Higher-order, adversary-aware, double JPEG-detection via selected training on attacked samples

Bami, Mauro; Nowroozi, Ehsan; Tondi, Benedetta

doi:10.23919/eusipco.2017.8081213

Cited by 31 publications

(32 citation statements)

References 19 publications

(31 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Future works will be devoted to study fusion techniques to make the most out of each network in a mixed aligned and non-aligned DJPEG case. Moreover, it would be interesting to extend the approach derived in [37] for SVM classifiers, exploiting the idea that robustness to heterogeneous processing and anti-forensics attacks can be recovered by training an adversary-aware version of the classifier.…”

Section: Discussionmentioning

confidence: 99%

Aligned and non-aligned double JPEG detection using convolutional neural networks

Barni

Bondi

Bonettini

et al. 2017

Journal of Visual Communication and Image Representation

180

129

View full text Add to dashboard Cite

Due to the wide diffusion of JPEG coding standard, the image forensic community has devoted significant attention to the development of double JPEG (DJPEG) compression detectors through the years. The ability of detecting whether an image has been compressed twice provides paramount information toward image authenticity assessment. Given the trend recently gained by convolutional neural networks (CNN) in many computer vision tasks, in this paper we propose to use CNNs for aligned and non-aligned double JPEG compression detection. In particular, we explore the capability of CNNs to capture DJPEG artifacts directly from images. Results show that the proposed CNN-based detectors achieve good performance even with small size images (i.e., 64 Ã\u97 64), outperforming state-of-the-art solutions, especially in the non-aligned case. Besides, good results are also achieved in the commonly-recognized challenging case in which the first quality factor is larger than the second one

show abstract

Section: Discussionmentioning

confidence: 99%

Aligned and non-aligned double JPEG detection using convolutional neural networks

Barni

Bondi

Bonettini

et al. 2017

Journal of Visual Communication and Image Representation

180

129

View full text Add to dashboard Cite

show abstract

“…In the first category, the analyst thought to be aware of the CF method the system is subject to and tries to develop a new algorithm to reveal the attack by looking at specific traces left by the tool. For instance, Barni et al (2017) proposed a detector based on a support-vector-machine (SVM) that fed with a large number of features to identify the traces left by D-JPEG in the presence of attacks. With the advent of DL architectures, adversary-aware training has been widely used to improve DL models' robustness to adversarial examples ( Goodfellow et al, 2014b ).…”

Section: Rq3: What Methods Are Available To Improve the Security Of Mmentioning

confidence: 99%

“…While with the advent of adversarial attacks, various techniques have newly been developed in image forensics to defend versus adversarial attacks. Barni et al (2017) proposed a secure method to react against different post-processing by retraining unaware classifiers with the most powerful attacks (MPAs). Therefore, by understanding most CF attacks, the analyst can be developed a secure system to react against the most powerful CFs.…”

Section: Rq2: How Anti-cf Techniques Can Improve the Security Of ML Amentioning

confidence: 99%

A survey of machine learning techniques in adversarial image forensics

Nowroozi¹,

Dehghantanha²,

Parizi³

et al. 2021

Computers & Security

Self Cite

View full text Add to dashboard Cite

Image forensic plays a crucial role in both criminal investigations (e.g., dissemination of fake images to spread racial hate or false narratives about specific ethnicity groups or political campaigns) and civil litigation (e.g., defamation). Increasingly, machine learning approaches are also utilized in image forensics. However, there are also a number of limitations and vulnerabilities associated with machine learning-based approaches (e.g., how to detect adversarial (image) examples), and there are associated real-world consequences (e.g., inadmissible evidence, or wrongful conviction). Therefore, with a focus on image forensics, this paper surveys techniques that can be used to enhance the robustness of machine learning-based binary manipulation detectors in various adversarial scenarios.

show abstract

“…The proposed counter forensic technique is also effective in hiding the artifacts generated due to enhancement in both spatial and DCT domain. DCT domain features CC-PEV [28] used along with spatial domain features SPAM [29], [30] has detection accuracy of 95.97% as shown in Table 3. However, it can be observed that accuracy of the detector based on fused features reduces to 63.93% from 95.97%.…”

Section: B: Joint Spatial and Dct Domain Based Detectormentioning

confidence: 99%

“…SPAM and SRM features detect manipulations done in spatial domain whereas CC-PEV analyzes DCT domain for traces of tampering. Combining features from spatial and DCT domain [29], [30] gives more robust detector which can detect image manipulation in either domain.…”

Section: Introductionmentioning

confidence: 99%

Joint Spatial and Discrete Cosine Transform Domain-Based Counter Forensics for Adaptive Contrast Enhancement

2019

View full text Add to dashboard Cite

Contrast enhancement (CE) is a common post-processing step in image forgery to create visually convincing tampered images. However, the artifacts embedded during this process can be captured to determine the presence of CE. To overcome these artifacts, we propose a novel counter-forensic technique using adaptive CE as an enhancement operation, whereas previous works only deal with global CE. We derive an optimization formulation, which enhances the attacked image using the L2 distance in both the spatial and DCT domains. The proposed algorithm suppresses the detectable artifacts, thereby reducing the CE detection performance. Furthermore, the formulation also preserves natural spatial statistics using Huber Markov random field. A major advantage of working jointly in both the domains is that the complementary information can be leveraged while suppressing the artifacts in both the domains. We evaluate the proposed method using various visual quality metrics and against the state-of-the-art CE detectors. In our experiments, we observe a reduction of more than 17% in accuracy for a false positive rate of 1% for deep learning as well as steganalysis-DCT feature-based detectors. We also show that the proposed model generates high visual quality images.

show abstract

Higher-order, adversary-aware, double JPEG-detection via selected training on attacked samples

Cited by 31 publications

References 19 publications

Aligned and non-aligned double JPEG detection using convolutional neural networks

Aligned and non-aligned double JPEG detection using convolutional neural networks

A survey of machine learning techniques in adversarial image forensics

Joint Spatial and Discrete Cosine Transform Domain-Based Counter Forensics for Adaptive Contrast Enhancement

Contact Info

Product

Resources

About