About this Journal Submit a Manuscript Table of Contents
Advances in Multimedia
Volume 2012 (2012), Article ID 875759, 17 pages
http://dx.doi.org/10.1155/2012/875759
Research Article

Robust Signature-Based Copyright Protection Scheme Using the Most Significant Gray-Scale Bits of the Image

Cooperative Research Centre for Spatial Information, Department of Infrastructure Engineering, University of Melbourne, VIC 3010, Australia

Received 15 November 2011; Revised 2 March 2012; Accepted 27 March 2012

Academic Editor: Xian-Sheng Hua

Copyright © 2012 Mohammad Awrangjeb. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Abstract

The most significant bit- (MSB-) plane of an image is least likely to change by the most signal processing operations. This paper presents a novel multibit logo-based signature, using the most significant gray-scale bits, which is then used to develop an extremely simple but robust copyright protection scheme, where images along with their signatures are sent to a trusted third party when a dispute arises. Different ways of processing the MSB-plane before calculating the robust signature have been developed. This paper then presents an innovative classifier-based technique to test the robustness and uniqueness of any signature-based scheme. A new MSB-based attack, which would defeat our scheme most, has also been proposed. Experimental results have clearly demonstrated the superiority of the proposed scheme showing the high robustness of different MSB-based signatures over the existing signature-based schemes.

1. Introduction

For last few years, we have been using electronic commerce that includes online and offline distribution of multimedia data like images, audios, and videos. However, digital multimedia files can be easily manipulated using commercial graphics tools. Duplicating digital files has become as simple as clicking a button. Since maintaining an exact or manipulated duplicate of any digital data is easier than before, the enforcement of copyright protection has become more imperative than ever. Although copyright laws are being applied against abusers in order to ensure secure electronic commerce, the current problems with copyright protection obstruct the rapid evolution of computer and communication networks. As a result, the enhancement and further development of digital copyright protection is in central to the development of future communication networks [1]. There may be three types of solutions to the copyright protection problem: cryptographic tools, digital watermarking techniques, and digital signature-based techniques.

Cryptographic tools [2] can be used to encrypt a multimedia file using some secret key. The encrypted file is no more perceptually understandable and can be distributed to the users. Only the appropriate user that holds the secret key can decrypt and use this file. Such a technique while suitable for text documents is not suitable for multimedia data for the following two reasons. First, multimedia file size is much larger than that of text. Therefore, encrypting or decrypting a multimedia file is highly time consuming. Second, the encrypted media file is not useful in the public domain, for example, in the Internet. Because the encrypted file is not perceptually understandable and if the encrypted information is decrypted once, the information is no longer protected. However, the multimedia file provides an opportunity that the text document does not. That is, while no distortion is allowed in the signed text, some distortions are allowed in the signed multimedia file as long as it is perceptually similar to the original file.

Digital watermarking techniques take the opportunity of the abovementioned property of the media file. They embed a watermark such as logos, seals, or sequence numbers, into the original image. The embedded watermark should survive against both malicious and nonmalicious attacks depending on the applications. Latter, the embedded information is extracted from or detected in the watermarked image in order to verify the ownership [311].

Any watermarking technique should satisfy a number of essential properties [1, 5, 6]. However, many of the existing techniques do not satisfy some of the properties and, therefore, may not be applicable to build a proper copyright protection system [1, 8, 9]. They always distort the original image that might not be acceptable in some applications like medical imagery, law enforcement, and astrophysics research [7]. The amount of distortions increases with the increase of the embedding strength which though increases the chance of the survival of the watermark under different signal processing attacks. Some attacks like geometric distortions, collusion, and copy (averaging) attacks still challenge the robustness property. The watermark can also be removed using denoising [9]. Multiple watermarking (buyer’s and seller’s watermarks) in a single media is also problematic, since previous embedded watermark cannot be guaranteed to survive after the embedding of next watermark. Publicly verification of watermarking is another unsolved problem.

Digital signature-based copyright protection schemes [1, 1215] combine the advantages of both digital watermarking and cryptographic solutions. This technique, in general, calculates a digital signature using a logo and the extracted features from the original image (see Figure 1). The signature may then be protected using cryptography and certified by a trusted third party (TTP). Later, the signature is used to retrieve the logo from the test image. The retrieved logo is compared with the original logo using some similarity measurement function and a decision is made based on a threshold.

fig1
Figure 1: Signature-based scheme using logo: (a) signature calculation and (b) logo retrieval operation and verification.

The reason of using a logo as a watermark [16] or to calculate signature [1, 1215] is because it is a true representative of a company, an owner, or a customer. In the verification phase, in addition to “yes” or “no” answer based on the threshold, logo-based copyright protection schemes also allow perceptual recognition of the logo. Watermarking techniques embedding logos [16] mainly embed small binary logos and are unable to use large multibit (e.g., gray-scale) logos due to limited embedding capacity. However, large multibit logos are more practical and offer greater security than small binary logos. In contrast, signature-based schemes may calculate signature using any type (e.g., binary, gray-scale) and size of logos. There are also other signature-based schemes [17, 18], which do not use logos.

There are many advantages of signature-based schemes over watermarking techniques. They cause no visual quality degradation to images as they do not embed any information. They offer cryptographic security and can sign any sizes of logos. They resolve multiple ownership claims by adding timestamp with the signature. They can use both buyer and seller logos while calculating the signature, thus providing practical usefulness of the copyright protection system in the network world. They can use any multibit logos that offer greater opportunity to survive than binary logos. In addition, they allow public verification when the signature is generated using public key cryptographic infrastructure.

Katzenbeisser [19] argued that watermarking alone is not sufficient to resolve rightful ownership of digital data; therefore, a protocol relying on the existing cryptographic tools is necessary. Macq et al. [20] mentioned that watermarking along with registration authorities and transaction certifications are essential for digital right management of Internet distributed images. The signature-based schemes along with cryptographic tools can be considered as the complementary to the watermarking techniques to design a proper digital right management system.

In this paper, we propose a computationally inexpensive signature-based gray-scale image copyright protection scheme intuitively using the most significant bit- (MSB-) plane (MSB-based scheme), which is least likely to change by any image processing operation. The MSB-plane of an image can be chosen in different ways before calculating the signature using the bit-planes of the logo: (i) directly choosing the MSB-plane at a region-of-interest (ROI), (ii) choosing the MSB-planes of textured blocks, (iii) choosing the MSBs of DC coefficients of the MSB-plane, and (iv) choosing the MSB-plane after t-scale wavelet decomposition. Besides being image size invariant, the proposed scheme can be used with any n-bit logo. In order to prove the robustness and the uniqueness of this scheme, we also present a novel idea of finding a classifier to separate logo retrieval instances of attacked images with the original signature against all other possible alternatives. To avoid any bias, we further propose a new MSB-based attack, which would defeat our scheme most. We then present a comprehensive TTP management policy that uses classifier-based thresholds in order to minimize false alarms. Experimental results not only reveal very high logo retrieval rate and visual quality of the retrieved logos by the proposed scheme against those by the existing schemes [12, 13] that also use multibit logos but also show the weakness of the latter as they fail to produce any classifier as discussed above. Note that the proposed signature-based scheme along with some preliminary results was published in [21].

The rest of the paper is organized as follows: Section 2 presents the previous signature-based schemes using logos; Section 3 describes why we have chosen MSB bit-plane for the proposed scheme; Section 4 presents the proposed scheme; Section 5 presents the experimental results and then compares the proposed scheme with the existing schemes; finally Section 6 concludes the paper with future research directions.

2. Previous Works

Lee and Chen [13] calculated the signature of an image with a gray-scale logo using vector quantization (VQ) on the coarse scale of the image obtained by a t-scale wavelet transform. The scheme is publicly verifiable and robust to a wide variety of attacks. However, it is weak to high lossy compression and geometric distortions. It cannot calculate signature if the type of the logo and the image is different, for example, binary logo and gray-scale image. The size of the coarse image reduces exponentially as increases. Compounded with the approximation due to VQ, this can potentially lead to a very poor quality of the retrieved logo, especially when the original image size is small as demanded by the WWW. Chen et al. [1] later extended this idea for binary logos by replacing VQ with a polarity table. However, uniqueness of the signature, where it should verify the corresponding image only, may not be guaranteed with binary logos.

Chang et al. [14] calculated signature with a gray-scale logo using torus automorphism functions. To survive in cropping attacks, the idea of using a rectangular region-of-interest (ROI) in the image was introduced in [12]. This technique can be used for cartoon graphics and survives on repainting. Nevertheless, it still cannot survive in high lossy compression and geometric distortions. It also cannot calculate signature if the type of the logo and the image is different, for example, binary logo and gray-scale image.

The scheme in [15] used visual secret sharing technique to calculate signature using binary logos. It offers cryptographic security and allows generating meaningful share. It also allows multiple owners to share the same image. However, robustness depends on the sorting algorithm; that is, if the image is modified moderately, the sorting algorithm may result different share. Consequently, it cannot survive in high JPEG compression and small geometric distortions.

All the above existing schemes offer very high time complexity. The time complexity increases, due to use of VQ encoding [13], torus automorphism [12, 14], permutation [1], or visual cryptography [15], with the increase of image size. Some of the above schemes [1, 13] incorporate digital signature including timestamp with the published image allowing public verification. Nonetheless, they increase the file size and the risk of losing copyright if the signature is removed from the header accidentally or intentionally.

3. Why the Most Significant Bit?

The MSBs are least likely to change by any image processing operation, for example, JPEG compression, filtering, and so forth. However, watermarking techniques cannot embed the watermark in the MSB-plane of an image. Because changes to MSBs introduce higher noticeable distortions. In the following experiments, we observed that the robustness of the MSB-based digital signature would be very high.

We conducted experiments on a large database of 1032 images [22], including the benchmark ones [23]. In each case, we measured the MSB similarity rate, which means the percentage of MSBs that remain unchanged under the attack. Figure 2(a) shows that on average more than 91% of the gray-scale MSBs remained the same even when JPEG quality was set at the minimum; while more than 88% of the MSBs remained unchanged if the image is rotated by no more than ±5°. We further observed that under median filter, histogram equalization, salt and pepper noise, and Gaussian noise attacks on average more than 97%, 80%, 97%, and 90% of MSBs, respectively, remained unchanged, as shown in Table 1. In addition, we also tested the MSB similarity rate in the following four cases: (i) the MSB-plane at an ROI, (ii) the MSB-planes of textured blocks, (iii) the MSBs of DC coefficients of the MSB-plane, and (iv) the MSB-plane after 4-scale wavelet decomposition. Table 1 shows that histogram equalization and rotation attacks changed more MSBs than filtering and noising attacks. In StirMark attacks [24] like small random distortions, first three cases kept more than 80% MSBs unchanged and 4-level wavelet decomposition case is the most sensitive to these attacks. We will discuss how the MSBs were extracted in these four cases in Section 4.1.

tab1
Table 1: Most significant bit (MSB) similarity rate under different attacks.
fig2
Figure 2: (a) Most significant bit (MSB) similarity rates of gray-scale image at different JPEG and rotation attacks; (b) mean and standard deviation of gray-scale MSB similarity under the newly proposed MSB attack. Note that the rotation angle axis in (a) is nonlinear.

In order to avoid any bias, we now propose a new attack, namely, the MSB attack, where for a given target image-quality, in peak-signal-to-noise ratio (PSNR), the maximum number of gray-scale MSBs are changed. We sort the pixels in an array in the ascending order according to their differences with the mid-gray value. Then, the MSB of the pixel with the lowest difference is flipped first and the entry for that pixel in the sorted list is taken out. This operation is continued until a certain PSNR is obtained. Figure 2(b) shows that on average more than 80% of the MSBs, with no more than 10% standard deviation, remained unchanged at 30 dB target PSNR, below which the visual quality of the image is unacceptable to the human eyes [13]. Table 1 also shows that in above four cases, on the average 85% MSB remained the same at 35 dB target PSNR, and among these cases 4-level DWT decomposition left most of the MSBs unchanged.

From Figure 2 and Table 1, it is observed that even when the images are distorted to a limit where the PSNR becomes as low as 15 dB to 30 dB, the majority of the MSBs still remain the same. This is because in signal processing attacks (JPEG, filtering, etc.), image pixels do not change their locations and thus majority of the MSBs do not change. On the other hand, in geometric attacks (rotation, scaling, etc.) image pixels change their locations and thus the MSB similarity rate drops even in small rotation angle change. In the case of high geometric distortions, it is possible to estimate the transformation parameters first [25] and then to reverse the transformation before using the MSBs for signature calculation.

4. Proposed Scheme

The proposed MSB-based scheme first selects a set of MSBs from the image and then calculates digital signature of an image for a logo. The signature is certified by the TTP. When a dispute arises between two images of two parties, both parties send their certified signatures and images along with their corresponding parameters to the TTP to judge.

4.1. Selecting the MSBs

The MSBs can be selected in different ways. In this section, we discuss four of them.

Consider an n-bit gray-scale image of size pixels where , , and . Similarly, consider an n-bit gray-scale logo of size . Depending on the different ways of pre-processing the MSB-plane of the image, the MSB-based scheme may be named as different approaches.(i)UROI. The MSB-plane at an ROI of the image is chosen directly. Notice that an ROI can be user defined and can be located using reference points, for example, corners [26].(ii)TBLK. The MSB-planes of textured blocks at the ROI are chosen. We select textured blocks from the image using the technique represented in [7]. The MSB-planes of the selected textured blocks are accumulated as a single MSB-plane, where textured blocks are first taken in row-wise and then in column-wise.(iii)DCTMSB. We can choose the MSBs of DC coefficients of MSB-plane. We divide the MSB-plane into blocks before taking DCT. Then we take the MSB of DCT coefficients in original space order (without sorting them).(iv)-DWT. The MSB-plane of after -scale wavelet decomposition of the original image is chosen.

4.2. Signature Calculation

Let , where , be the collective set of MSBs selected from using one of the above approaches. Without any loss of generality, it is assumed that The signature of for with is thus calculated as If the generality assumption in (1) cannot be met, ’s could be reused iteratively once exhausted. Moreover, any color image can be signed using its gray-scale equivalent with even a colored logo after stripping it into three gray-scale channels. Once the signature is calculated, the owner sends the following message, in the form of a triplet, to the TTP using public key cryptography: where and are the public and private key encryptions of the TTP and the owner respectively and contains information about the MSB selection approach. On receiving the above message from the owner at time TS, the message is first decrypted to receive the signature triplet as follows: where and are the public and private key decryptions of the owner and the TTP, respectively. The TTP verifies for using , appends timestamp TS, and sends back the following message to the owner: where and are the public and private key encryptions of the owner and the TTP, respectively. The owner decrypts the above message with his private key as where is the private key decryptions of the owner. We name as the certified signature for the image .

4.3. Signature Verification

When a dispute arises for two images and between two persons and , they send the following messages claiming the ownership to the TTP: where and are the private key encryptions of and , respectively. The TTP decrypts the above messages as where and are the public key decryptions of and , respectively. The TTP then decrypted the certified signatures and with its public key; this ensures the certificates have been issued by the TTP and the timestamps have not been changed afterwards their generation: The TTP recalculates the signatures and and compares with the existing ones. This check ensures that encrypted signatures and have been generated for images and , respectively.

4.3.1. Finding Disputable Images

Let denote the logo retrieval operation using the inverse process in (2) (see Figure 1(b)). The TTP has to confirm whether images and are disputable before taking a final decision based on the timestamps and . Two images are disputable if they are the same image or one is an attacked version of another. To do that the TTP executes the following two test cases: where the logo retrieved from using signature and feature of is compared against the logo of , and vice versa. If the logo retrieval rate (LRR), which is the percentage of unchanged bits, and the PSNR (with respect to original logos and ) of above two test cases TC1 and TC2 are above certain identification thresholds (ThLRR, ThPSNR), then the images are considered as disputable.

4.3.2. Verification

If and are proved to be disputable, then the TTP compares timestamps and . The image is authenticated for if or for if .

4.4. Estimating Identification Thresholds

To avoid the risk of error due to arbitrary selection of identification thresholds (ThLRR, ThPSNR), we propose the following innovative classifier-based threshold estimation technique, which can also be used to test the robustness and uniqueness of any signature-based scheme. The lower the value of (ThLRR, ThPSNR), the lower the scheme is robust.

Let be a large image training database and let be a set of attacked images from for all . Let be a test case where the logo retrieved from the jth attacked image of using the signature of and the feature of is compared against the logo used to sign , , and . Let the positive and negative classes be defined as Note that the LRR and PSNR of all the test cases in should ideally be significantly higher than those in . Any efficient classifier can now be used to separate the positive and negative classes based on the LRR and PSNR of all the test cases and the values of (ThLRR, ThPSNR) can then be estimated synergistically from this classifier.

4.5. Robustness and Uniqueness Tests

The identification thresholds (ThLRR, ThPSNR) defined in the previous section is useful for determination of robustness and uniqueness properties of a scheme. A scheme is not robust to a particular attack if the logo retrieved from the corresponding attacked image offers low PSNR and LRR with respect to (ThLRR, ThPSNR). In that case, the corresponding (PSNR, LRR) entry in causes a false negative alarm by the classifier. We need to consider all the tests cases of , as defined by (12), in robustness tests. On the other hand, a scheme fails uniqueness test to a particular attack if the signature calculated from image verifies the corresponding attacked version of a different image . In that case, the corresponding (PSNR, LRR) entry in , as defined by (12), is high with respect to (ThLRR, ThPSNR) and causes a false-positive alarm by the classifier. Therefore, we need to consider only the following test cases of the class in uniqueness tests:

5. Performance Study

We implemented the proposed MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes with MATLAB 7 and tested their robustness using all the watermarking benchmark images in [23] with different logos against many attacks including those in stirMark 4.0 [24]. However, as we decided almost the same performance for each pair of a benchmark image and a logo, only results obtained using “Lena” and “Elaine” images signed by Monash and NUS logos, respectively (shown in Figure 3), are presented. Where necessary, the attacked images were resized to original. In fact, a corner matching technique can be used to undo the geometric transformations before verifying the copyright information [26].

fig3
Figure 3: Original images (a) Lena and (b) Elaine with their ROIs used; original logos (c) Monash and (d) NUS; mapped logos by TROI-based scheme [12] (e) Monash (15.19 dB, 53%) and (f) NUS (17.47 dB, 55%); and coded logos by VQ-based scheme [13] (g) Monash (23.40 dB, 64%) and (h) NUS (25.35 dB, 66%). Note that all images () and logos () are 8-bit gray-scale. Request granted to use logos for research purposes only.

We used the following two metrics to evaluate the performance: (i) PSNR determines the visual quality of the attacked media or retrieved logo with respect to its original copy; (ii) LRR determines the percentage of bits that are correctly retrieved from the given image using the given signature.

In Section 5.1, we present different types of attacks we considered in our experiments. Section 5.2 presents the detail classifier setup by different signature-based schemes. Section 5.3 presents the experimental results and discussions. Finally, Section 5.4 provides detail discussions on the overall performance of different signature-based schemes.

5.1. Attacks

All the attacks we tested to prove the efficacy of the proposed schemes are in Table 2. Below, we represent some attacks that require detail discussions. If not mentioned, the attack was done using MATLAB 7.

tab2
Table 2: Experimental results (PSNR in dB and LRR in %) by different approaches of the proposed MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes against various attacks using Lena image and Monash logo.
5.1.1. BPM Attack

In blind pattern matching (BPM) attack, we divided Lena image into nonoverlapping blocks. For each block, the most similar block was found out from Elaine image at 25 dB. The block with PSNR greater than or equal to 25 dB was considered as a similar one. Total 15736 blocks were replaced when the attacked image PSNR became 22.94 dB. In the same way, when we attacked Elaine image using Lena image, we replaced total 16371 blocks and attacked image PSNR was 21.99 dB.

5.1.2. Print-Copy-Scan

We printed each image using a 1200 dpi laser printer. The printed image was then photocopied and scanned using a 300 dpi and 8-bit gray-scale scanner. Finally, it was resized to . The PSNR of Lena image after print-copy-scan attack was 11.63 dB and that of Elaine image was 19.56 dB.

5.1.3. MSB Attack

We attacked each image by flipping its MSB-plane. Maximum MSBs were changed at a particular PSNR. First, we found absolute difference of each pixel to flip its MSB. Second, we sorted the absolute differences in the ascending order. Finally, we flipped the MSB of the pixel with lowest absolute difference first. We continued flipping until the PSNR is decreased beyond a particular value. Since this attack changes the maximum number of MSBs for a given target PSNR, the proposed MSB-based scheme should suffer the most. However, we observed that most images cannot be degraded to less than 20 dB even if all of its MSBs were flipped. After the MSB attack at 30 dB the MSB similarity rate for Lena image was 73% and for Elaine image was 70%.

5.1.4. unZign Attack

The image was divided into blocks. A pixel was selected randomly from each block and was either deleted or repeated randomly. All blocks were then put back in their original positions. The PSNR of Lena image after unZign attack was 29.08 dB and that of Elaine image was 29.79 dB.

5.1.5. Self-Similarities

This attack was done by stirMark 4.0 in RGB space of the image. The image was then converted to its gray-scale equivalent. The PSNR of Lena image after this attack was 26.04 dB and that of Elaine image was 25.48 dB.

5.2. Classifiers

In order to design classifiers for the different approaches, that is, UROI, TBLK, DCTMSB, and t-DWT, of the proposed MSB-based and existing TROI-based [12] and VQ-based [13] schemes, we used 10 different types of attacked images as shown in Table 3. We assigned numbers to the attacks for later references. The image Lena was signed using Monash logo and the image Elaine was signed with NUS logo. Then, different attacked images of Lena and Elaine were sent after signing with different logos with different or same for verification. For UROI approach and TROI-based scheme, indicates the same or different ROIs; while for -DWT approach and VQ-based scheme, indicates the same or different decomposition levels; and for TBLK approach, indicates same or different set of textured blocks. We had total 8 different types of data points with two pairs of images and logos (Lena-Monash and Elaine-NUS). Therefore, maximum 160 logo retrieval instances (20 in and 140 in ) were used while designing each classifier. However, in the case of DCTMSB approach, there were total 80 instances (20 in and 60 in ); since for the same type and size (8-bit, ) of logo, the image was divided into blocks of the same size () before taking DCT, assuming the image size () also remained the same. On the other hand, for VQ-based scheme, there were total 120 instances (20 in and 100 in ); since with different decomposition levels , logo retrieval operation was not possible from a smaller codebook (due to larger ) using the indices set containing higher indices values, while it was possible from a bigger codebook (due to smaller ) using the indices set containing lower indices values.

tab3
Table 3: Attacks considered while designing the classifier.

We used support vector machines (SVMs) with linear kernel [27] and -means clustering [28] separately for classification. Results by both SVM classification and -means clustering are useful for the determination of the robustness and the uniqueness properties of the proposed and existing schemes. SVM results, especially, enabled to find out the values for identification thresholds (), defined in Section 4.3. The more the accuracy of the classification and the distance between the support vectors of the SVM for a scheme, the more the scheme is robust (i.e., the two classes are well separated).

In the robustness test, the distance from a data point in (corresponding to an attack) to the SVM decision hyperplane is used to decide different levels of robustness (high, medium, low, and no). For example, if the data point is correctly classified and resides outside the nearest support vector (i.e., far away from the decision plane), then the robustness against the corresponding attack is high. If the data point is correctly classified but stays in the space between the nearest support vector and the decision plane and then the robustness against the corresponding attack is medium (when close to the support vector) or low (when close to the decision plane). If the data point is on the other side of the hyper plane (misclassified), then the copyright scheme is not robust to the corresponding attack. In the uniqueness test, if a data point in (corresponding to an attack) is incorrectly classified then the scheme does not possess the uniqueness property under this attack.

5.3. Experimental Results

We will present the experimental results in two parts. In Section 5.3.1, we present the robustness of the proposed and existing schemes in terms of PSNR and LRR under different attacks. In Section 5.3.2, we present the classifiers from which we can evaluate overall robustness and uniqueness of the respective signature-based schemes.

5.3.1. Robustness Results

In this section, we first present and discuss robustness results of the proposed and existing schemes under different attacks. We then detail the results for two attacks—JPEG which is the most common unintentional attack and newly proposed MSB attack which would defeat our scheme the most.

Table 2 shows the logo retrieval results using Lena image and Monash logo by different approaches of the MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes. Table 4 shows the attacked images along with their corresponding retrieved logos using Lena image and Monash logo. Table 5 and Table 6 present the same, respectively, using Elaine image and NUS logo.

tab4
Table 4: Attacked images along with their corresponding retrieved logos using Lena image and Monash logo by different approaches of the proposed MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes.
tab5
Table 5: Experimental results (PSNR in dB and LRR in %) by different approaches of the proposed MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes against various attacks using Elaine image and NUS logo.
tab6
Table 6: Attacked images along with their corresponding retrieved logos using Elaine image and NUS logo by different approaches of the proposed MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes.

We observed that all the approaches of the proposed scheme performed almost the same except the t-DWT approach which was sensitive to geometric distortions. In contrast, both the TROI-based and VQ-based schemes were very much sensitive to geometric attacks and the former did not survive under high JPEG lossy compression (quality less than 10). In most of the cases, the PSNR and in all the cases the LRR of the retrieved logos by the proposed scheme were higher than those by the TROI-based scheme. In the remaining few cases, the PSNR of the retrieved logos by the proposed scheme were lower. In most of the cases, the LRR by the MSB-based scheme was higher than the VQ-based scheme; while in many cases, the PSNR by the latter was higher due to its VQ coding. However, it is no way an indication to the superiority of the existing schemes for these kinds of attacks; because the logo quality degrades severely during the torus-mapping and VQ coding, as shown in Figures 3(e)3(h), and as a consequence the PSNR and LRR remained almost unchanged irrespective of logos.

Table 7 presents the MSB-attacked images along with their corresponding retrieved logos using Lena image and Monash logo by the proposed MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes. Table 8 presents the same using Elaine image and NUS logo. Among the approaches of the proposed scheme, DWT-based approach showed the highest resistance against the MSB attack. The proposed scheme survived down to PSNR 30 dB of the attacked image. Lee and Chen [13] argued that the visual quality of the image is unacceptable to the human eyes if the PSNR is less than 30 dB. Moreover, we observed that the proposed scheme performed better if the PSNR of the MSB attacked image increases, while for the existing schemes the PSNR and LRR of the retrieved logos remained almost unchanged irrespective of the PSNR of the attacked images. However, since the distortion in an image is more noticeable in the mid-gray region and sensitivity changes parabolically as the gray value fluctuates on the both sides of mid-gray level [7], as a precaution to the MSB attack, we suggest excluding mid-gray pixels during signature calculation.

tab7
Table 7: MSB attacked images along with their corresponding retrieved logos using Lena image and Monash logo by different approaches of the proposed MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes.
tab8
Table 8: MSB attacked images along with their corresponding retrieved logos using Elaine image and NUS logo by different approaches of the proposed MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes.

Figure 4(a) plots the LRR and Figure 4(b) plots the PSNR of the retrieved logos using Lena image and Monash logo against different JPEG quality factors. Figure 5(a) and Figure 5(b) plot the same using Elaine image and NUS logo. We found that the t-DWT approach performed the best among different approaches of the MSB-based scheme and existing TROI-based and VQ-based schemes. Both the LRR and PSNR increased with the increase of JPEG quality factor for the proposed scheme, while for the existing schemes they remained almost the same. While the proposed scheme always offered higher LRR; it outperformed the existing schemes in term of the PSNR when JPEG quality factor was greater than 70. This result is consistent with the observation made in motivation.

fig4
Figure 4: (a) Logo retrieval rate and (b) PSNR using Lena image and Monash logo by different approaches of the proposed MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes under different JPEG quality factors.
fig5
Figure 5: (a) Logo retrieval rate and (b) PSNR using Elaine image and NUS logo by different approaches of the proposed MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes under different JPEG quality factors.
5.3.2. Classification Results (Robustness and Uniqueness)

In this section, we present and discuss classification results of the proposed and existing schemes. We can infer the overall robustness and uniqueness of each scheme from the respective classifier.

Figures 6, 7, 8, 9, 10, and 11 present classification results using SVM with linear kernel [27] and -means clustering [28] separating the positive and negative classes of test cases, defined in the Section 4.3, for the MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes. Though we conducted the experiments with all entries in , for clarity we show , as defined in (13), instead of in Figure 6 to Figure 11. Table 9 shows the classification results obtained by SVM and -means. If for a scheme a data point in C+  corresponding to an attack is misclassified by a classifier, then the scheme is decided not to be robust under that attack. Similarly, if for a scheme a data point in corresponding to an attack is misclassified by a classifier, then the scheme is decided not to be unique under that attack. While the classes could be distinctively separated (no misclassification) with a large distance between the support vectors for UROI (), TBLK (), and DCTMSB () approaches of the proposed scheme; the SVM classifier for t-DWT approach resulted in 5% positive misclassification with a large and the classifiers for the TROI-based () and VQ-based () schemes resulted in 20% and 30% positive misclassifications, respectively. We found no miss by -means clustering for UROI, TBLK, and DCTMSB approaches, while for t-DWT approach and TROI- and VQ-based schemes, we found 35% positive, 26% negative, and 30% positive miss, respectively. Logo quality degradation due to torus-mapping and VQ coding constitute this problem for the existing schemes. Note that no misclassification and the large separation between positive and negative classes for UROI, TBLK, and DCTMSB approaches of the MSB-based scheme is so significant that simple PSNR-only (vertical) or LRR-only (horizontal) linear classifier can be used as well. Considering classification and clustering results and the distance from the SVM decision hyperplane to a corresponding entry of a particular attack, we took the decision of robustness and uniqueness tests. From Table 9, we see that UROI and DCTMSB approaches are highly robust and TBLK approach is moderately robust; while TROI-based scheme failed both robustness and uniqueness tests, and -DWT approach and VQ-based scheme failed robustness test. We found that TBLK and t-DWT approaches are highly sensitive to geometric attacks.

tab9
Table 9: Results and decisions for different approaches of the proposed MSB-based scheme and existing TROI-based [12] and VQ-based [13] schemes by the support vector machines (SVM) [27] and -means clustering algorithm [28].
875759.fig.006
Figure 6: SVM classification and -means clustering results by the UROI approach of the proposed MSB-based scheme. Note that the distance between support vectors by SVM [27] is and cluster 1 and cluster 2 are positive and negative clusters, respectively, by -means clustering algorithm [28]. Attack numbers 0–9 are referred using Table 3.
875759.fig.007
Figure 7: SVM classification and -means clustering results by the TBLK approach of the proposed MSB-based scheme. Note that the distance between support vectors by SVM [27] is and cluster 1 and cluster 2 are positive and negative clusters, respectively, by -means clustering algorithm [28]. Attack numbers 0–9 are referred using Table 3.
875759.fig.008
Figure 8: SVM classification and -means clustering results by the DCTMSB approach of the proposed MSB-based scheme. Note that the distance between support vectors by SVM [27] is and cluster 1 and cluster 2 are positive and negative clusters, respectively, by -means clustering algorithm [28]. Attack numbers 0–9 are referred using Table 3.
875759.fig.009
Figure 9: SVM classification and -means clustering results by the t-DWT (t = 4) approach of the proposed MSB-based scheme. Note that the distance between support vectors by SVM [27] is and cluster 1 and cluster 2 are positive and negative clusters, respectively, by -means clustering algorithm [28]. Attack numbers 0–9 are referred using Table 3.
875759.fig.0010
Figure 10: SVM classification and -means clustering results by the existing TROI-based scheme [12]. Note that the distance between support vectors by SVM [27] is and cluster 1 and cluster 2 are positive and negative clusters, respectively, by -means clustering algorithm [28]. Attack numbers 0–9 are referred using Table 3.
875759.fig.0011
Figure 11: SVM classification and -means clustering results by the existing VQ-based scheme [13]. Note that the distance between support vectors by SVM [27] is and cluster 1 and cluster 2 are positive and negative clusters, respectively, by -means clustering algorithm [28]. Attack numbers 0–9 are referred using Table 3.
5.4. Comparisons and Discussions

Table 10 presents comparisons among the different approaches of the proposed MSB-based scheme and the existing TROI-based [12] and VQ-based [13] schemes. The MSB-based scheme possesses transparency because it does not embed any information to the published image. UROI, TBLK, and DCTMSB approaches are robust, while t-DWT approach failed. In contrast, due to very low PSNR and LRR both TROI-based and VQ-based schemes are not robust and TROI-based scheme failed uniqueness test. The security of the MSB-based scheme is the same as the security of the digital signature and the digital timestamp. The classification and clustering results showed that UROI, TBLK, and DCTMSB approaches are unambiguous due to correctly classification by SVM with a large between the support vectors and no miss by -means, while t-DWT approach is ambiguous due to positive misclassification by both SVM and TROI. In contrast, the existing schemes are ambiguous because of high positive misclassifications. In our experiments, we also used the polynomial kernel for TROI-based and VQ-based schemes and found high misclassifications. The MSB-based scheme is not blind as the TTP finds whether images are disputable by comparing signatures calculated from them before taking the decision based on the timestamps. The TROI-based scheme is also not blind too; because as the published image does not contain any information, the original image must be used to find out the corresponding signature from the owner’s database. On the other hand, the VQ-based scheme is blind as it adds the signature with the image header before publishing. However, this signature addition not only increases the file size but also creates severe problem of losing copyright if an attacker removes the signature from the image header. The MSB-based scheme can handle multiple logos (multiple watermarking) like the existing schemes. An image may be signed using the same or different types of logos by the same owner.

tab10
Table 10: Comparisons of different approaches of the proposed scheme and existing schemes [12, 13].

The scheme by Lee and Chen [13] is publicly verifiable as it adds the signature with the image header. On the other hand, the ownership dispute is handled through the TTP by the MSB-based scheme. In TROI-based scheme, the owner keeps the security parameters secret himself. The existing schemes and t-DWT approach is not much robust as they offer low PSNR and LRR against stirMark attacks. However, t-DWT approach and VQ-based schemes showed high robustness to MSB attack, while UROI, TBLK, and DCTMSB approaches and TROI-based scheme showed moderate robustness. Any type and size of logos can be signed with an 8-bit gray-scale image by the MSB-based scheme, while the TROI-based and VQ-based schemes can sign only 8-bit gray-scale logos. The existing schemes are highly time consuming due to use of torus mapping and VQ encoding. In contrast, the MSB-based scheme is simple due to use of the MSB-plane; especially, the UROI approach is the simplest as it does not involve any transform domain operation. The proposed scheme also presents a comprehensive TTP management policy in order to secure the e-commerce.

6. Conclusions

This paper has proposed an MSB-based image copyright protection scheme, which relies on a TTP to offer the following advantages over the existing schemes: (i) any type and size of images and logos can be used; (ii) extremely low computational complexity, due to use of exclusive-OR operations for signature calculation, enables real time applications; (iii) robust to almost all kinds of attacks; (iv) the comprehensive TTP management policy ensures secure e-commerce.

The existing signature-based schemes that can sign images with multibit logos are not robust against geometric attacks and neither a linear nor a polynomial kernel of the SVM can classify them correctly. Among the approaches of the proposed MSB-based scheme, -DWT approach is the best against the newly proposed MSB attack and JPEG. Nevertheless, this approach fails to be correctly classified due to its weakness against geometric attacks. On the other hand, classifiers designed by the UROI, TBLK, and DCTMSB approaches are excellent in the sense that they offer no misclassification and simple PSNR-only or LRR-only classifier can be used.

References

  1. T. H. Chen, G. Horng, and W. B. Lee, “A publicly verifiable copyright-proving scheme resistant to malicious attacks,” IEEE Transactions on Industrial Electronics, vol. 52, no. 1, pp. 327–334, 2005. View at Publisher · View at Google Scholar · View at Scopus
  2. W. Stallings, Cryptography and Network Security: Principles and Practice, Prentice Hall, Englewood Cliffs, NJ, USA, 2nd edition, 1999.
  3. I. J. Cox, J. Kilian, F. T. Leighton, and T. Shamoon, “Secure spread spectrum watermarking for multimedia,” IEEE Transactions on Image Processing, vol. 6, no. 12, pp. 1673–1687, 1997. View at Scopus
  4. M. Kutter, F. Jordan, and F. Bossen, “Digital watermarking of color images using amplitude modulation,” Journal of Electronic Imaging, vol. 7, no. 2, pp. 326–332, 1998. View at Scopus
  5. R. K. Sharma and S. Decker, “Practical challenges for digital watermarking applications,” in Proceedings of the IEEE 4th Workshop on Multimedia Signal Processing, pp. 237–242, October 2001. View at Scopus
  6. I. J. Cox, M. L. Miller, and A. L. Mckellips, “Watermarking as communications with side information,” Proceedings of the IEEE, vol. 87, no. 7, pp. 1127–1141, 1999. View at Publisher · View at Google Scholar · View at Scopus
  7. M. Awrangjeb and M. S. Kankanhalli, “Reversible watermarking using a perceptual model,” Journal of Electronic Imaging, vol. 14, no. 1, Article ID 013014, pp. 1–8, 2005. View at Publisher · View at Google Scholar · View at Scopus
  8. S. Craver, N. Memon, B. L. Yeo, and M. M. Yeung, “Resolving rightful ownerships with invisible watermarking techniques: limitations, attacks, and implications,” IEEE Journal on Selected Areas in Communications, vol. 16, no. 4, pp. 573–586, 1998. View at Scopus
  9. K. Ratakonda, R. Dugad, and N. Ahuja, “Digital image watermarking: issues in resolving rightful ownership,” in Proceedings of the International Conference on Image Processing (ICIP '98), vol. 2, pp. 414–418, October 1998. View at Scopus
  10. C. I. Podilchuk and W. Zeng, “Image-adaptive watermarking using visual models,” IEEE Journal on Selected Areas in Communications, vol. 16, no. 4, pp. 525–539, 1998. View at Scopus
  11. M. Awrangjeb and G. Lu, “A robust content-based watermarking technique,” in Proceedings of the IEEE 10th Workshop on Multimedia Signal Processing (MMSP '08), pp. 713–718, Cairns, Australia, October 2008. View at Publisher · View at Google Scholar · View at Scopus
  12. C. C. Chang, K. F. Hwang, and M. S. Hwang, “Robust authentication scheme for protecting copyrights of images and graphics,” IEE Proceedings: Vision, Image and Signal Processing, vol. 149, no. 1, pp. 43–50, 2002. View at Publisher · View at Google Scholar · View at Scopus
  13. W. B. Lee and T. H. Chen, “A public verifiable copy protection technique for still images,” Journal of Systems and Software, vol. 62, no. 3, pp. 195–204, 2002. View at Publisher · View at Google Scholar · View at Scopus
  14. C. C. Chang, J. Y. Hsiao, and C. L. Chiang, “An image copyright protection scheme based on torus automorphism,” in Proceedings of the 1st International Symposium on Cyber Worlds, pp. 217–224, November 2002.
  15. C. C. Chang and J. C. Chuang, “An image intellectual property protection scheme for gray-level images using visual secret sharing strategy,” Pattern Recognition Letters, vol. 23, no. 8, pp. 931–941, 2002. View at Publisher · View at Google Scholar · View at Scopus
  16. H. Quan and S. Guangchuan, “A semi-blind robust watermarking for digital images,” in Proceedings of the IEEE International Conference on Accoustics, Speech, and Signal Processing, vol. 2, pp. 541–544, April 2003. View at Scopus
  17. C. Y. Lin and S. F. Chang, “A robust image authentication method distinguishing JPEG compression from malicious manipulation,” IEEE Transactions on Circuits and Systems for Video Technology, vol. 11, no. 2, pp. 153–168, 2001. View at Publisher · View at Google Scholar · View at Scopus
  18. C. S. Lu and H. Y. M. Liao, “Structural digital signature for image authentication: an incidental distortion resistant scheme,” IEEE Transactions on Multimedia, vol. 5, no. 2, pp. 161–173, 2003. View at Publisher · View at Google Scholar · View at Scopus
  19. S. Katzenbeisser, “On the design of copyright protection protocols for multimedia distribution using symmetric and public-key watermarking,” in Proceedings of the 12th International Workshop on Database and Expert Systems Applications, pp. 815–819, 2001.
  20. B. Macq, J. Dittmann, and E. J. Delp, “Benchmarking of image watermarking algorithms for digital rights management,” Proceedings of the IEEE, vol. 92, no. 6, pp. 971–983, 2004. View at Publisher · View at Google Scholar · View at Scopus
  21. M. Awrangjeb and M. Murshed, “Robust signature-based geometric invariant copyright protection,” in Proceedings of the IEEE International Conference on Image Processing (ICIP '06), pp. 1961–1964, Atlanta, Ga, USA, October 2006. View at Publisher · View at Google Scholar · View at Scopus
  22. Free Foto.com, 2005, http://www.freefoto.com.
  23. “Photo database,” 2005, http://www.petitcolas.net/fabien/watermarking/image_database/.
  24. F. A. P. Petitcolas, “Watermarking schemes evaluation,” IEEE Signal Processing Magazine, vol. 17, no. 5, pp. 58–64, 2000. View at Publisher · View at Google Scholar · View at Scopus
  25. M. Awrangjeb, G. Lu, and M. Murshed, “Global geometric distortion correction in images,” in Proceedings of the IEEE 8th Workshop on Multimedia Signal Processing (MMSP '06), pp. 435–440, Victoria, Canada, October 2006. View at Publisher · View at Google Scholar · View at Scopus
  26. M. Awrangjeb and G. Lu, “A robust corner matching technique,” in Proceedings of the IEEE International Conference onMultimedia and Expo (ICME '07), pp. 1483–1486, Beijing, China, July 2007. View at Scopus
  27. N. Cristianini and J. S. Taylor, An Introduction to Support Vector Machines and other Kernel-Based Learning Methods, Cambridge University Press, New York, NY, USA, 1st edition, 2000.
  28. G. A. F. Seber, Multivariate Observations, Wiley, New York, NY, USA, 1984.