Abstract
Camera fingerprints based on sensor PhotoResponse Non-Uniformity (PRNU) have gained broad popularity in forensic applications due to their ability to univocally identify the camera that captured a certain image. The fingerprint of a given sensor is extracted through some estimation method that requires a few images known to be taken with such sensor. In this paper, we show that the fingerprints extracted in this way leak a considerable amount of information from those images used in the estimation, thus constituting a potential threat to privacy. We propose to quantify the leakage via two measures: one based on the Mutual Information, and another based on the output of a membership inference test. Experiments with practical fingerprint estimators on a real-world image dataset confirm the validity of our measures and highlight the seriousness of the leakage and the importance of implementing techniques to mitigate it. Some of these techniques are presented and briefly discussed.
Highlights
The PhotoResponse Non-Uniformity (PRNU) is a multiplicative spatial pattern that is present in every picture taken with a Charge Coupled Device (CCD)/Complementary Metal-Oxide-Semiconductor (CMOS) imaging device and acts as a unique fingerprint for the sensor itself [1]
The most prevalent method [1] performs a further normalization to take into account the multiplicative nature of the PRNU. Both the ease with which the PRNU can be extracted and the existence of relatively good theoretical models that explain its contribution lead to attacks that are similar in intention to digital forgery attacks in cryptography: the so-called PRNU copy attack plants the fingerprint from a desired camera in an image taken by a different device with the purpose of incriminating someone or merely undermining the credibility of PRNU-based forensics [6]
While the PRNU copy attack can be considered a threat to trust, in this paper we identify risks to privacy by showing that there is substantial information leakage into the PRNU from the images used for its estimation
Summary
The PhotoResponse Non-Uniformity (PRNU) is a multiplicative spatial pattern that is present in every picture taken with a CCD/CMOS imaging device and acts as a unique fingerprint for the sensor itself [1]. While in an ideal scenario the PRNU of a device can be extracted from flat-field images (e.g., of a cloudy sky or a white wall) in practice this is only feasible when there is access to the camera under investigation In this scenario, where the estimated PRNU practically leaks little information (as trivially shown by our theory), different law enforcement agencies (LEAs) may share the estimated fingerprints for cross-searching in databases with no privacy risks. The rest of the paper is organized as follows: in Section 2 we review the basic principles of PRNU extraction; in Section 3 we propose two metrics to quantify the leakage; Section 4 hints at the potential of our discovery to counter injection-based attacks; Section 5 briefly discusses several approaches to mitigate the leakage; Section 6 contains the results of experiments carried on images taken with popular cameras, and, Section 7 presents our conclusions
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
