基于自适应半脆弱水印的图像篡改检测方案

为保护数字图像版权和检测恶意篡改,实现高精度篡改定位,在充分挖掘图像特性的基础上,设计一种基于自适应半脆弱水印技术的图像篡改检测算法。算法根据感知特性将水印自适应嵌入到图像LSBs中,利用多数原则恢复水印信号,结合数学形态学滤波进行篡改检测与定位。仿真实验证实了该方案的有效性,在抵抗通常的内容保持攻击操作的同时,能实现精准篡改检测与定位。     

基于深度学习的数字图像篡改定位方法综述

日益进步的图像处理技术让数字图像编辑的门槛变得越来越低。利用触手可及的图像处理软件,人们可以方便地改动图像内容,而篡改后的图像往往十分逼真,以至于肉眼难以辨认。这些篡改图像已对个人隐私、社会秩序、国家安全造成了严重的威胁。因此,检测及定位图像中的篡改区域具有重要现实意义,并已成为多媒体信息安全领域中的重要研究课题。近年来,深度学习技术在图像篡改定位中得到了广泛的应用,所取得的性能已显著超越了传统的篡改取证方法。本文对基于深度学习的图像篡改定位方法进行了梳理。介绍了图像篡改定位中常用的数据集及评价标准,以在篡改定位中应用的不同网络架构为依据分析了现有方法的技术特点和定位性能,并讨论了图像篡改定位面临的挑战和未来的研究方向。      

Secure personal data sharing in cloud computing using attribute-based broadcast encryption

The ciphertext-policy (CP) attribute-based encryption (ABE) (CP-ABE) emergings as a promising technology for allowing users to conveniently access data in cloud computing. Unfortunately, it suffers from several drawbacks such as decryption overhead, user revocation and privacy preserving. The authors proposed a new efficient and privacy-preserving attribute-based broadcast encryption (BE) (ABBE) named EP-ABBE, that can reduce the decryption computation overhead by partial decryption, and protect user privacy by obfuscating access policy of ciphertext and user's attributes. Based on EP-ABBE, a secure and flexible personal data sharing scheme in cloud computing was presented, in which the data owner can enjoy the flexibly of encrypting personal data using a specified access policy together with an implicit user index set. With the proposed scheme, efficient user revocation is achieved by dropping revoked user's index from the user index set, which is with very low computation cost. Moreover, the privacy of user can well be protected in the scheme. The security and performance analysis show that the scheme is secure, efficient and privacy-preserving.     

A novel chaos-based fragile watermarking for image tampering detection and self-recovery

In this paper, a novel watermarking approach is proposed to provide enhanced tampering localization and self-recovery. A cross chaotic map is used to confuse the blocks generated by the original image. A sister block embedding scheme is proposed to improve the recovery effect after tampering. Flags and a combination of the most significant bit (MSB) and the least significant bit (LSB) mechanism are applied to improve the tampering detection rate and the defense of attacks. And an optimization scheme is given to make the recovered image have advanced visual effects. Experiment results show that the proposed schemes are more secure and have better effect on tampering detection and recovery even though the tampered area is relatively large.     

一种高容量盲检测图像指纹算法

针对共谋攻击,提出了一种高容量的空域盲检测图像指纹算法.用抗共谋攻击码(ACC)调制正交基向量生成二值指纹,根据指纹状态对图像灰度值量化嵌入指纹.追踪共谋者时,首先根据待检图像像素灰度所属区间提取指纹,然后计算其与正交基向量的内积得到一新向量,对其用软阈值方式进行处理,最后追踪共谋者.指纹嵌入提取采用量化方式,是一种盲...     

数字视频篡改痕迹的被动检测技术综述

随着DEEPFAKE等人工智能方法对数字媒体数据的篡改方式越来越强大,再次掀起了全球各国政府、人民对数字媒体篡改问题的关注和焦虑。无论是传统的篡改攻击,还是智能的篡改生成,从结果上来看,都加深了人们对数字媒体真实性的质疑。数字视频是当下互联网信息传播的主流方式之一,因此对数字视频篡改痕迹的被动检测具有重大研究意义。本文针对数字视频篡改方法和痕迹被动检测问题展开综述,旨在阐述当下这一领域的发展现状和未来趋势。首先从已有案例对数字视频篡改的背景、篡改技术现状、社会危害进行多层次分析,凝炼该领域的研究现状和现存科学难题。然后,本文把被动取证检测技术分为时空域特征检测技术、编码域特征检测技术、深度特征检测技术三类,并详细分析了每类技术的特点和不足。其次,本文也对视频篡改检测相关的国际竞赛和国内竞赛、视频篡改数据集以及常用第三方工具库进行了归纳和总结。最后,本文总结了该领域的进一步有待研究的理论、技术内容和未来应用发展趋势。      

A based on blinded CP‐ABE searchable encryption cloud storage service scheme

Cloud computing has great economical advantages and wide application, more and more data owners store their data in the cloud storage server (CSS) to avoid tedious local data management and insufficient storage resources. But the privacy of data owners faces enormous challenges. The most recent searchable encryption technology adopts the ciphertext‐policy attribute‐based encryption (CP‐ABE), which is one good method to deal with this security issue. However, the access attributes of the users are transmitted and assigned in plaintext form. In this paper, we propose a based on blinded CP‐ABE searchable encryption cloud storage service (BCP‐ABE‐SECSS) scheme, which can blind the access attributes of the users in order to prevent the collusion attacks of the CSS and the users. Data encryption and keyword index generation are performed by the data owners; meanwhile, we construct that CSS not only executes the access control policy of the data but also performs the pre‐decryption operation about the encrypted data to solve higher time cost of decryption calculation to the data users. Security proof results show that this scheme has access attribute security, data confidentiality, indistinguishable security against chosen keyword attack, and resisting the collusion attack between the data user and the CSS. Performance analysis and the experimental results show that this scheme can effectively reduce the computation time cost of the data owners and the data users.     

Multiuser access control searchable privacy‐preserving scheme in cloud storage

Searchable encryption scheme‐based ciphertext‐policy attribute‐based encryption (CP‐ABE) is a effective scheme for providing multiuser to search over the encrypted data on cloud storage environment. However, most of the existing search schemes lack the privacy protection of the data owner and have higher computation time cost. In this paper, we propose a multiuser access control searchable privacy‐preserving scheme in cloud storage. First, the data owner only encrypts the data file and sets the access control list of multiuser and multiattribute for search data file. And the computing operation, which generates the attribute keys of the users' access control and the keyword index, is given trusted third party to perform for reducing the computation time of the data owner. Second, using CP‐ABE scheme, trusted third party embeds the users' access control attributes into their attribute keys. Only when those embedded attributes satisfy the access control list, the ciphertext can be decrypted accordingly. Finally, when the user searches data file, the keyword trap door is no longer generated by the user, and it is handed to the proxy server to finish. Also, the ciphertext is predecrypted by the proxy sever before the user performs decryption. In this way, the flaw of the client's limited computation resource can be solved. Security analysis results show that this scheme has the data privacy, the privacy of the search process, and the collusion‐resistance attack, and experimental results demonstrate that the proposed scheme can effectively reduce the computation time of the data owner and the users.     

(r, QI)-Transform:Reversible Data Anonymity Based on Numeric Type of Data in Outsourced Database

An outsource database is a database service provided by cloud computing companies. Using the outsource database can reduce the hardware and software's cost and also get more efficient and reliable data processing capacity. However, the outsource database still has some challenges. If the service provider does not have sufficient confidence, there is the possibility of data leakage. The data may has user's privacy, so data leakage may cause data privacy leak. Based on this factor, to protect the privacy of data in the outsource database becomes very important. In the past, scholars have proposed k-anonymity to protect data privacy in the database. It lets data become anonymous to avoid data privacy leak. But k-anonymity has some problems, it is irreversible, and easier to be attacked by homogeneity attack and background knowledge attack. Later on, scholars have proposed some studies to solve homogeneity attack and background knowledge attack. But their studies still cannot recover back to the original data. In this paper, we propose a data anonymity method. It can be reversible and also prevent those two attacks. Our study is based on the proposed r-transform. It can be used on the numeric type of attributes in the outsource database. In the experiment, we discussed the time required to anonymize and recover data. Furthermore, we investigated the defense against homogeneous attack and background knowledge attack. At the end, we summarized the proposed method and future researches.     

基于隐私同态数据融合的完整性验证协议

在无线传感器网络中的安全数据融合能够有效防止隐私泄露和数据篡改等问题,并实现高效的数据传输。由此提出一种基于隐私同态数据融合的完整性验证协议IV-PHDA。该协议采用同态加密保证数据隐私性;利用随机检测节点对节点聚合结果的完整性进行检测,以验证聚合节点是否忠实地传输每个数据分组。通过理论分析和仿真对比,对其算法的性能进行验证,结果表明,该协议能够在网络传输的过程中检测数据的完整性,并且实现较好的隐私保护和较高的数据精确度。     

Image-adaptive watermarking using visual models

The huge success of the Internet allows for the transmission, wide distribution, and access of electronic data in an effortless manner. Content providers are faced with the challenge of how to protect their electronic data. This problem has generated a flurry of research activity in the area of digital watermarking of electronic content for copyright protection. The challenge here is to introduce a digital watermark that does not alter the perceived quality of the electronic content, while being extremely robust to attack. For instance, in the case of image data, editing the picture or illegal tampering should not destroy or transform the watermark into another valid signature. Equally important, the watermark should not alter the perceived visual quality of the image. From a signal processing perspective, the two basic requirements for an effective watermarking scheme, robustness and transparency, conflict with each other. We propose two watermarking techniques for digital images that are based on utilizing visual models which have been developed in the context of image compression. Specifically, we propose watermarking schemes where visual models are used to determine image dependent upper bounds on watermark insertion. This allows us to provide the maximum strength transparent watermark which, in turn, is extremely robust to common image processing and editing such as JPEG compression, rescaling, and cropping. We propose perceptually based watermarking schemes in two frameworks: the block-based discrete cosine transform and multiresolution wavelet framework and discuss the merits of each one. Our schemes are shown to provide very good results both in terms of image transparency and robustness     

一种隐私保护的安全DTN发布订阅协议

容迟网络是一种新型无线网络技术，近年来与命名数据网络有着融合发展的趋势。这里以发布／订阅多播协议为原型，构造了容迟网络环境下的命名数据网络环境，探讨了该环境下的安全和隐私问题。并进一步提出了基于群签名的数据包隐私保护验证方案，以及基于哈希链的防篡改TTL网络拥塞控制方案，来抵抗泛洪攻击等恶意行为。仿真实验表明基于TTL的网络拥塞控制安全方案可以有效地控制网络中的泛洪攻击等恶意行为，而哈希链方案可以有效防止用篡改TTL的方式来变相阻塞网络。     

基于矢量树结构的数字指纹调制方法的研究

提出一种基于矢量树结构的指纹编码调制,相对于传统的AND-ACC调制方式来说,其有效地增强了系统抗共谋攻击的能力.     

具有隐私保护的细粒度智能家居远程数据安全更新方案

针对现存智能家居软件更新方案中存在的粗粒度访问控制、单点服务失效、用户解密效率低下等问题,该文提出一种具有隐私保护的细粒度智能家居远程数据安全更新方案。该方案通过属性基加密技术实现了细粒度访问控制,并结合区块链和星际文件系统(IPFS)技术对数据进行存储。通过对访问策略进行隐藏,构造出一种策略隐藏的密文策略基于属性加密(CP-ABE)算法,进一步保护了用户的隐私。此外,通过设计面向轻量级用户的外包解密算法,所提方案有效减轻了轻量级用户的计算负担,并结合区块链和智能合约技术实现了外包解密过程的公平支付。最后,基于判定的双线性迪菲赫尔曼 (DBDH)假设,证明了所提方案是选择明文攻击下的不可区分 (IND-CPA)安全的。仿真实验结果表明,所提方案与现有方案相比终端用户解密成本和通信开销明显降低。     

Improved joint reversible data hiding in encrypted images

This paper proposes an improved method of reversible data hiding in encrypted images (RDH-EI). Three parties constitute the proposed system: the image owner, the remote server and the recipient. To preserve privacy, an image owner encrypts the original image using a stream cipher algorithm and uploads the ciphertext to a remote server. On server side, a data-hider is allowed to embed additional message into the encrypted image using a swapping/shifting based algorithm. After downloading the marked encrypted image from the server and implementing the decryption, a recipient can extract the hidden messages and losslessly recover the original image. Experimental results show that the proposed method achieves a larger payload than the related works. Meanwhile, a limitation in the related works that few bits can be embedded into the encrypted medical images is also eliminated in the proposed method.     

MD5算法在高校媒体资产管理系统中的应用研究

主要研究利用MD5算法的加密及文件校验功能,实现高校媒资系统中系统安全性管理、文件重复性校验、文件审查、明确责任等方面的应用,以达到优化高校媒体资产管理系统,提高其安全性及可用性。     

Tampering in RFID: A Survey on Risks and Defenses

RFID is a well-known pervasive technology, which provides promising opportunities for the implementation of new services and for the improvement of traditional ones. However, pervasive environments require strong efforts on all the aspects of information security. Notably, RFID passive tags are exposed to attacks, since strict limitations affect the security techniques for this technology. A critical threat for RFID-based information systems is represented by data tampering, which corresponds to the malicious alteration of data recorded in the tag memory. The aim of this paper is to describe the characteristics and the effects of data tampering in RFID-based information systems, and to survey the approaches proposed by the research community to protect against it. The most important recent studies on privacy and security for RFID-based systems are examined, and the protection given against tampering is evaluated. This paper provides readers with an exhaustive overview on risks and defenses against data tampering, highlighting RFID weak spots and open issues.     

Reversible digital watermarking-based protocol for data integrity in wireless sensor network

For the contradiction between high energy consumption of WSN privacy protection algorithm and constrained resources of sensor network,a recoverable data fusion protocol that ensures data integrity and confidentiality based on reversible digital watermarking and homomorphic encryption technology was proposed.On the one hand,the data from the sensor was embedded by the difference expansion method by using the reversible digital watermarking technique,and original data could be recovered by using a reversible watermark to ensure the integrity check of the fusion data when the fusion data were destroyed.On the other hand,elliptic curve homomorphic encryption encrypted data to prevent sensor data from being perceived during data transmission.Security results show that the proposed protocol performs well against cluster head node compromise as well as tampering from an attack.Performance analysis shows that the protocol has significant advantages over other algorithms in terms of computation,communication overhead and propagation delay.The experimental results show that the protocol has a low resource overhead and improves network performance.     

基于 RSA 与 LSB 算法的信息隐藏

信息隐藏技术将特定信息嵌入数字化宿主信息中,由于宿主信息呈现变化不大,不会引起监控者的注意和重视,从而减少了被攻击的可能性。为了提高信息隐藏效率与在非授权情况下提取信息的难度,提出将信息加密后进行隐藏,具有更高的安全性。在信息隐藏前对敏感信息进行了信息分割、RSA加密预处理;将控制信息也嵌入到BMP文件的图像数据区;实现了改进的LSB算法,并通过实验进行了验证。     

Taking Television Seriously: A Sound and Image Bite Analysis of Presidential Campaign Coverage, 1992–2004

This study updates and builds on Hallin's landmark investigation of sound-bite news by documenting the prevalence of candidate image bites, where candidates are shown but not heard (as opposed to being shown and heard), in general election news over 4 election cycles. A visual analysis of broadcast network (ABC, CBS, and NBC) news coverage of the 1992, 1996, 2000, and 2004 U.S. presidential elections finds that image bites constituted a greater percentage of total campaign coverage than sound bites, with candidates appearing in image bites significantly more than sound bites. Even as candidate sound bites continue to shrink over time, image-bite time is increasing in duration—and candidates are being presented in image bites almost twice as much as journalists. Sound bites are also found to be largely attack and issue focused. Based on these findings, we call for greater appreciation of visual processing, nonverbal communication, and voter learning from television news in the study of media and politics.