The additive attack public mutual information game is explicitly
solved for one of the simplest quantization based watermarking schemes, the scalar Costa scheme (SCS). It is a zero-sum game played
between the embedder and the attacker, and the payoff function is the
mutual information. The solution of the game, a subgame perfect nash
equilibrium, is found by backward induction. Therefore, the
Blahut-Arimoto algorithm is employed for numerically optimizing the
mutual information over noise distributions. Although the worst case
distribution is in general strongly non-Gaussian, the capacity
degradation compared to a suboptimal Gaussian noise attack is quite
small. The loss, if the embedder optimizes SCS for a Gaussian attack
but the worst case attack is employed, is negligible.
Universal blind steganalysis attempts to detect steganographic data
without knowledge about the applied steganographic system. Farid
proposed such a detection algorithm based on higher-order statistics
for separating original images from stego images. His method shows
an astonishing performance on current steganographic schemes. Starting from the statistical approach in Farid's algorithm, we
investigate the well known steganographic tool Jsteg as well as a newer approach proposed by Eggers et al., which relies on histogram-preserving data mapping. Both schemes show weaknesses leading to a certain detectability. Further analysis shows which statistic characteristics make both schemes vulnerable. Based on these results, the histogram preserving approach is enhanced such that it achieves perfect security with respect to Farid's algorithm.
Blind spread-spectrum watermarking schemes with correlation based detection algorithms suffer significantly from host signal interference. Improvements are possible when considering the host signal as side-information to the watermark encoder. Costa showed that, in a specific case, host signal interference can be avoided completely. The scalar Costa scheme, which operates on structured codebooks based on scalar quantizers, performs relatively close to the ideal Costa scheme in terms of maximum rate of reliable communication (capacity) over a channel with AWGN attack. The concept of amplitude limited channels in conjunction with repetition of the signal constellation is also known in the communications community by the name modulo channel, which has been studied into great detail. Starting from the modulo channel, which implies a constraint on the amplitude in the receiver, we model the watermarking scenario based on scalar quantizers. The capacity of this model is presented and compared to the theoretical results for SCS watermarking in the case of AWGN attacks. A final analysis of SCS in terms of optimality, based on the results with the modulo channel, shows that even binary SCS is near optimum for one-dimensional (symbol-by-symbol) embedding in terms of capacity
for an i.i.d. Gaussian host signal and an appropriate AWGN attack.
New blind digital watermarking schemes that are optimized for additive white Gaussian noise (AWGN) attacks have been developed by several research groups within the last two years. Currently, the most efficient schemes, e.g., the scalar Costa scheme (SCS), involve scalar quantization of the host signal during watermarking embedding and watermark reception. Reliable watermark reception for these schemes is vulnerable to amplitude modification of the attacked host signal. In this paper, a method for the estimation of possible amplitude modifications before SCS watermark detection is proposed. The estimation is based on a securely embedded SCS pilot watermark. We focus on linear amplitude modifications, but investigate also the extension to nonlinear amplitude modifications. Further, the superiority of our proposal over an estimation method based on a spread-spectrum pilot watermark is demonstrated.
One of the most important practical problems of blind Digital Watermarking is the resistance against desynchronization attacks, one of which is the Stirmark random bending attack in the case of image watermarking. Recently, new blind digital watermarking schemes have been proposed which do not suffer from host-signal interference. One of these quantization based watermarking scheme is the Scalar Costa Scheme (SCS). We present an attack channel for SCS which tries to model typical artefacts of local desynchronization. Within the given channel model, the maximum achievable watermark rate for imperfectly synchronized watermark detection is computed. We show that imperfect synchronization leads to inter-sample-interference by other signal samples, independent from the considered watermark technology. We observe that the characteristics of the host signal play a major role in the performance of imperfectly synchronized watermark detection. Applying these results, we propose a resynchronization method based on a securely embedded pilot signal. The watermark receiver exploits the embedded pilot watermark signal to estimate the transformation of the sampling grid. This estimate is used to invert the desynchronization attack before applying standard SCS watermark detection. Experimental results for the achieved bit error rate of SCS watermark detection confirm the usefulness of the proposed resynchronization algorithm.
Steganography is the art of communicating a message by embedding it into multimedia data. It is desired to maximize the amount of hidden information (embedding rate) while preserving security against detection by unauthorized parties. An appropriate information-theoretic model for steganography has been proposed by Cachin. A steganographic system is perfectly secure when the statistics of the cover data and the stego data are identical, which means that the relative entropy between the cover data and the stego data is zero. For image data, another constraint is that the stego data must look like a typical image. A tractable objective measure for this property is the (weighted) mean squared error between the cover image and the stego image (embedding distortion). Two different schemes are investigated. The first one is derived from a blind watermarking scheme. The second scheme is designed specifically for steganography such that perfect security is achieved, which means that the relative entropy between cover data and stego data tends to zero. In this case, a noiseless communication channel is assumed. Both schemes store the stego image in the popular JPEG format. The performance of the schemes is compared with respect to security, embedding distortion and embedding rate.