Abstract:In this paper, we investigate the effect of pretraining CNNs on Ima-geNet on their performance when refined for steganalysis of digital images. In many cases, it seems that just 'seeing' a large number of images helps with the convergence of the network during the refinement no matter what the pretraining task is. To achieve the best performance, the pretraining task should be related to steganalysis, even if it is done on a completely mismatched cover and stego datasets. Furthermore, the pretraining does not … Show more
“…The second detector we use, in order to verify that our method does not introduce detectable artifacts in the pixel domain, is the JIN-SRNet [8] -SRNet [5] pre-trained on ImageNet embedded with J-UNIWARD. Since pre-training of both detectors is executed on color images, they expect three-channel inputs.…”
In this work we aim to design a steganographic scheme undetectable by the Reverse JPEG Compatibility Attack (RJCA). The RJCA, while only effective for JPEG images compressed with quality factors 99 and 100, was shown to work mainly due to change in variance of the rounding errors after decompression of the DCT coefficients, which is induced by embedding changes incompatible with the JPEG format. One remedy to preserve the aforementioned format is utilizing during the embedding the rounding errors created during the JPEG compression, but no steganographic method is known to be resilient to RJCA without this knowledge. Inspecting the effect of embedding changes on both variance and mean of decompression rounding errors, we propose a steganographic method allowing resistance against RJCA without any side-information. To reach this goal, we propose a distortion metric making all embedding changes within a DCT block dependent, resulting in a lattice-based embedding. Then it turns out it is enough to cleverly pick the side of the (binary) embedding changes through inspection of their effect on the variance of decompression rounding errors and simply use constant costs in order to enforce their sparsity across DCT blocks. To increase security against detectors in the spatial (pixel) domain, we show an easy way of combining the proposed methodology with steganography designed for spatial domain security, further improving the undetectability for quality factor 99. The improvements over existing non-informed steganography are up to 40% in terms of detector's accuracy.
CCS CONCEPTS• Security and privacy; • Computing methodologies → Image compression;
“…The second detector we use, in order to verify that our method does not introduce detectable artifacts in the pixel domain, is the JIN-SRNet [8] -SRNet [5] pre-trained on ImageNet embedded with J-UNIWARD. Since pre-training of both detectors is executed on color images, they expect three-channel inputs.…”
In this work we aim to design a steganographic scheme undetectable by the Reverse JPEG Compatibility Attack (RJCA). The RJCA, while only effective for JPEG images compressed with quality factors 99 and 100, was shown to work mainly due to change in variance of the rounding errors after decompression of the DCT coefficients, which is induced by embedding changes incompatible with the JPEG format. One remedy to preserve the aforementioned format is utilizing during the embedding the rounding errors created during the JPEG compression, but no steganographic method is known to be resilient to RJCA without this knowledge. Inspecting the effect of embedding changes on both variance and mean of decompression rounding errors, we propose a steganographic method allowing resistance against RJCA without any side-information. To reach this goal, we propose a distortion metric making all embedding changes within a DCT block dependent, resulting in a lattice-based embedding. Then it turns out it is enough to cleverly pick the side of the (binary) embedding changes through inspection of their effect on the variance of decompression rounding errors and simply use constant costs in order to enforce their sparsity across DCT blocks. To increase security against detectors in the spatial (pixel) domain, we show an easy way of combining the proposed methodology with steganography designed for spatial domain security, further improving the undetectability for quality factor 99. The improvements over existing non-informed steganography are up to 40% in terms of detector's accuracy.
CCS CONCEPTS• Security and privacy; • Computing methodologies → Image compression;
“…Despite the emergence of the latest types of CNN for the tasks of DI stegoanalysis, the operational accuracy of steganography detectors based on them significantly depends on the presence of a priori data on the used steganographic method and statistical parameters of the examined images [26,27,33]. That predetermines the relevance of the task of devising high-precision methods for DI stegoanalysis, capable of ensuring high accuracy of steganogram detection under conditions of the limited a priori data on the used steganographic method and a significant variation in the parameters of the examined images while maintaining relatively low computational complexity of adjustment.…”
Section: ↓ ( )mentioning
confidence: 99%
“…To tackle this issue, a number of methods were proposed aimed at using pre-configured CNN [33], an ensemble of several artificial neural networks [3,34], special types of layers of artificial neurons [30], and so on. These methods are aimed at overcoming only certain limitations of existing CNN for the tasks of DI stegoanalysis, in particular, increasing the accuracy of work on new image packages, reducing the computational complexity of SD configuration methods, etc.…”
This paper reports a comparative analysis of accuracy in the detection of steganograms formed according to adaptive steganographic methods, using steganography detectors based on common and specialized types of artificial neural networks. The results of the review of modern convolutional neural networks applied for the tasks of digital image stegoanalysis have established that the accuracy of operating the steganography detectors based on these networks is significantly compromised when processing image packets characterized by a significant variability of statistical parameters.
The performance accuracy of steganography detectors based on the modern statistical model of container images maxSRMd2 has been investigated, as well as on the latest convolutional and «hybrid» artificial neural networks, in particular, GB-Ras and ASSAF networks, when detecting steganograms formed according to the adaptive steganographic methods HUGO and MiPOD. It was established that the use of the statistical model maxSRMd2 makes it possible to significantly (up to 30 %) improve the accuracy of steganogram detection in the case of analyzing those images that are characterized by a high level of natural noise. It was found that the use of the ASSAF network makes it possible to significantly (up to 35 %) reduce an error of steganogram detection compared to current steganography detectors based on the GB-Ras network and the maxSRMd2 statistical model. It was determined that the high accuracy of the ASSAF network-based steganography detector is maintained even in the most difficult case of image processing with high noise and poor filling of the container image with stegodata (less than 10 %).
The results reported here are of theoretical interest for designing high-precision steganography detectors capable of working under conditions of high variability in image parameters.
“…EfN B4 and Xu2 were modied by removing the average pooling and strides from the rst two layers as described in [25]. All network detectors are pre-trained on ImageNet, SRNet was pre-trained on a binary task of steganalyzing J-UNIWARD [9] (the so-called JIN pre-training exactly as described in [3]), while the other networks were pre-trained on the ImageNet classication task. 5 Steganalysis training on HILL / MiPOD is done with relative payloads randomly drawn from the uniform distribution on the set of relative payloads P = {0.05, 0.1, 0.2, .…”
We study the problem of batch steganography when the senders use feedback from a steganography detector. This brings an additional level of complexity to the table due to the highly non-linear and non-Gaussian response of modern steganalysis detectors as well as the necessity to study the impact of the inevitable mismatch between senders' and Warden's detectors. Two payload spreaders are considered based on the oracle generating possible cover images. Three dierent pooling strategies are devised and studied for a more comprehensive assessment of security. Substantial security gains are observed with respect to previous art -the detector-agnostic image-merging sender. Close attention is paid to the impact of the information available to the Warden on security.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.