2017 25th European Signal Processing Conference (EUSIPCO) 2017
DOI: 10.23919/eusipco.2017.8081213
|View full text |Cite
|
Sign up to set email alerts
|

Higher-order, adversary-aware, double JPEG-detection via selected training on attacked samples

Abstract: Abstract-In this paper we present an adversary-aware double JPEG detector which is capable of detecting the presence of two JPEG compression steps even in the presence of heterogeneous processing and counter-forensic (C-F) attacks. The detector is based on an SVM classifier fed with a large number of features and trained to recognise the traces left by double JPEG detection in the presence of attacks. Since it is not possible to train the SVM on all possible kinds of processing and C-F attacks, a selected set … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
33
0

Year Published

2017
2017
2023
2023

Publication Types

Select...
5
3

Relationship

1
7

Authors

Journals

citations
Cited by 32 publications
(33 citation statements)
references
References 19 publications
0
33
0
Order By: Relevance
“…Future works will be devoted to study fusion techniques to make the most out of each network in a mixed aligned and non-aligned DJPEG case. Moreover, it would be interesting to extend the approach derived in [37] for SVM classifiers, exploiting the idea that robustness to heterogeneous processing and anti-forensics attacks can be recovered by training an adversary-aware version of the classifier.…”
Section: Discussionmentioning
confidence: 99%
“…Future works will be devoted to study fusion techniques to make the most out of each network in a mixed aligned and non-aligned DJPEG case. Moreover, it would be interesting to extend the approach derived in [37] for SVM classifiers, exploiting the idea that robustness to heterogeneous processing and anti-forensics attacks can be recovered by training an adversary-aware version of the classifier.…”
Section: Discussionmentioning
confidence: 99%
“…In the first category, the analyst thought to be aware of the CF method the system is subject to and tries to develop a new algorithm to reveal the attack by looking at specific traces left by the tool. For instance, Barni et al (2017) proposed a detector based on a support-vector-machine (SVM) that fed with a large number of features to identify the traces left by D-JPEG in the presence of attacks. With the advent of DL architectures, adversary-aware training has been widely used to improve DL models' robustness to adversarial examples ( Goodfellow et al, 2014b ).…”
Section: Rq3: What Methods Are Available To Improve the Security Of Mmentioning
confidence: 99%
“…While with the advent of adversarial attacks, various techniques have newly been developed in image forensics to defend versus adversarial attacks. Barni et al (2017) proposed a secure method to react against different post-processing by retraining unaware classifiers with the most powerful attacks (MPAs). Therefore, by understanding most CF attacks, the analyst can be developed a secure system to react against the most powerful CFs.…”
Section: Rq2: How Anti-cf Techniques Can Improve the Security Of ML Amentioning
confidence: 99%
“…The proposed counter forensic technique is also effective in hiding the artifacts generated due to enhancement in both spatial and DCT domain. DCT domain features CC-PEV [28] used along with spatial domain features SPAM [29], [30] has detection accuracy of 95.97% as shown in Table 3. However, it can be observed that accuracy of the detector based on fused features reduces to 63.93% from 95.97%.…”
Section: B: Joint Spatial and Dct Domain Based Detectormentioning
confidence: 99%
“…SPAM and SRM features detect manipulations done in spatial domain whereas CC-PEV analyzes DCT domain for traces of tampering. Combining features from spatial and DCT domain [29], [30] gives more robust detector which can detect image manipulation in either domain.…”
Section: Introductionmentioning
confidence: 99%