2020 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress Chain-of-Evidence in Secured Surveillance Videos using Steganography and Hashing Nadia Kanwal Mamoona Naveed Asghar Mohammad Samar Ansari Software Research Institute Software Research Institute Software Research Institute Athlone Institute of Technology Athlone Institute of Technology Athlone Institute of Technology Athlone, Ireland Athlone, Ireland Athlone, Ireland [email protected] [email protected] [email protected] Lahore College for Women University The Islamia University Alighar Muslim University Lahore, Pakistan Bahawalpur, Pakistan Aligarh, India [email protected] Brian Lee Martin Fleury Marco Herbst Yuansong Qiao Software Research Institute School of EAST Evercam Ltd. Software Research Institute Athlone Institute of Technology University of Suffolk Dublin, Ireland Athlone Institute of Technology Athlone, Ireland Ipswich, UK [email protected] Athlone, Ireland [email protected] fl[email protected] [email protected] Abstract—Video sharing from closed-circuit television video They potentially help law enforcement agencies to utilize recording or in social media interaction requires self- the resulting video recordings as proof of a crime or illicit authentication for responsible and reliable data sharing. Sim- ilarly, surveillance video recording is a powerful method of activity. However, due to equally rapid advances in the deterring unlawful activities. A Solution-by-Design can be field of image processing, surveillance data can be easily helpful in terms of making a captured video immutable, as such tampered with. Examples include [2]: regional alteration of recordings cannot become a piece of evidence until proven to be intra-frames, through cut-and-paste; and inter-frame forgery, unaltered. This paper presents a computationally inexpensive by the insertion of video frames. Furthermore, transmission method of preserving a chain-of-evidence in surveillance videos using steganography and hashing. The method conforms to the errors also contribute to the alteration of videos, if they data protection regulations which are increasingly adopted by are not suitably protected with forward error correction governments, and is applicable to network edge storage. Secu- and the like. Consequently, such recordings are not directly rity credentials are stored in a hardware wallet independently admissible in a court of law as evidence until they are proven of the video capture device itself, while evidential information to be authentic through forensic analysis [3]. Unfortunately, is stored within video frames themselves, independently of the content. The proposed method has turned out to not applying forensic analysis is not cheap in terms of time and only preserve the integrity of the stored video data but expense. Thus, an important objective for a Closed Circuit also results in very limited degradation of the video data TeleVision (CCTV) systems is that it should provide a chain- due to steganography. Despite the presence of steganographic of-evidence, according to stated rules, so that the videos can information, video frames are still available for common image prove themselves to be an authentic piece of information, processing tasks such as tracking and classification. avoiding or reducing the need for forensic analysis. Keywords-Video Security, Video Surveillance, Steganogra- A further driver towards self-authentication is the need phy, Hashing, Information Sharing for storage and analysis of huge amounts of multimedia I. INTRODUCTION data, which has propelled companies towards cloud storage for efficient access [4]. However, following on from the It is no longer the case that only special places are European Union’s ratification of the General Data Protection kept under surveillance for security and safety purposes. Regulation (GDPR) in May 2018 (and other similar data Surveillance is rapidly becoming a requirement for almost privacy regulations in other countries), cloud storage may be every house, office, and public place, when smart tracking also be unacceptable, due to the potential for unauthorized can be applied [1]. This development is fuelled by the avail- access to video data by third parties. GDPR focuses on ability of low-cost and small-sized surveillance cameras. reversible data protection [5] via encryption [6] as a data- This paper is part of the Marie Skłodowska-Curie Career-FIT Postdoc protection safeguard, which is also employed herein. This Fellowship programme under project ID: MF-2018-0058 funded by the paper presents a multifaceted solution to the problem of European Union’s Horizon2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No. 713654 and Science self-authentication and the requirements of data protection Foundation Ireland (SFI) under Grant Number SFI 16/RC/3918 and the regulations (e.g. GDPR) in respect to storage. The proposed European Regional Development Fund. solution works as follows: 978-1-7281-6609-4/20/$31.00 ©2020 IEEE 263 DOI 10.1109/DASC-PICom-CBDCom-CyberSciTech49142.2020.00053 • Captured video data are protected by calculating their Hashing functions, also referred to as message digest hash. functions, work by extracting a fixed-length bit string from • Secondly, these hashes are stored inside video frames a given message (text, image, video). Such functions have as hidden information. found varied applications in database search and compilers • Thirdly, every frame holds the hash of its previous two as well as in cryptography. Over the recent past, there has frames and, therefore, creates a chain-of-evidence. been significant interest in employing hash functions in mul- • Lastly, all this data are encrypted and stored on the timedia applications for both indexing and security. A salient network edge. feature of most cryptographic hashing algorithms such as • To further enhance the security, encryption keys are Message Digest 5 (MD5) and Secure Hash Algorithm 1 stored in a hardware wallet, separately from the device (SHA-1) is that they are overly sensitive to the contents of holding the actual video. the message. Altering even a single bit of the input changes The power of the proposed method is that it hides the the output hash completely. However, multimedia data such evidential data inside the video frames themselves, with- as digital images go through various manipulations such as out affecting the image content. Furthermore, the proposed cropping, scaling, enhancement, and compression. method makes it easier to maintain, synchronize, and prevent An image hash function therefore takes into account the loss of, evidence. Such a record of the chain-of-evidence is changes in the visual domain and produces hashes based desirable not only in the case of surveillance videos, but the on the overall visual appearance. Such a hash function same could also be very useful in ascertaining the originality is useful in identifying images in databases, in which and authenticity of videos uploaded to social media sites, the image possibly undergoes incidental changes (such as and could also be used for the identification of fake news format changes, compression, scanning, signal processing videos. operations or watermarking). Another application of image hashing is in robust image authentication wherein the hash II. BACKGROUND remains invariant under perceptually minimal alterations to As is well known, steganography refers to the hiding of the image, but detects malicious tampering of image data. information (text, audio, image, video) in another carrier The SHA256 hashing algorithm has been used in this work media (usually referred to as the ’cover’). There are four [20]. essential properties of a good steganographic system, viz. imperceptibility, security, information hiding capacity, and III. METHODOLOGY robustness. There have been several different approaches to achieve the goal of information hiding in the cover In order to create a chain-of-evidence using hashes, a media. The simplest approach works by manipulating the salted hash is first created by concatenating half of the bytes Least Significant Bits (LSB) of the three color channels of the hashes of the previous two video frames. Therefore, (RGB), in light of the fact that the LSBs carry very minimal each frame will store: a salted hash of data from the previous information. This spatial approach ensures that the overall two frames (256 bits); and other optional data such as the visual aesthetic of the image is not altered. Initial works in camera identity; the date and time of video capture; and LSB steganography concentrate on designing the system to the Global Positioning System (GPS) location. We call this increase the payload capacity by utilizing most of the cover information the evidential data. Subsequently, the frame’s image pixels [7]–[15]. However, steganalysis techniques own hash (256 bits), after the insertion of the evidential soon became strong enough to break such systems using data, is calculated and inserted. The size of the data to be statistical analysis. Therefore, sophisticated robust LSB tech- stored becomes 512 bits per frame considering salted hash niques based cryptography-steganography which can evade and current hash as evidential data. such steganalysis attacks were developed to identify the In fact, various ways exist to store such data, including: a regular