Additive Noise Attacks Research Articles

Filtering and smoothing estimation algorithms from uncertain nonlinear observations with time-correlated additive noise and random deception attacks

ABSTRACT This paper discusses the problem of estimating a stochastic signal from nonlinear uncertain observations with time-correlated additive noise described by a first-order Markov process. Random deception attacks are assumed to be launched by an adversary, and both this phenomenon and the uncertainty in the observations are modelled by two sets of Bernoulli random variables. Under the assumption that the evolution model generating the signal to be estimated is unknown and only the mean and covariance functions of the processes involved in the observation equation are available, recursive algorithms based on linear approximations of the real observations are proposed for the least-squares filtering and fixed-point smoothing problems. Finally, the feasibility and effectiveness of the developed estimation algorithms are verified by a numerical simulation example, where the impact of uncertain observation and deception attack probabilities on estimation accuracy is evaluated.

Enhancement of DWT-SVD digital image watermarking against noise attack using time–frequency representation

Information security has been defined as one of the most critical issues in the information era, as it is utilized to protect confidential information during transfers in real-world applications. In the case of image encryption, a variety of information security approaches were used. Domain spatial and domain frequency are two domains in which such techniques can be classified. This study uses a combination of the singular value de-composition (SVD) and discrete wavelet transformation (DWT) to construct an encryption method based on a traditional watermarking system. Compared with other traditional methods, the proposed DWT-SVD approach has excellent robustness, and it has been strengthened for having high degree of the robustness against the additive white Gaussian noise (AWGN) attacks by utilizing a de-noising strategy based upon S-transform approach. Compared with DWT algorithm denoising approach, the results reveal that the S-transform denoising algorithm that has been deployed in the present article has a robust protection towards the Gaussian noise attack for mean squared error (MSE) around 0.005 and peak signal to noise ratio (PSNR) around 24 dB.

Quadratic estimation for stochastic systems in the presence of random parameter matrices, time-correlated additive noise and deception attacks

Networked systems usually face different random uncertainties that make the performance of the least-squares (LS) linear filter decline significantly. For this reason, great attention has been paid to the search for other kinds of suboptimal estimators. Among them, the LS quadratic estimation approach has attracted considerable interest in the scientific community for its balance between computational complexity and estimation accuracy. When it comes to stochastic systems subject to different random uncertainties and deception attacks, the quadratic estimator design has not been deeply studied. In this paper, using covariance information, the LS quadratic filtering and fixed-point smoothing problems are addressed under the assumption that the measurements are perturbed by a time-correlated additive noise, as well as affected by random parameter matrices and exposed to random deception attacks. The use of random parameter matrices covers a wide range of common uncertainties and random failures, thus better reflecting the engineering reality. The signal and observation vectors are augmented by stacking the original vectors with their second-order Kronecker powers; then, the linear estimator of the original signal based on the augmented observations provides the required quadratic estimator. A simulation example illustrates the superiority of the proposed quadratic estimators over the conventional linear ones and the effect of the deception attacks on the estimation performance.

Robust Image Inpainting Forensics by Using an Attention-Based Feature Pyramid Network

Deep learning has injected a new sense of vitality into the field of image inpainting, allowing for the creation of more realistic inpainted images that are difficult to distinguish from the original ones. However, this also means that the malicious use of image inpainting technology to tamper with images could lead to more serious consequences. In this paper, we use an attention-based feature pyramid network (AFPN) to locate the inpainting traces left by deep learning. AFPN employs a feature pyramid to extract low- and high-level features of inpainted images. It further utilizes a multi-scale convolution attention (MSCA) module to optimize the high-level feature maps. The optimized high-level feature map is then fused with the low-level feature map to detect inpainted regions. Additionally, we introduce a fusion loss function to improve the training effectiveness. The experimental results show that AFPN exhibits remarkable precision in deep inpainting forensics and effectively resists JPEG compression and additive noise attacks.

Improving Quality of Watermarked Medical Images Using Symmetric Dilated Convolution Neural Networks

Rapid development of online medical technologies raises questions about the security of the patient’s medical data.When patient records are encrypted and labeled with a watermark, they may be exchanged securely online. In order to avoid geometrical attacks aiming to steal the information, image quality must be maintained and patient data must be appropriately extracted from the encoded image. To ensure that watermarked images are more resistant to attacks (e.g. additive noise or geometric attacks), different watermarking methods have been invented in the past. Additive noise causes visual distortion and render the potentially harmful diseases more difficult to diagnose and analyze. Consequently, denoising is an important pre-processing method for obtaining superior outcomes in terms of clarity and noise reduction and allows to improve the quality of damaged medical images. Therefore, various publications have been studied to understand the denoising methods used to improve image quality. The findings indicate that deep learning and neural networks have recently contributed considerably to the advancement of image processing techniques. Consequently, a system has been created that makes use of machine learning to enhance the quality of damaged images and to facilitate the process of identifying specific diseases. Images, damaged in the course of an assault, are denoised using the suggested technique relying on a symmetric dilated convolution neural network. This improves the system’s resilience and establishes a secure environment for the exchange of data while maintaining secrecy.

Lattice-Based Minimum-Distortion Data Hiding

Lattices have been conceived as a powerful tool for data hiding. While conventional studies and applications focus on achieving the optimal robustness versus distortion tradeoff, in some applications such as data hiding in medical/physiological signals, the primary concern is to achieve a minimum amount of distortion to the cover signal. In this paper, we revisit the celebrated quantization index modulation (QIM) scheme and propose a minimum-distortion version of it, referred to as MD-QIM. The crux of MD-QIM is to move the data point to only the boundary of the Voronoi region of the lattice point indexed by a message, which suffices for subsequent correct decoding. At any fixed code rate, the scheme achieves the minimum amount of distortion by sacrificing the robustness to the additive white Gaussian noise (AWGN) attacks. Simulation results confirm that our scheme significantly outperforms QIM in terms of mean square error (MSE), peak signal to noise ratio (PSNR) and percentage residual difference (PRD).

Using Deep learning for image watermarking attack

Digital image watermarking has justified its suitability for copyright protection and copy control of digital images. In the past years, various watermarking schemes were proposed to enhance the fidelity and the robustness of watermarked images against different types of attacks such as additive noise, filtering, and geometric attacks. It is highly important to guarantee a sufficient level of robustness of watermarked images against such type of attacks. Recently, Deep learning and neural networks achieved noticeable development and improvement, especially in image processing, segmentation, and classification. Therefore, in this paper, we studied the effect of a Fully Convolutional Neural Network (FCNN), as a denoising attack, on watermarked images. This deep architecture improves the training process and denoising performance, through which the encoder–decoder remove the noise while preserving the detailed structure of the image. FCNNDA outperforms the other types of attacks because it destroys the watermarks while preserving a good quality of the attacked images. Spread Transform Dither Modulation (STDM) and Spread Spectrum (SS) are used as watermarking schemes to embed the watermarks in the images using several scenarios. This evaluation shows that such type of denoising attack preserves the image quality while breaking the robustness of all evaluated watermarked schemes. It could also be considered a deleterious attack.

An embedded novel compact feature profile image in speech signal for teledermoscopy system.

Teledermoscopy is a promising telemedicine service for remote diagnosis and treatment of skin diseases using dermoscopy images. It requires high quality transmission services, efficient utilization of channel bandwidth, effective storage, and security. Thus, this work develops an improved teledermoscopy system that guarantees the efficient and secure transmission of the dermoscopy images. It proposed a novel feature-based secure diagnostic system that supports the automated classification of malignant melanoma and benign nevus at the receiver side (i.e. medical facility). To overcome the transmission of the original dermoscopy images having large size, a novel representation of the dermoscopy images is proposed, namely the compact feature profile (CFP). The proposed CFP represents the dermoscopy image only using its significant features. For security purpose, the CFP is embedded as a watermark in a speech signal using singular value decomposition (SVD) watermarking at the transmitter. Then, the de-embedding/reconstruction process is performed at the receiver end using a proposed modified SVD technique. Finally, the extracted CFP is fed into a classifier for diagnosis at the receiver. To evaluate the robustness of the proposed system, an additive white Gaussian noise (AWGN) attack was employed during the transmission process. To improve the immunity against the AWGN attack, a novel speech signal weight factor is proposed at the watermarking process. Moreover, a compensation factor is calculated at the training phase to compensate the effect of the channel AWGN attack at the receiver. In addition, the superior transform domain and embedding positions of the CFP in the speech signal were studied. The experimental results established that the proposed CFP diagnostic system achieved high classification accuracy, sensitivity, specificity, and F-measure for classifying the two skin cancer classes with the presence of signal-to-noise ratio (SNR) ranging from 10 to 25dB. This work established that the newly proposed CFP watermarked in speech signal using the DWT-based modified SVD followed by single-level decomposition Db1 with hard thresholding wavelet denoising achieved efficient diagnostic teledermoscopy system.

GA-Based Optimized Image Watermarking Method With Histogram and Butterworth Filtering

The present paper proposes a new and significant method of optimization for digital image watermarking by using a combination of Genetic Algorithms (GA), Histogram and Butterworth filtering. In this proposed method, the histogram range selection of low frequency components is taken as a significant parameter which assists in bettering the imperceptibility and robustness against attacks. The tradeoff between the perceptual transparency and robustness is considered as an optimization puzzle which is solved with the help of Genetic Algorithm. As a result, the experimental outcomes of the present approach are obtained. These results are secure and robust to various attacks such as rotation, cropping, scaling, additive noise and filtering attacks. The peak signal to noise ratio (PSNR) and Normalized cross correlation (NC) are carefully analyzed and assessed for a set of images and MATLAB2016B software is employed as a means of accomplishing or achieving these experimental results.

Adaptive Electrocardiogram Steganography Based on 2D Approach with Predetermined Rules

Based on two-dimensional (2D) bit-embedding/-extraction approach, we propose a simple data hiding for electrocardiogram (ECG) signal. The patient’s sensitive (diagnostic) data can be efficiently hidden into 2D ECG host via the proposed decision rules. The performance of the proposed method using various sizes of the host bundles was demonstrated. Simulations have confirmed that the average SNR of the proposed method with a host bundle of size 3 ´ 3 is superior to that of existing techniques, while our payload is competitive to theirs. In addition, our method with a host bundle of size 2 ´  2 generated the best SNR values, while that with a host bundle of size 4 ´  4 provided the largest payload among the compared methods. Moreover, the proposed method provides robustness performance better than existing ECG steganography. Namely, our method provides high hiding capacity and robust against the attacks such as cropping, inversion, scaling, translation, truncation, and Gaussian noise-addition attacks. Since the proposed method is simple, it can be employed in real-time applications such as portable biometric devices.

Normalized blind STDM watermarking scheme for images and PDF documents robust against fixed gain attack

Spread Transform Dither Modulation (STDM), a special case of Quantization Index Modulation (QIM), has been widely used in digital watermarking. STDM has good performance in robustness against re-quantization and random noise attacks, but it is largely vulnerable to the Fixed Gain Attack (FGA). In addition to digital images and videos watermarking applications, copyright protection for digital text such as Portable Document Format (PDF) has received particular attention and interest. In this paper, we modify the STDM watermarking scheme by making the quantization step dependent on the original samples during the embedding process and on the watermarked samples during the decoding process to resist the FGA attack and enhance the robustness against the Additive White Gaussian Noise (AWGN) attack and JPEG compression attack in both the spatial domain and frequency domain regardless of the source of elements used as cover work. Experimentations have been conducted distinctly on digital images and text PDF documents. The tested images were watermarked with a uniform fidelity, where SSIM is fixed to 0.982 and 0.953. Our approach achieves significant robustness against the FGA attack with an improvement of 98% in terms of Bit Error Rates (BER) compared to traditional STDM. As for the AWGN attack, an improvement of 21% is shown. The proposed method also presents robustness against a variety of filtering and geometric attacks, while preserving a high level of transparency.

Copyright Protection for Holographic Video Using Spatiotemporal Consistent Embedding Strategy

The interest in a three-dimensional (3-D) holographic display is increasing daily because it can generate full depth cue without utilizing any special glasses. However, the content of 3-D holographic videos currently without any protection can be illegally distributed and maliciously manipulated. Therefore, there is an urgent need to protect the copyright of holographic videos against malicious copying. Since watermarking is an effective way to protect the ownership of holographic sequence, this paper proposes a spatiotemporal consistent embedding algorithm for the holographic video watermarking. Imperceptibility requirement in the holographic video watermarking is more challenging compared with static holograms because of the temporal dimension existing in videos. The embedding algorithm should not only consider spatially embedding strength for each frame of the video, but also take the temporal dimension into account in order to guarantee the visual quality of the moving object. Before embedding, to defend the imperceptibility of the watermark from the holographic moving object, the embedding parameters are evaluated by the salient object from the interframe and intraframe. Different from the previous video watermarking algorithm, in order to ensure the robustness, in our paper, instead of two-dimensional watermark, 3-D watermark converted data (QR code) are embedded in the cellular automata (CA) domains using 3-D CA filters. Finally, the QR codes can be extracted from the watermarked holographic frames, and the final 3-D watermark can be digitally reconstructed with different depths’ cue using the computational integral imaging reconstruction algorithm. The experimental results demonstrate that the proposed method exhibits superior performance compared to several methods in the literature, especially the robustness against additive noise and compression attacks.

LiDAR Data Integrity Verification for Autonomous Vehicle

Deterministic perception of the surrounding environment is both crucial and a challenging task for autonomous vehicles. A wide range of sensors, including LiDAR, RADAR, cameras, and so on, are used to build the perception layer of an autonomous vehicle. Many interfaces, such as OBD-II, Wi-Fi, Bluetooth, cellular networks, etc., have been introduced in autonomous vehicles to control various functionalities, including V2X communications, over-the-air updates, security, remote vehicle-health monitoring, and so on. These interfaces are introducing new attack surfaces that can be exploited via external as well as internal attacks. Attackers have successfully demonstrated how to exploit these attack surfaces by crafting attack vectors to launch both insider and external attacks. The sensor and sensor data are also vulnerable to both external and insider attacks. Developing safeguards against these attacks is a steppingstone toward the design and development of reliable autonomous vehicles. For instance, failure to detect and localize sensor data tampering can result in an erroneous perception of the environment and lead to wrong path-planning and control decisions. In this paper, we propose a novel semi-fragile data hiding-based technique for real-time sensor data integrity verification and tamper detection and localization. Specifically, the proposed data hiding-based method relies on 3-dimensional quantization index modulation (QIM)-based data hiding to insert a binary watermark into the LiDAR data at the sensing layer, which is used for integrity verification and tamper detection and localization at the decision-making unit, e.g., the advanced driver assistance system (ADAS). The performance of the proposed scheme is evaluated on a benchmarking LiDAR dataset. The impact of information hiding on the object-recognition algorithm is also evaluated. Experimental results indicate that the proposed method can successfully detect and localize data tampering attacks, such as fake object insertion (FOI) and target object deletion (TOD). Robustness to noise-addition attacks is also evaluated.

A blind audio watermarking technique based on a parametric quantization index modulation

In this paper, we propose an efficient transform-based blind audio watermarking technique by introducing a parametric quantization index modulation (QIM). Theoretical expressions for the signal to watermark ratio and probability of error are derived and then used in an optimization technique based on the Lagrange multipliers method to find the optimal values for the parameters of the parametric QIM that ensure the imperceptibility while maximizing the robustness under an additive white Gaussian noise (AWGN) attack. Moreover, a fast scheme for the implementation of the proposed watermarking technique is developed and an efficient procedure is suggested to find the interval for the best selection of the watermark embedding positions that provide a good trade-off between the effects of high and low pass filtering attacks. The parameters of the resulting optimal parametric QIM coupled with the embedding positions constitute a highly robust secret key for the proposed watermarking technique. We also carry out several experiments to show the usefulness of the theoretical analysis presented in the paper and compare the proposed technique with other existing QIM-based watermarking techniques by considering known attacks such as AWGN, re-quantization, resampling, low/high pass filtering, amplitude scaling and common lossy compressions.

A Novel Secure Data Transmission Scheme Using Chaotic Compressed Sensing

In this paper, a novel secure data transmission scheme using chaotic compressed sensing, which has inherent encryption property without additional cost, is proposed based on a $T$ -way Bernoulli shift chaotic system. In the proposed scheme, the Bernoulli chaotic sensing matrix (BCsM) is generated by the Bernoulli shift chaotic sequence. We prove that the BCsM meets the restricted isometry property with overwhelming probability, which guarantees good sensing performance. Compared with the state-of-the-art sensing matrices, such as the Gaussian sensing matrix, the BCsM has low complexity and is easily implemented in hardware. Meanwhile, we investigate the recovery performance, robustness, and security of the proposed scheme and show that the proposed scheme can ensure efficient secure data transmission against additive noise and malicious attacks. The proposed scheme is perfectly effective for large-scale, long-term data transmission with high energy efficiency and strong security.

Imperceptible Image Watermarking based on Chinese Remainder Theorem over the Edges

This paper introduced a watermarking method using the CRT and Canny Algorithm that able to improve the imperceptibility of watermarked image and preserving the robustness of watermark image as well. The classical CRT algorithm is spread the watermark bits evenly on the image area. It causes significant degradation when the embedding location lies on the least significant region or in the homogeny area. Otherwise, the proposed method embeds the watermark on the edges of the image which have significant difference value to maintain the imperceptibility. The Canny algorithm is used to indexing the embedding location based on the filtering output of host image. The watermark is then embedded into the host image using pair-wise coprime integers of 6 and 11 within the CRT modulo. The results show that the proposed method has significant improvement in the quality of watermarked image with the average value of 0.9995 compared to the CRT method which results in value of 0.9985. In compression and additive noise attacks the CRT has average values of 0.6618 and 0.9750, while the proposed method results in similar values of 0.6616 and 0.9752 respectively. These prove that the proposed method is able to preserve the robustness while improving the imperceptibility.

Depth-Based View-Invariant Blind 3D Image Watermarking

With the huge advance in Internet technology as well as the availability of low-cost 3D display devices, 3D image transmission has become popular in recent times. Since watermarking has become regarded as a potential Digital Rights Management (DRM) tools in the past decade, 3D image watermarking is an emerging research topic. With the introduction of the Depth Image-Based Rendering (DIBR) technique, 3D image watermarking is a more challenging task, especially for synthetic view generation. In this article, synthetic view generation is regarded as a potential attack, and a blind watermarking scheme is proposed that can resist it. In the proposed scheme, the watermark is embedded into the low-pass filtered dependent view region of 3D images. Block Discrete Cosine Transformation (DCT) is used for spatial-filtration of the dependent view region to find the DC coefficient with horizontally shifted coherent regions from the left and right view to make the scheme robust against synthesis view attack. A comprehensive set of experiments have been carried out to justify the robustness of the proposed scheme over related existing schemes with respect to Stereo JPEG compression and different noise addition attacks.

Robust and Blind 3D Mesh Watermarking in Spatial Domain Based on Faces Categorization and Sorting

In this paper, a 3D watermarking algorithm in spatial domain is presented with blind detection. In the proposed method, a negligible visual distortion is observed in host model. Initially, a preprocessing is applied on the 3D model to make it robust against geometric transformation attacks. Then, a number of triangle faces are determined as mark triangles using a novel systematic approach in which faces are categorized and sorted robustly. In order to enhance the capability of information retrieval by attacks, block watermarks are encoded using Reed-Solomon block error-correcting code before embedding into the mark triangles. Next, the encoded watermarks are embedded in spherical coordinates. The proposed method is robust against additive noise, mesh smoothing and quantization attacks. Also, it is stout next to geometric transformation, vertices and faces reordering attacks. Moreover, the proposed algorithm is designed so that it is robust against the cropping attack. Simulation results confirm that the watermarked models confront very low distortion if the control parameters are selected properly. Comparison with other methods demonstrates that the proposed method has good performance against the mesh smoothing attacks.

A New Scalar Quantization Method for Digital Image Watermarking

A new technique utilizing Scalar Quantization is designed in this paper in order to be used for Digital Image Watermarking (DIW). Efficiency of the technique is measured in terms of distortions of the original image and robustness under different kinds of attacks, with particular focus on Additive White Gaussian Noise (AWGN) and Gain Attack (GA). The proposed technique performance is affirmed by comparing with state-of-the-art methods including Quantization Index Modulation (QIM), Distortion Compensated QIM (DC-QIM), and Rational Dither Modulation (RDM). Considerable improvements demonstrated by the method are due to a new form of distribution of quantized samples and a procedure that recovers a watermark after GA. In contrast to other known quantization methods, the detailed method here stipulates asymmetric distribution of quantized samples. This creates a distinctive feature and is expressed numerically by one of the proposed criteria. In addition, several realizations of quantization are considered and explained using a concept of Initial Data Loss (IDL) which helps to reduce watermarking distortions. The procedure for GA recovery exploits one of the two criteria of asymmetry. The accomplishments of the procedure are due to its simplicity, computational lightness, and sufficient precision of estimation of unknown gain factor.

Performance Comparison Of Hybrid Wavelet Transforms Formed Using Dct, Walsh, Haar and DKT in Watermarking

In this paper a watermarking method using hybrid wavelet transform and SVD is proposed. Hybrid wavelet transform generated from two different orthogonal transforms is applied on host and SVD is applied to watermark. The transforms used for hybrid wavelet transform generation are DCT, Walsh, Haar and DKT. First component transform used in generation of hybrid wavelet transform corresponds to global properties and second component transform corresponds to local properties of an image to which transform are applied. Aim of proposed watermarking method is to study effect of selecting DCT as global/local component transform on robustness. After testing the proposed method against various attacks, using DCT as global component is observed to be robust against compression, resizing using transforms, resizing using grid based interpolation and noise addition attacks. DCT when used as local component is observed to be robust against cropping. It also shows robustness against resizing using transforms, resizing using grid based interpolation and noise addition attacks.