How to Define a Source?

How to Define a Source?

https://doi.org/10.2352/ISSN.2470-1173.2018.07.MWSF-318 © 2018, Society for Imaging Science and Technology Steganalysis into the Wild: How to Define a Source? Quentin Gibouloto, Rémi Cogranneo and Patrick Bas∗. o Lab. of System Modelling and Dependability, ROSAS Dept., ICD, UMR 6281 CNRS, Troyes University of Technology, France. ∗ CNRS, École Centrale de Lille, University of Lille, CRIStAL Lab. , France. Abstract images come from many different camera models with a It is now well known that practical steganalysis using possible wide range of acquisition setups (e.g. different machine learning techniques can be strongly biased by the sensors, different ISO sensitivity or ISO speed, ...) and are problem of Cover Source Mismatch. Such a phenomenon subject to different processing pipelines. usually occurs in machine learning when the training and This paper shows how these discrepancies impact on the testing sets are drawn from different sources, i.e. when the phenomenon of cover-source mismatch (CSM) which they do not share the same statistical properties. In the can be loosely defined by the fact that if the training and field of steganalysis however, due to the small power of the testing sets do not come from the same source, steganalysis signal targeted by steganalysis methods, it can drastically then undergoes a strong loss in accuracy. lower their performance. To the best of our knowledge, very few works (see This paper aims to define through practical experi- for instances [2, 14, 11, 12]) have tried to characterize the ments what is a source in steganalysis. By assuming sources of the CSM, quantify their impact and address it. that two cover datasets coming from a common source Note that those works mostly focus on the image acquisi- should provide comparable performances in steganalysis, it tion settings such as the camera model and the ISO sensi- is shown that the definition of a source is more related tivity. A notable prior work, however, is [21] in which the with the processing pipeline of the RAW images than with authors show that for spatial domain image steganography, the sensor or the acquisition setup of the pictures. In or- cropping or resizing significantly changes the performance der to measure the discrepancy between sources, this pa- of steganalysis methods. Although CSM has only been per introduces the concept of consistency between sources, studied in a handful of prior works, this problem is funda- that quantifies how much two sources are subject to Cover mental to address the larger problem of real-life scenarios, Source Mismatch. We show that by adopting "training de- as already acknowledged in [10], and will be beneficial both sign", we can increase the consistency between the training for the steganalyst and the steganographer. The former set and the testing set. To measure how much image pro- must understand which acquisition or processing parame- cessing operation may help the steganographers this paper ters have the largest impacts on classification accuracy, the also introduces the intrinsic difficulty of a source. latter must understand those parameters to choose images It is observed that some processes such as JPEG quan- for which the hidden message will be harder to detect. tization tables or the development pipeline can dramatically increase or decrease the performance of steganalysis meth- ods and that other parameters such as the ISO sensitivity Contents of the Paper or the sensor model have minor impact on the performance. We recall first the outline of the paper: • Section “Experimental Setup” defines the classifica- Introduction tion setup and the studied parameter that can possi- bly impact the mismatch. The security of steganography algorithms as well as • Section “Steganalysis on Real-Life Image Bases” mo- the benchmark of steganalysis schemes is usually evalu- tivates our study by presenting steganalysis results on ated on the well-known BOSSBase [1] generated following databases coming from different sensors, at different a unique processing pipeline. This setting has indisputable resolutions, or at different ISO sensitivity. advantages for both steganography – allowing the compari- • Section “Training Design” studies the impact of dif- son between steganographic schemes, choosing parameters ferent parameters such as the JPEG Quality Factor, of embedding scheme to maximize efficiency [16] – and ste- the camera sensor, the processing software, processing ganalysis – designing of features sets [6, 17] and study- algorithms, ISO Sensitivity or possible color adjust- ing the impact of several parameters on detectability [21]. ments. However, this methodology that uses the same dataset, • Section “Co-occurrence Analysis of Different Devel- with limited diversity, and that processes all raw images opment Settings” attempts to give a statistical ra- using exactly the same processing pipeline has several im- tional on the problem of CSM by looking at the co- portant limitations. Indeed, such an experimental frame- occurence of neighboring pixels after distinct develop- work seems quite far from a real-life environment where ment pipelines. IS&T International Symposium on Electronic Imaging 2018 1 Media Watermarking, Security, and Forensics 2018 318-1 • Finally section “Conclusion” lists the parameters that Dataset # Camera Model Fixed Dimension ISO have either minor or major impacts on the mismatch. 1 Nikon D90 — — 2 Nikon D90 — 200 3 Nikon D90 4288 × 2848 200 4 — 5184 × 3456 — Experimental Setup 5 — — 500 6 — — 1600 Table 1. Summary of selected subset of the FlickRBase. Every Throughout this paper we follow a classic supervised database also had a Quality Factor (QF) fixed to 99 classification setting, composed of training and testing sets where each cover image is paired with its stego-image. Note that the probability of error is measured using the Both training and testing set are composed of 5000 random most used minimal total probability of error under equal images from their corresponding image base. More specif- priors PE = min(PFA + PMD)/2. ically we use the low complexity linear classifier defined in [4] with five fold cross-validation to estimate the regular- ization parameter. We choose this classifier over the well- known ensemble [13] for its low computational costs which Steganalysis on Real-Life Image Bases allows us to speed up the classification without – accord- ing to the results given in [4,3] – loosing in terms of ste- To understand the necessity of a finer characterization ganalysis accuracy. Experiments are conducted on images of the CSM phenomenon, one must first confront classical compressed using the JPEG standard and two well-known steganalysis techniques to real life databases, that is image embedding schemes have been used, namely NSF5 [7] a bases which have the following properties : rather old non-adaptive steganographic algorithm, and the 1. They contain images with numerous different acquisi- content-adaptive scheme J-UNIWARD [9]. For feature ex- tion parameters (sensors, ISO, exposition, etc. ). traction, the DCTR [8] algorithm has been used. 2. Each image has potentially followed a specific process- ing pipeline (specific compression parameters, pro- Measure of Cover-Source Mismatch cessing steps, image editing software, etc. ). To be able to quantify the impact of Cover-Source Mis- 3. The processing history is a priori unknown. match (CSM), one first needs a definition of a source. We will define a priori a source as two sets of parameters used To that end, we used the FlickRBase [20] which con- to generate a natural image : tains 1.3 millions images downloaded from FlickR in their original quality (this ensures that no further compression Acquisition parameters This encompasses all parame- was applied after uploading, which would normalize the ters fixed during the acquisition of the raw image by a image base). Acquisition parameters were associated to camera, e.g. camera model, ISO, sensor size, etc. each image using their EXIF data1. Processing parameters This encompasses the whole From this image base, we constructed several processing pipeline after the image has been taken, databases consisting of 10 000 images with one or more e.g. demosaicing algorithms, resampling, cropping, fixed acquisition parameters, they are summarized in Table processing software, JPEG compression, etc. 1. Images were then losslessly center-cropped to get images of size 512 × 512 using the command jpegtran2, to ensure We will refine those definitions in Section "Training that the 8×8 block structure of jpeg files is preserved. Each Design" to the sole parameters which have an impact on base was then classified with the methodology exposed in steganalysis accuracy. the previous Section, images being embedded using NSF5 Once a source has been defined, two important prop- with payload 0.1 bpnzac. Some results obtained with a erties related to the image bases must be introduced: few fixed parameters are presented in Table 2. Note that, for readability, only a handful of results are presented here; • The probability of error given that the training and very similar results were obtained with much more datasets testing sets both come from the same source, this is with various sets of fixed parameters (camera model, ISO defined as the intrinsic difficulty of the image base. sensitivity, shutter speed, sensor size, aperture, etc. ). We can immediately observe that the intrinsic diffi- The steganographer will for example seek for sources 3 with the highest intrinsic difficulty. culty is far from the BOSSbase baseline despite fixing sev- • The probability of error given that the training and eral acquisition parameters usually associated to the causes testing sets each comes from a different source, this 1Yahoo Flickr Creative Commons 100M (YFCC100M) is is defined as the inconsistency, or source mismatch, available freely at https://webscope.sandbox.yahoo.com; note between training and testing sets. A high inconsis- that this dataset is hosted on the Amazon Web Services plat- tency inducing an important mismatch between the form, which requires a free Amazon Web Services login for ac- cess.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    12 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us