The chapter presents an application of reversible data hiding for the authentication of image travelling over a hostile and insecure communication channel. The reversible data resides in the image and tracks any changes done to it on a communication channel. The extraction of data and any modification to its structure reveals changes in the image. This allows the use of data hiding for forensic purpose. The reversible data hiding provides an additional advantage along with active forensics. The image regains original form after removal of the embedded data. However, reversible data hiding is an interplay between the image quality and watermarking capacity. The chapter presents the generic framework for data hiding and discusses its special case reversible data hiding. It presents capacity-behavior analysis of the difference expansion scheme. It performs in-depth analysis on the type of predictor and its impact on the capacity of the reversible data hiding scheme. Finally, the chapter presents a case study to showcase the use of reversible data hiding for image authentication.
TopIntroduction
Digital forensics deals with the idea of investigating and analysing digital data (Popescu, Farid, 2004; Farid, Lyu, 2003). The process involves data collection, preservation, analysis, and present an evidence in the suitable forum. The digital forensics is useful in variety of applications like network vulnerability testing, fraud detection, crime detection, counterintelligence, law enforcement, and intrusion detection (Watson, Dehghantanha, 2016; Franke et al., 2018). One of the prime requirement during forensic process is to prevent a change in the evidence.
Figure 1. Domain of digital forensics
The domain of digital forensics can be broadly categorized into:
- 1.
Active forensics
- 2.
Passive forensics
The active forensic is a proactive measure while the passive forensic is a retroactive measure. In case of active forensic an attack is anticipated, and data is prepared to negate the attack (Conti et al., 2018). A countermeasure to thwart the attack is built into the forensic framework. The example of the active forensics is a digital watermarking. It supports the application of copyright protection and authentication. The active forensics requires an explicit knowledge about the host signal and it can be made stronger by exploiting the information about the host. The classification of digital forensics is shown in Figure 1.
Passive Forensics
On another hand, the passive forensic establish the tell-tale after the manipulation is applied to the data. It is based on the primary assumption that digital content has a native statistical flavour, which remains consistent. Such statistical patterns are very closely related to the physical process generating the content (Sommer, 2018; Dilijonaite et al. 2017). Passive forensics, believes that any tampering will change statistical fidelity of the content. Even-though changes are perceptually invisible, but they can be tracked by performing statistical analysis of the content. The analysis is independent of any side information about the content. Therefore, this type of forensics is termed as passive as it does not need any information about the content.
The passive forensics is mainly divided into three broad categories as shown in Fig.1. The categories are as follows:
Image source identification (Wang et al. 2017) is based on the premise that device captures and leave the tell-tale pattern in the image. This pattern can be used as a fingerprint or signature for the device and it links device with the image. Each device has unique fingerprint; therefore, it can be used to establish one to one relationship between signature and the image (Pomponiu, Cavagnino, & Botta, 2018).
The second category of passive forensics deals in segregating natural and computer-generated images. A sophistication in software and hardware has enables generation of near real images. With the digital domain penetrating the social life misuse of computer-generated fake images can wreak havoc for the individual. Therefore, it is utmost necessary to develop a mechanism to separate real and computer-generated images. Usually, this is a very good application of the machine learning which is based on using statistical features present in natural images or acquisition device characteristics.
The third type of passive forensic discovers tampering in the digital content. Again, with the sophistication of tools, an image can change without leaving any perceptual trail. However, addition or deletion of the digital portion significantly affect statistics of the image. The idea is to detect such changes and localize tampering in the image. Many interesting methods are available but they all pertain to a specific solution. The universal framework for detection of artefacts is yet to evolve.