Cancellable Biometrics for On-line Signature Recognition

With the widespread diffusion of biometrics-based recognition systems, there is an increasing awareness of the risks associated with the use of biometric data. Significant efforts are therefore being dedicated to the design of algorithms and architectures able to secure the biometric characteristics, and to guarantee the necessary privacy to their owners. In this work we discuss a protected on-line signature-based biometric recognition system, where the considered biometrics are secured by applying a set of non-invertible transformations, thus generating modified templates from which retrieving the original information is computationally as hard as random guessing it. The advantages of using a protection method based on non-invertible transforms are exploited by presenting three different strategies for the matching of the transformed templates, and by proposing a multi-biometrics approach based on score-level fusion to improve the performances of the considered system. The reported experimental results, evaluated on the public MCYT signature database, show that the achievable recognition rates are only slightly affected by the proposed protection scheme, which is able to guarantee the desired security and renewability for the considered biometrics.

Unexpected Artifacts in a Digital Photograph

This chapter investigates an unexpected phenomenon observed in a recent digital photograph, in which the logo of a non-sponsoring sports company appears on the jersey of a famous football player in just one of a sequence of images. After eliminating deliberate image tampering as a cause, a hypothetical sequence of circumstances is proposed, concerning the lighting, dominant colours, infrared sensitivity, optical pre-processing, image enhancement and JPEG compression. The hypotheses are tested using a digital SLR camera. The investigation is of interest in a forensic context, firstly as a possible explanation in case such a photograph is observed, and secondly to be able to confirm or refute claims of such artifacts put forward claiming that a hypothetical image is not really what it claims to be.

Evidentiary Implications of Potential Security Weaknesses in Forensic Software

Computer forensic software is used by lawyers and law enforcement to collect and preserve data in a “forensic image” so that it can be analyzed without changing the original media, and to preserve the chain of custody of the evidence. To the extent there are vulnerabilities in this software, an attacker may be able to hide or alter the data available to a forensic analyst, causing courts to render judgments based on inaccurate or incomplete evidence. There are a number of legal doctrines designed to ensure that evidence presented to courts is authentic, accurate and reliable, but thus far courts have not applied them with the possibility of security weaknesses in forensic software in mind. This article examines how courts may react to such claims, and recommends strategies that attorneys and courts can use to ensure that electronic evidence presented in court is both admissible and fair to litigants.

Efficient Image Matching using Local Invariant Features for Copy Detection

Retrieval based approach has recently emerged as an attractive option for image copy detection. The Content Based Copy Detection (CBCD) can be treated as a restricted case of near duplicate image detection. Near duplicate images can be: (i) perceptually identical images (e.g. allowing for change in color balance, change in brightness, compression artifacts, contrast adjustment, rotation, cropping, filtering, scaling etc.), (ii) images of the same 3D scene (from different viewpoints). As we are searching for copies which are altered versions of the original image, the images with slight viewpoint variations of the same scene should not be retrieved. In this chapter, we focus on image matching strategy based on local invariant features that will assist in the detection of forged (copy-paste forgery) images. So far, no specific robust homography estimation method exists for this application. The state of the art methodologies tend to generate many false positives. In this chapter, we have introduced a novel strategy for pattern matching of key point distributions for copy detection. Typical experiments conducted on real case images demonstrate the success in near duplicate image retrieval for the application of digital image forensics. Efficiency of the proposed method is corroborated by comparison, with contemporary methods.

Methods to Identify Spammers

Unsolicited commercial email has become a major threat for email communication. Although the degree of sophistication of spam filters has increased over time, such filters still produce high rates of false positives and false negatives, thereby reducing the reliability of email and introducing communication risks on their own. Due to more and more complex filtering methods implemented, the hardware requirements for mail servers are increasing to avoid the risk of denial of service situations. Therefore, some authors point out that mail filtering has reached its limits and ask for more preventive solutions to fight spam. One way to prevent email abuse would be to significantly increase the risk of a spammer being sued for damage compensation or, if legislation permits, for criminal offence. This approach believes in an assessment of risk and expected revenue by the offender. But by hiding their real identity, spammers are very successful in evading prosecution. This paper discusses several methods to identify spammers and analyses under which circumstances those methods might be valid evidence in court.

Reliable Motion Detection, Location and Audit in Surveillance Video

The review of video captured by fixed surveillance cameras is a time consuming, tedious, expensive and potentially unreliable human process, but of very high evidentiary value. Two key challenges stand out in such a task; ensuring that all motion events are captured for analysis, and demonstrating that all motion events have been captured so that the evidence survives being challenged in court. In previous work (Zhao, Poursoltanmohammadi & Sorell, 2008), it was demonstrated that tracking the average brightness of video frames or frame segment provided a more robust metric of motion than other commonly hypothesized motion measures. This paper extends that work in three ways; by setting automatic localized motion detection thresholds, by maintaining a frame-by-frame single parameter normalized motion metric, and by locating regions of motion events within the footage. A tracking filter approach is used for localized motion analysis, which adapts to localized background motion or noise within each image segment. When motion is detected, location and size estimates are reported to provide some objective description of the motion event.

Medical Images Authentication through Repetitive Index Modulation Based Watermarking

In this work we propose a Repetitive Index Modulation (RIM) based digital watermarking scheme for authentication and integrity verification of medical images. Exploiting the fact that many types of medical images have significant background areas and medically meaningful Regions of Interest (ROI), which represent the actual contents of the images, the scheme uses the contents of the ROI to create a content-dependent watermark and embeds the watermark in the background areas. Therefore when any pixel of the ROI is attacked, the watermark embedded in the background areas will be different from the watermark calculated according to the attacked contents, thus raising alarm that the image in question is inauthentic. Because the creation of the watermark is content-dependent and the watermark is only embedded in the background areas, the proposed scheme can actually protect the content/ROI without distorting it.

Efficient Forensic Analysis for Anonymous Attack in Secure Content Distribution

This article discusses a forensic technology that is used to defend against piracy for secure multimedia content distribution. In particular we are interested in anonymous rebroadcasting type of attack where the attackers redistribute the per-content encrypting key or decrypted plain content. Traitor tracing technology can be used to defend against this attack by identifying the original users (called traitors) involved in the rebroadcasting piracy. While traitor tracing has been a long standing cryptographic problem that has attracted extensive research, existing academia researches have overlooked many practical concerns in a real world setting. We have overcome many practical concerns in order to bring a theoretical traitor tracing solution to practice. The main focus of this article is on designing efficient forensic analysis algorithms under various practical considerations that were missing from existing work. The efficiency of our forensic analysis algorithms is the enabling factor that ultimately made the first time large scale commercialization of a traitor tracing technology in the context of new industry standard on content protection for next generation high-definition DVDs.

Conducting Forensic Investigations of Cyber Attacks on Automobile In-Vehicle Networks

The introduction of a wireless gateway as an entry point to the automobile in-vehicle network reduces the effort of performing diagnostics and firmware updates considerably. Unfortunately, the same gateway also allows cyber attacks to target the unprotected network which currently lacks proper means for detecting and investigating security-related events. In this article, we discuss how to perform a digital forensic investigation of an in-vehicle network. An analysis of the current features of the network is performed, and an attacker model is developed. Based on the attacker model and a set of generally accepted forensic investigation principles, we derive a list of requirements for detection, data collection, and event reconstruction. We then use the Integrated Digital Investigation Process proposed by Carrier and Spafford (2004) as a template to illustrate how our derived requirements affect an investigation. For each phase of the process, we show the benefits of meeting the requirements and the implications of not complying with them.

Conditions for Effective Detection and Identification of Primary Quantization of Re-Quantized JPEG Images

The choice of Quantization Table in a JPEG image has previously been shown to be an effective discriminator of digital image cameras by manufacturer and model series. When a photograph is recompressed for transmission or storage, however, the image undergoes a secondary stage of quantization. It is possible, however, to identify primary quantization artifacts in the image coefficients, provided that certain image and quantization conditions are met. This chapter explores the conditions under which primary quantization coefficients can be identified, and hence can be used image source identification. Forensic applications include matching a small range of potential source cameras to an image.