This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Internet and the World Wide Web (WWW) have enabled a wide range of applications for both business and pleasure. The ability to execute brisk transmission of data world wide in an efficient and cost effective manner has enabled many companies and user to provide better understanding of products and services to their consumers through digital media, such as images, audio and video. However, concern about the security of this digital media has grown tremendously.
In recent years, due to rapid expansion of internet, the amount of illegal activity linked to digital media (Images, audio and video) has soared. Since digital media is often ones intellectual property, many digital media owners dread when face the consequences of copyright issues that occur. Digital watermarking is now been employed to help combat this issue.
Digital watermarking has been proposed as a viable solution to help protect digital media from illegal duplication. Digital watermarking consists of indefinitely embedding a copyright signal (Watermark) into the original signal to produce a watermarked image. The embedding process is performed in a way that it allows the copyright signal to be extracted. The extracted copyright signal can be used to prove ownership of the media.
The area of digital watermarking has been the focal point of interest for multimedia security. In common practise watermarking is currently being employed in the following application:
- Copyright protection e.g. multimedia distribution
- Image authentication e.g. Automated Teller Machine (ATM) cards
- Data hiding e.g. monitoring broadcast
- Covert communication e.g. intelligence applications
There been significant amount of research into The aim of this project is to examine different watermarking algorithms to determine their robustness.
This project is primarily concerned with invisible watermarking of digital images. Therefore, the term watermarking refers to invisible watermarking of images unless stated otherwise.
This project will focus on watermarking of digital images. History of watermarking
There are two main watermarking categories:
- Visible watermarking - consists of adding an image into a host image in visible manner. In a way, the host image is digitally stamped with another signal and this signal can be seen by the naked eye. An example of an image visibly watermarked with the word “DEMO” is provided in figure 1.
- Invisible watermarking - consist of adding a signal into the host image in an invisible manner. Hence, the watermarked image seems identical to the original image.
The aim of both techniques is to prevent unauthorised duplication. However, their objectives differ greatly. Visible watermarking attempts increase security by focusing on prevention i.e. by assuring the image is not duplicated in the first place. Invisible watermarking puts more emphasis on detection over prevention i.e. the ability to prove the ownership of an image after duplication. Invisible watermarking is usually preferred over visible watermarking mainly because it does not effect human perception of an image. Furthermore, because the watermark is invisible it is less like to be subjected to intentional attacks since the attacker does not know that the watermark is present.
This project is primarily concerned with invisible watermarking of digital images. Therefore, the term watermarking refers to invisible watermarking of images unless stated otherwise. (might be used in intro)
Figure 1: an example of visible watermark from www.watermarker.com
Figure 2 illustrates the basic concept of watermark insertion. Generally, the encoder module embeds the watermark in the original media to create a watermarked image:
Encoder (Original image, Watermark) = Watermarked Image.
The watermark insertion process is performed in such a way that the changes between the original image and the watermarked image are minuet. Hence, undetectable by the naked eye.
The watermark itself can be American Standard Code for Information Interchange text (ASCII text), image or even dependant on the original image (e.g. noise based). The encoder module often requires a key (key is not compulsory). Typically, the key is a pseudo-random number (PN) used to randomise the watermark in an attempt to increase the robustness of the watermarked image. The encoder function can be simple as adding the watermark to the least significant bits of the original. However, there are a number of criteria's discussed later on in the report which good watermarking systems are required to fulfil. Different methods used to embed the watermark and ways of increasing the reliability of the watermarking system are also reviewed later on in the project.
Figure 2: Block diagram illustrating watermark insertion process
Watermark insertion process can be performed in three domains, spatial domain, transform domain or feature domain. Figure 3 shows the how a watermarking insertion algorithm can be categorised depending on its domain. In spatial domain the pixel values of the original image are modified to produce the watermarked image. The most common algorithms include least significant bit (LSB) modification and spread spectrum. Transform domain consists of converting the original image values into another set of values using either, wavelet transform, cosine transform or fractal transform, then insert the watermark in the new values before taking the inverse of the transform to obtain the watermarked image. Finally, feature domain focuses on object characteristics, such as edges and region, when inserting the watermark.
Detailed review of different techniques used to insert the watermark in each domain can be found in the literature review.
Watermark embedding domain
Least significant bit (LSB) modification
Wavelet domain (DWT)
Cosine domain (DCT)
Fractal transform and others
Figure 3: Watermark classification depending on insertion algorithm
Figure 3 demonstrates the watermark extraction process. The decoder module uses the original image along with the knowledge of the embedding process (and possibly the key) to extract the watermark from the suspected image. In general, the extraction process is simply an inverse of the embedding process:
Decoder (Suspected image, Original Image) = Suspected watermark
It's highly likely that the suspected image has been subjected to one or more image processing attacks. After extracting the suspected watermark from the suspected image a comparator function compares the suspected watermark to the original watermark. A similarity function is used to determine how closely the two watermarks are related:
Similarity = Original watermark x Suspected watermark
Suspected watermark x Suspected watermark
If the similarity is greater than the threshold provided then the comparator function returns a positive response. Consequently signifying there is a watermark present and thus proving image authenticity, otherwise, the response is negative stating no relevant watermark is present.
Positive or negative
Figure 4: Block diagram illustrating the watermark extraction process.
Robust watermarking requirements
Watermarks can either be fragile or robust. Fragile watermarks tend to become distorted easily when attacked. Therefore, their usage is strictly limited. They are commonly used only to determine image integrity i.e. to check if the image has been tempered with. Robust watermarks are designed to protect the image at all levels. An ideal robust watermark remains with the image and can still be extracted even after the image has been attacked extensively. This feature has earned robust watermarking methods enormous popularity amongst multimedia security.
There are a number of criteria's that robust watermarking methods are expected to satisfy. According to (REFERENCE PROPERLEY) Chun-Shein Lu, Multimedia security, IDEA publishing group 2005, in order for a watermarking system to robust it must meet the following requirements.
- Security - the reliability of the watermarking system should not be entirely dependant on the embedding process. An effective watermarking system assumes that the attackers are familiar with the embedding process yet maintains the security of the watermarked image by using secret information. Such as, a secret key or original image.
- Perceptual invisibility - watermark must be embedded in a way that the changes made to the watermarked image are insignificant and unnoticeable by the human visual system (HVS).
- Statistical invisibility - an attacker must not be able to determine if a watermark is present using statistical methods. For example, by statistically analysing different images watermarked using the same embedding process.
- Robustness / Probability of error - naturally, digital images are attacked very frequently undergoing processes such as cropping, rotation, scaling and so on. An ideal robust watermark remains with the image and can still be extracted even after the image has been attacked extensively. Therefore, if a suspected image has been watermarked using a particular algorithm. The extraction process of the same algorithm should detect the watermark accurately even when the image has been attacked. However, if the image has not been watermarked, the extraction process of the algorithm used should return a negative response. In term, keeping the error rate to a bare minimum.
- Probability of error -
- Capacity issue - the quantity of data embedded to produce the watermarked image must be enough to assure that the watermarked image is protected efficiently. This requirement is greatly influenced by the application at hand.
There are no guidelines available that help produce a perfect watermarking system that meets all the requirements stated above flawlessly. In general, significantly improving one requirement has a negative effect on one or more of the other requirements. For instance, increasing robustness of an image decreases perceptual invisibility. The aim is to find a balance between the requirements in a fashion that none of the criteria's are neglected.
Evalutating the watermarking system
Some metrics for requirements of an ideal watermarking system can be defined and evaluated with ease. For instance, the security aspect can be evaluated by amount of secret information used (e.g. secret key and its size). To measure the capacity one can simply check quantity of bits embedded in the original image to produce the watermarked image. Statistical invisibility requires analysing the watermarked image and checking its correlation with the original image. On the other hand determining metrics for robustness and Perceptual invisibility is far more challenging.
Fabien A. P. Petitcolas work is considered to be the pioneering work in evaluating robustness and perceptual invisibility. Fabien A. P. Petitcolas evaluation strategy is the most widely agreed on scheme for evaluating robustness and perceptual invisibility. The metrics provided by Fabien A. P. Petitcolas are shown in figure 4. Peak signal to noise ratio is stated as PSNR.
Figure 5 - “Summary of the possible perceptible invisibility assurance levels. These levels may seem vague but this is the best we can achieve as long as we do not have good and satisfactory quality metrics.” Fabien A. P. Petitcolas. Watermarking schemes evaluation. I.E.E.E. Signal Processing
Fabien A. P. Petitcolas research clearly states “PSNR is a very restrictive quality metrics: it does not take into account any properties of the human visual model. This includes the usual masking properties but also the large tolerance to geometric distortions. By using PSNR one excludes immediately watermarking schemes based on geometric distortions. Unfortunately we are not aware of any metric taking those distortions into account.” Fabien A. P. Petitcolas. Watermarking schemes evaluation. I.E.E.E. Signal Processing. Hence, PSNR is only capable of providing a rough estimate for the quality parameter of the watermarked image.
PSNR can be calculated using:
Fabien A. P. Petitcolas suggests that there are three different levels of robustness. Figure 5 illustrates how robustness of a watermarked can be evaluated at different levels
Figure 6 - Standard robust watermark requirements. Fabien A. P. Petitcolas. Watermarking schemes evaluation. I.E.E.E. Signal Processing
Attacks related to watermarking
Most watermarked images are likely to experience numerous attacks. These attacks can be executed intentionally or unintentionally. The four main categories of attacks related to watermarked images are robustness attacks, presentation attacks, interpretation attacks, and legal attacks.
Robustness attacks try to destroy or remove the watermark from the suspected image while ensuring the image itself remains preserved. Sometime the attacker attempts to analyse the watermark insertion/extraction method in a hope that this information can be used to remove the watermark. However, usually robustness attacks are performed through signal processing. Filtering, addition of noise, compression etc are all forms of signal processing attacks.
The idea behind a presentation attack is to render the watermarked image in a way that the extraction process is incapable of detecting the watermark. Examples of presentation attacks include affine transformations (rotation, scaling and translation).
Interpretation attacks damage the watermark in such a way that its credibility can no longer be trusted. A common interpretation attack is to re-watermark a watermarked image, in a similar fashion to the initial watermarking process. This is more than likely to confuse the extraction process. Hence, the interpretation of the extracted watermark is questionable.
Legal attacks are greatly dependant on the copyright of intellectual property laws. Legal attacks consist of an attacker challenging the reliability of the watermarking algorithm in the court law.
|Level zero||Low level||Moderate|
|Standard JPEG compression quality||100 - 90||100 - 75||100 - 50|
|Colour reduction (GIF)||256||256||16|
|Cropping||100 - 90 %||100 - 75 %||100 - 50 %|
|Gamma correction||0.7 - 1.2||0.5 - 1.5|
|Scaling||1/2 - 3/2||1/3 - 2|
|Rotation||± 0 - 2 deg||± 0 - 5, 90 deg|
|Uniform noise||1 - 5 %||1 - 15 %|
|Contrast||± 0 - 10 %||± 0 - 25 %|
|Brightness||± 0 - 10 %||± 0 - 25 %|
|Median filter||3 ´ 3|
Digital watermarking classification
|Level of assurance||Criteria|
|Low||-PSNR(when applicable) - Slightly perceptible but not annoying|
|Moderate||- Metric based on perceptual model - Not perceptible under domestic conditions, that is using mass market consumer equipment|
|Moderate high||Not perceptible in comparison with original under studio conditions|
|High||Evaluation by a large panel of persons under strict conditions|