures that there will be at least one large coefcient in each group. Let D be the difference in expected and original weighted means, calculated in Eq. (6)

  Dj g 0j g j :
The largest coefcient is updated in Eq. (7).
fj;max fj;max pi signfj;max Dj ;

where fj,max is the largest coefcient in jth group. If the sign of fj,max changes after applying Eq. (7) then we leave fj,max as it is. We modify D according to Eq. (8) and the second largest coefcient is updated by applying Eq. (7) with Dj,residue. The process repeated accordingly until Dj,residue = 0.

Dj;residue signDj jDj j jfj;max j:

Generation and embedding of W2 (highly compressed version of the original image) and its embedding are outlined in Fig. 1 (pink1 color) of the image. The reader is referred to Ref. [14] for detailed generation and embedding methodology. Both of the watermarks are independent and it is the choice of user to use either both the watermarks or one of them. Fig. 1 shows the embedding procedure. 2.2. Watermarks extraction We extract the binary watermark W1 and check the watermarked image for authenticity. The watermarked image is decomposed and the subbands (Teal color subbands in Fig. 1) are selected. The coefcients are concatenated and permuted using the same keys used in embedding process. The resultant sequence S0 is then divided into groups of size g. The weighted mean of each group is calculated and watermark bit is extracted by quantizing it. Extraction of watermark appears in Eq. (9)

 W 01 Quang 0j ;

 where g 0j is the recalculated weighted mean and W 01 is the extracted watermark. Extraction of W2 (image digest) is the reverse procedure applied to the image digest generation. We apply inverse scrambling; inverse scaling etc while extracting the W2. The reader is referred to Ref. [14] for detailed extraction methodology.
1

For interpretation of color in Fig. 1, the reader is referred to the web version of this article.

R. Chamlawi et al. / Computers and Electrical Engineering 36 (2010) 578584

581

2.3. Integrity verication We construct a matrix U and consider U(m, n) as unveried according to Eqs. (10) and (11)

Um; n

8 >0 < > :

if any of LL2m; n; VV2m; n; DD2m; n; LL3m; n; HH3m; n; DD3m; n and dm; n is unverified 10

1 otherwise; if any of DD1m; n; DD1m; n 1; DD1m 1; n; DD1m 1; n 1 is unverified 11

dm; n

8 >0 < > :

1 otherwise;

where DD1, LL2, VV2, DD2, LL3, HH3 and DD3 are the subbands shown in Fig. 1. When the matrix U is generated, black pixel i.e. 0 corresponds to the error pixels, while white pixel i.e. 1 corresponds to correct pixels. Dense and sparse pixels are dened as: an error pixel in U is a dense pixel if one of its eight neighboring pixels is also an error pixel otherwise, it is a sparse pixel. If the matrix U has sparse pixels then, the watermarked image is manipulated incidentally. On the other hand, in case of high number of dense pixels, the image in attacked maliciously. The reader is referred to [18] for detailed tamper proong methodology. 2.4. Image recovery Although in [13,19], the authors use the authentication technique for securing the image but they do not permit one to recover the estimated/approximated image. We embed the compressed version of host image itself and such approach usually referred to self-recovery technique [12]. The original image is decomposed using integer wavelet transform and then its low level is highly compressed by using standard quantization matrix. On authentication/verication side, the reverse of digest generation process is applied to obtain the recovered image. As we will see in the experimental results, we can recover the image after any manipulation, either malicious or incidental. The degradation of the recovered image increases when the strength of manipulation(s) increases. 3. Results and discussion The extracted watermark W 01 and the embedded watermarks W1 are compared to check the authenticity of the image. W2 is extracted and is decompressed to obtain the approximated original image. We use dense and sparse pixels to differentiate the incidental and malicious manipulations. For detail the readers refers to Ref. [14]. Fig. 2 shows original, watermarked, recovered image (extracted W2) and the difference in W 01 and W1. Fig. 3 presents the remote sensing application. A particular attention is focused on the tip of the minaret. The tip of minaret is removed and our system detects it and also recovers it by using self-recovery technique. Fig. 4 shows that when the effective appearance of the image is altered then our approach is able to detect and recover it. The airplane is moved from its position and we detect both the location from where the airplane is deleted as well as the location to where the airplane is added. Our approach is able to extract the digest image (W2) where the airplane occupies its authentic position. Table 1 describes the different PSNRs while using different quantas and groups sizes. The system gives high PSNRs for Baboon image as compared to Lena and Cameraman images. This is because our approach gives good results for textured images. We make a trade-off by selecting the group size and quanta because by increasing group size, the PSNR increases and vice versa. The better and the worst PSNRs are highlighted (Bold). The PSNRs in the last column (baboon image) are quite high as compared to other PSNRs (Lena and cameraman images). As the watermarks are embedded in details (especially the rst watermark W1 is embedded in suitable wavelet coefcients), the PSNR of textured images (i.e. baboon), increases. We avoid the smooth regions to be used for embedding.

Fig. 2. (a) Original image; (b) watermarked; (c) recovered and (d) difference (not tampered).

582

R. Chamlawi et al. / Computers and Electrical Engineering 36 (2010) 578584

Fig. 3. (a) Lichtenstein image; (b) tip of minaret is removed; (c) detected and (d) recovered.

Fig. 4. (a) London eye image; (b) object moving (airplane); (c) detected and (d) recovered.

Table 1 PSNR (dB) against different quanta and group size. Group size 30 Quanta 30 20 10 5 30 20 10 5 30 20 10 5 30 20 10 5 PSNR (Lena) 34.75 36.23 37.21 37.87 34.51 35.21 36.86 37.01 33.41 35.44 36.58 36.78 32.51 35.23 36.30 36.60 PSNR (Cameraman) 34.43 36.01 36.97 37.20 34.19 34.65 36.37 35.81 33.01 34.97 36.24 36.59 32.84 34.92 35.72 36.14 PSNR (Baboon) 35.17 37.83 40.19 42.25 34.96 37.75 39.28 40.89 33.49 35.12 37.15 38.28 33.23 33.58 35.07 36.54

20

10

4. Analysis The issue which affects the performance or relate to the proposed system is the size of g and quanta. A trade-off is made as the watermarks are embedded. Smaller g increase the payload of the watermark and vice versa. Similarly, the smaller quanta decreases the robustness of the watermark and the larger quanta leads to stronger robustness. Our system is able to make the content secure towards attacks applied in both spatial and transform domain. Multiple keys are used to make the watermarks safe. Also correlation and permutation of the watermarks enhances the security aspects of the proposed approach. The architecture of the proposed watermarking system is open. One can use both or any of the watermark according to the application. We are able to deal with collage/counterfeiting attack because the embedded watermark bits are dependent on the image being watermarked. It concisely determines the tampered regions instead of traditional block-based determination. Performance comparison of the proposed approach with previous approaches [14,12] is presented in Table 2. The comparison is made with respect to imperceptibility, security, tamper detection, localization etc. Our approach produces good results compared to the existing approaches with the security and imperceptibly issues being resolved.

R. Chamlawi et al. / Computers and Electrical Engineering 36 (2010) 578584 Table 2 Prominent features and performance comparison with [12,14]. Features Watermark payload Watermark security Tamper detection Localization Imperceptibility (PSNR) Survival against JPEG compression Collage attack resiliency Attack classication Chamlawi et al. [14] High Satisfactory Good Accurate Reasonable Yes No Yes Piva et al. [12] Low No Satisfactory Not accurate Good Yes No No Proposed approach

583

Low Highly secure Good Highly accurate Good Yes (user control) Yes (correlation of W1) Yes

5. Conclusion In this paper, multiple watermarks are used to focus on both the authenticity and recovery of the image. It classies the alterations and provides a value-added technique for secure and efcient authentication of digital images. Each of the embedded watermarks strengthens the security aspect of each other. The processing speed is improved by using parameterized integer wavelet transform. Both of the watermarks are embedded in suitable wavelet coefcients which increase the imperceptibility and have high potential in video surveillance and remote sensing applications. Similarly, random permutations and scrambling allow one to satisfy the security requirements of the watermarks. Acknowledgment This work was supported by the Higher Education Commission (HEC), Government of Pakistan under the Indigenous PhD Scholarship Program. Grant funded by Government of Pakistan. (Grant No. 17-5-I (Cu-180) HEC/Sch/2004/4343). References
[1] Li CT. Digital watermarking schemes for multimedia authentication. In: Digital watermarking for digital media. J. Seitz Idea Group Publishing; 2005. p. 3051. [2] Fei C, Kundur D, Kwong RH. Analysis and design of secure watermark-based authentication system. IEEE Trans Inform Forensics Security 2006;1(1):4355. [3] Maity SP, Kundu MK, Maity S. Dual purpose FWT domain spread spectrum image watermarking in real time. Comput Electr Eng Elsevier Sci 2008;35(2):41533. [4] Khan A, Tahir SF, Majid A, Choi TS. Machine learning based adaptive watermark decoding in view of anticipated attack. Pattern Recogn Elsevier Sci 2008;41(8):2594610. [5] Khan A, Mirza AM. Genetic perceptual shaping: utilizing cover image and conceivable attack information using genetic programming. Inform Fusion Elsevier Sci 2007;8(4):35465. [6] Lu W, Sun W, Lu H. Robust watermarking based on DWT and nonnegative matrix factorization. Comput Electr Eng Elsevier Sci 2009;35(1):1838. [7] Kundur D, Hatzinakos D. Digital watermarking for telltale tamper proong and authentication. Proc IEEE 1999;87(7):116780. [8] Tonegawa S, Morimoto N, Kamijoh K. Alteration detection apparatus and method thereof. US patent 2005; (6963655 B1). [9] Wang FH, Yen KK, Jain LC, Pan JS. Multiuser-based shadow watermark extraction system. Inform Sci Elsevier Sci 2007;177(12):252232. [10] Ho CK, Li CT. Semi-fragile watermarking scheme for authentication of JPEG images. Proc Int Conf Inform Technol: Coding Comput 2004(l.1):711. [11] Ko CC, Huang CH. A novel semi-fragile watermarking technique for image authentication. In: Proceeding sixth IASTED international conference on signal and image processing Honolulu, Hawaii; 2004. p. 249. [12] Piva A, Bartolini F, Caldelli R. Self-recovery authentication of images in the DWT domain. Int J Image Graphics 2005;5(1):14965. [13] Liu H, Steinebach M. Semi-fragile watermarking for image authentication with high tampering localization capability. In: Proceeding of the second international conference on automated production of cross media content for multi-channel distribution. IEEE; 2006. p. 14352. [14] Chamlawi R, Khan A, Idris A. Wavelet based image authentication and recovery. J Comput Sci Technol 2007;22(6):795804. [15] Zhao Y. Dual domain semi-fragile watermarking for image authentication. MS thesis Graduate, Department of Electrical and Computer Engineering, University of Toronto; 2003. [16] Ishihara N, Koki ABE. A semi fragile watermarking scheme using weighted vote with sieve and emphasis for image authentication. IEICE Trans Fund 2007;E90-A(5):104554. [17] Holiman M, Memon N. Counterfeiting attacks on oblivious block-wise independent invisible watermarking schemes. IEEE Trans Image Process 2000;9(3):43241. [18] Wu X, Hu J, Gu Z, Huang J. A secure semi-fragile watermarking for image authentication based on integer wavelet transform with parameters. Australian Information Security Workshop, New Castle, Australia; 2005. p. 7580. [19] Li KF, Chen TS, Wu SC. Image tamper detection and recovery system based on discrete wavelet transformation. In: Proceedings of the international conference on communications, computers, and signal processing. vol. 1; 2001. p. 1647.

Raullah Chamlawi received his BSc and MSc degree in Computer Science from University of Peshawar, Pakistan in 1998 an 2000 respectively. He received his MS degree in Computer System Engineering form Ghulam Ishaq Khan Institute of Engineering Sciences and Technology, Pakistan in 2006. Currently he is pursuing his Ph.D. degree from Pakistan Institute of Engineering and Applied Sciences, Islamabad, Pakistan. His research area is Digital Image Processing, Watermarking, and Multimedia Security.

Asifullah Khan received his M.Sc. degree in Physics from University of Peshawar, Pakistan in 1996 and his M.S. degree in Nuclear Engineering from Pakistan Institute of Engineering and Applied Sciences (PIEAS), Islamabad, Pakistan, in 1998. He received his M.S. and Ph.D. degrees in Computer Systems Engineering from Ghulam Ishaq Khan Institute of Engineering Sciences and Technology (GIK Institute), Topi, Pakistan, in 2003 and 2006, respectively. He has

584

R. Chamlawi et al. / Computers and Electrical Engineering 36 (2010) 578584

more than 10 years of research experience and is working as Associate Professor in Department of Computer and Information Sciences at PIEAS. He did his Post-Doc Research at Signal and Image Processing Lab, Department of Mechatronics, Gwangju Institute of Science and Technology, South Korea. His research areas include Digital Watermarking, Pattern Recognition, Image Processing, Genetic Programming, Data Hiding, Machine Learning and Computational Materials Science.

Imran Usman received his BS degree in Computer Software Engineering from Foundation University Islamabad, Pakistan in 2003, Pakistan. He received his MS degree in Computer System Engineering form Ghulam Ishaq Khan Institute of Engineering Sciences and Technology, Pakistan in 2006. Currently he is pursuing his Ph.D. degree from Pakistan Institute of Engineering and Applied Sciences, Islamabad, Pakistan. His research area is Digital Image, Watermarking, and Machine Learning.