Summary and Discussions - Design of Active Agents

Chapter 2 Design of Active Agents

2.4 Summary and Discussions

In this chapter, several ways about how to access active agents and some methods for hiding active agents are proposed. On different kinds of platforms, different kinds of media are used to hide active agents for saving the data hiding capacity of the cover media.

In the following chapters of this thesis, two execution platforms, including a

personal computer and a cellular phone, and two extraction programs containing an ActiveX program and a JAVA program are adopted. The way to access an active agent investigated in this thesis study is from public web pages and the types of the cover media are images and videos.

Chapter 3 Active Covert Communication by MPEG Videos with Secret

Authentication Capability 3.1 Introduction

Due to the popularity of computer networks, more and more data is transmitted through the public Internet and many security problems arise when secret messages are transmitted. An illicit user can employ various network tools to intercept these secret messages very easily for misuses. Thus, in this study, a video data hiding method with the secret authentication capability for active covert communication is proposed.

In Section 3.2, some reviews of the data hiding method for MPEG videos are made. In Section 3.3, an authentication method for verifying secret messages is proposed, which calculates authentication signals of secret messages and embeds these signals into the messages. In Section 3.4, an active covert communication method for MPEG videos is proposed and two related processes are presented. In Section 3.5, experimental results are shown to prove the proposed methods, and finally in Section 3.6, some discussions and a summary are given .

Method for MPEG Videos

In the MPEG standard, all macroblocks in I frames are intra-coded ones without referencing to others. The compression technique used in I frames is similar to the one of the JPEG standard, so the DCT-based data hiding technique may be applied. There are three kinds of frequency bands, namely, low-frequency bands, middle-frequency ones, and high-frequency ones, in an 8×8 DCT block. In order to maintain a trade-off between imperceptivity and data hiding capacity, the middle-frequency band in Figure 3.1 is chosen to embed secret data in this study.

0 Figure 3. 1 An illustration of an 8×8 DCT block.

P and B frames are inter-coded frames different from I ones and are encoded by motion compensation prediction to reduce the temporal redundancy between frames.

In P frames, there are many forward-coded macroblocks and some intra-coded

macroblocks. In B frames, there are many backward-coded macroblocks, forward-coded macroblocks and some intra-coded macroblocks. Because many motion vectors are used in inter-coded macroblocks to reduce the temporal redundancy, they may be utilized to hide secret data efficiently.

The same encoding type of macroblocks in different kinds of frames facilitates the use of the same method to hide data in them. In Section 3.2.1, a data hiding method based on the use of DCT coefficients in intra-coded macroblocks is introduced. In Section 3.2.2, a method of hiding secret data in forward-coded macroblocks is presented. Then in Section 3.2.3, a method of hiding secret data in backward-coded macroblocks is reviewed.

3.2.1 Process for Hiding Secret Data in I Frames

After MPEG video are processed with variable-length decoding, the quantized DCT coefficients of each 8x8 block of the input I frame can be obtained. An algorithm of the process is described as follows.

Algorithm 1: Hiding secret data in intra-coded macroblocks.

Input: secret data S, and a macroblock M.

Output: a macroblock M’ in which the secret data are embedded.

Steps:

1. Get an 8x8 luminance block L from M which has four 8x8 luminance blocks and find the coefficient C_i whose magnitude is the maximum in each pre-defined section as shown in Figure 3.1.

2. Acquire a bit b of S sequentially and hide it into every C_i. The hiding rules R are illustrated in the following.

≥ 0:

i. if b = 1 and C_i is even, then set C_i = C_i + 1;

ii. if b = 0 and Ci is odd, then set Ci = Ci + 1;

iii. otherwise, leave C_i unchanged.

II. If Ci < 0:

i. if b = 1 and C_i is even, then set C_i = C_i - 1;

ii. if b = 0 and Ci is odd, then set Ci = Ci - 1;

iii. otherwise, leave C_i unchanged.

An illustration of the hiding process for I frames is presented as a flowchart in Figure 3.2 as follows.

Secret Data (S)

I Frame Macroblock

(M)

Apply Hiding Process for Intra-coded

Macroblocks

Stego I Frame

A Bit (b) of Secret Data

Figure 3. 2 A flowchart of the process of hiding secret data in I frames.

3.2.2 Process for Hiding Secret Data in P Frames

There are two encoding types of macroblocks, namely, intra-coded ones and forward-coded ones, in P frames. Because the data hiding method of intra-coded macroblocks is similar to the one used in I frames, in this section, a data hiding method of forward-coded macroblocks is introduced. A detailed algorithm is presented in the following.

Algorithm 2: Hiding secret data in forward-coded macroblocks.

Input: secret data S, and macroblock M.

Output: a macroblock M’ in which the secret data are embedded.

Steps:

1. Acquire a horizontal component H and a vertical one V from a motion vector of the input forward-coded macroblock and use a threshold T to decide if the current macroblock is proper to hide secret data. The decision rule is described as follows:

| H | > T or | V | > T.

The magnitude of T is just a tradeoff between the video quality and the data hiding capacity. The larger T is, the less distortion the video has to bear and the less data can be hidden into the video.

2. Use following embedding rules R to embed a bit b of S into the selected motion vector if the above condition is true.

I. If | H | ≥ | V | and H ≥ 0:

i. if b = 1 and H is even, then set H = H + 1;

ii. if b = 0 and H is odd, then set H = H + 1;

iii. otherwise, leave H unchanged.

II. If | H | ≥ | V | and H < 0:

i. if b = 1 and H is even, then set H = H - 1;

ii. if b = 0 and H is odd, then set H = H - 1;

III. If | H | < | V | and V ≥ 0:

i. if b = 1 and V is even, then set V = V + 1;

ii. if b = 0 and V is odd, then set V = V + 1;

iii. otherwise, leave V unchanged.

IV. If | H | < | V | and V < 0:

i. if b = 1 and V is even, then set V = V - 1;

ii. if b = 0 and V is odd, then set V = V - 1;

iii. otherwise, leave V unchanged.

An illustration of the hiding process for P frames is presented as a flowchart in Figure 3.3 as follows.

Secret Data

Figure 3. 3 A flowchart of the process of hiding secret data into P frames.

3.2.3 Process for Hiding Secret Data in B Frames

There are three encoding types of macroblocks, namely, intra-coded ones, forward-coded ones and backward-coded ones, in B frames. Both data hiding methods for intra-coded macroblocks and for forward-coded macroblocks in B frames are similar to those in P frames. In this section, a data hiding method for backward-coded macroblocks is introduced. A corresponding algorithm is described in the following.

Algorithm 3: Hiding secret data in backward-coded macroblocks.

Input: secret data S, and macroblock M.

Output: a macroblock M’ in which the secret data are embedded.

Steps:

1. Acquire a horizontal component H and a vertical one V from a motion vector of the input backward-coded macroblock and use a threshold T to decide if the current macroblock is proper to hide secret data by the following rule:

| H | > T or | V | > T.

2. Use following embedding rules R to embed a bit b of S into the selected motion vector if the above condition is true.

I. If | H | ≥ | V | and H ≥ 0:

i. if b = 1 and H is even, then set H = H + 1;

ii. if b = 0 and H is odd, then set H = H + 1;

iii. otherwise, leave H unchanged.

II. If | H | ≥ | V | and H < 0:

i. if b = 1 and H is even, then set H = H - 1;

ii. if b = 0 and H is odd, then set H = H - 1;

iii. otherwise, leave H unchanged.

III. If | H | < | V | and V ≥ 0:

i. if b = 1 and V is even, then set V = V + 1;

ii. if b = 0 and V is odd, then set V = V + 1;

iii. otherwise, leave V unchanged.

IV. If | H | < | V | and V < 0:

i. if b = 1 and V is even, then set V = V - 1;

ii. if b = 0 and V is odd, then set V = V - 1;

iii. otherwise, leave V unchanged.

Secret Data

Intra-coded Macroblock Forward -coded Macroblock

Apply Hiding Process for Backward-coded

Macroblocks

Backward-coded Macroblock

Figure 3. 4 A flowchart of the process of hiding secret data in B frames.

Just like what we mentioned before, the magnitude of T used in Step 1 above is just a tradeoff between the video quality and the data hiding capacity. The larger T is,

the less distortion the video has to bear and the less data can be hidden into the video.

An illustration of the hiding process for B frames is presented as a flowchart in Figure 3.4 as follows.

3.3 Authentication Method for Secret Messages

Under the process of transmitting the cover media with the secret messages on public networks, malicious users might use various methods to intercept the cover media and try to extract the secret messages hidden in it or modify the secret messages to cheat the receiver who needs the secret messages. If this receiver is an employee who works for a company, fake secret messages can lead him/her to make wrong decisions and cause a great loss to the company. In order to avoid situations like this to happen, a method for calculating authentication signals of the secret messages and embedding them in the secret messages is proposed. With the use of the authentication signals, the fidelity of the secret messages can be ensured by our method proposed in this study, as described in the following sections.

3.3.1 Calculation of Authentication Signals of Secret Messages

Let M be certain given secret messages with the size of l, and A be authentication signals to be embedded in M. The size of A is the same as one integer of 4 bytes. A detailed algorithm of the calculation of A for M is described in the following.

Algorithm 4: Calculation of authentication signals for secret messages.

Output: authentication signals A.

Steps:

1. Transform M into a byte form (b₁ b₂ … b_l)₂₅₆ with each b_i (i = 1, 2, …, l) being one byte of M.

2. Calculate the sum of b_i (i = 1, 2, …, l) to generate A which is described as the following equation:

A = (b₁ + b₂ + … + b_l) mod 2³²

3.3.2 Process for Embedding Authentication Signals

After calculating authentication signals for secret messages, these signals will be embedded in the secret messages and new messages are generated. A corresponding detailed algorithm is shown in the following.

Algorithm 5: Embedding process for authentication signals.

Input: secret messages M with the size of m bytes, authentication signals A with the size of 4 bytes, and a user key K for generating a non-repeating random number sequence.

Output: temporary messages T for the concatenation of M and A, and new secret messages M’.

Steps:

1. Transform both M and A into a byte form and concatenate them into temporary messages T as follows:

M = (a1 a2 … am )256, A = (b1 b2 b3 b4)256

T = M + A = (a₁ a₂ … a_m b₁ b₂ b₃ b₄)₂₅₆

2. Use K to generate a non-repeating random number sequence to randomize T and produce the desired new secret messages M’.

3.3.3 Process for Extracting Authentication Signals

After generating the new messages as authentication signals, they will be embedded in the cover media and transmitted to the receiver site. On the receiver site, the secret messages can be extracted and authenticated. The extraction algorithm is an inverse process of the embedding one and is described in the following.

Algorithm 6: Extraction process for authentication signals.

Input: secret messages M’ with the size of m bytes extracted by Algorithm described later, and a user key K for generating a non-repeating random number sequence.

Output: authentication signals A with the size of 4 bytes extracted by Algorithm described later, and recovered secret messages M with the size of (m - 4) bytes, and temporary messages T, and authentication signals A’ recalculated by Algorithm 4 described before.

Steps:

1. Use K to generate a non-repeating random number sequence to de-randomize M’

and produce temporaray messages T.

2. Transform T into the byte form and decompose T to get M and A by the following way:

T = (a1 a2 … am b1 b2 b3 b4)256; M = (a₁ a₂ … a_m)₂₅₆;

A = (b1 b2 b3 b4)256. 3. Recalculate authentication signals A’ using M as follows:

A’ = (a1 + a2 + … + am) mod 2³². 4. Compare A and A’ to make the decision as follows:

⎩⎨

If A does not equal A’, regard the original secret messages to have been tampered with or the cover media to have been modified, discard the extracted secret messages, and inform the sender of the errors.

Note that if the user key provided by the receiver is wrong, A will not equal to A’, either. An illustration of the authentication method for secret messages is shown in Figure 3.5.

Figure 3. 5 An illustration of the authentication method for secret messages.

3.4 Proposed Active Covert

Communication Method for MPEG Videos

The pre-defined environment of active covert communication is built on a web page with an ActiveX program. An ActiveX program in which an active agent has been embedded includes an active video player and a MPEG video clip. Here is an application example. When an employee works outside and has to receive messages from a superior, the employee can browse a public web page and get secret messages hidden in an MPEG video without the need of installing data extraction programs.

In this example, the task of the active agent is to extract secret messages. Before beginning the extraction process, the receiver has to provide an authentic user key. If this user key is wrong, the receiver will get nothing after seeing the video on the web page.

3.4.1 Process for Embedding Secret Messages

The embedding process is executed on the platform of a sender-site computer.

An illustration of the entire process is shown in Figure 3.6.

First, authentication signals are generated by the input secret messages. Then, these secret messages are concatenated with authentication signals and randomized by a user key. After generating randomized secret messages, they are hidden in an MPEG video.

Original Video

VLD

Frame Type?

Apply Embedding Process I

VLC

Stego-video

User Key Secret

Messages

Authentication Signals

Combine and Randomize

Secret Messages with Authentication Signals

Figure 3. 6 A flowchart of the process of embedding secret messages in an MPEG video.

3.4.2 Process for Extracting Secret Messages

The extraction process is an inverse process of the embedding one. The process is executed on the platform of a receiver-site computer. An illustration of how to extract secret messages is shown in Figure 3.7.

After extracting data from an MPEG video, the data needs to be de-randomized by a user key to obtain secret messages and authentication signals. Then, the extracted secret messages have to be verified, so the extracted authentication signals will be compared to the recalculated ones. If there is no difference between these two signals, the extracted secret messages are kept, otherwise discarded.

VLD

Figure 3. 7 A flowchart of the process of extracting secret messages into an MPEG

A flowchart of the process of the active covert communication method is illustrated in Figure 3.8. In the server-site process, secret messages with authentication signals are embedded in a MPEG video put on a public web page.

While a user requests for downloading secret messages, the proposed system can extract and execute active agents. Then, the active agents can extract secret messages from the MPEG video and authenticate them for the authentic user.

u s e r

Request for downloading secret messages from MPEG videos

Figure 3. 8 A flowchart of the process of the active covert communication method.

3.5 Experimental Results

In our experiments, a stego-video with secret messages is put on a public web page for people to preview. When a user browses this web page, the stego-video with a description is displayed on the screen shown in Figure 3.9(a). After pressing the replay button on the pop-up menu in Figure 3.9(b) four times, a dialog in which the user key can be keyed in will be shown for the user. If the input key is authentic, secret messages which are hidden in the stego-video can be extracted into the local computer in Figure 3.9(e). On the contrary, an illegal user can just get nothing.

(a)

Figure 3.9 The process of the proposed active covert communication method. (a) An initial web page with a stego-video displayed on the browser. (b) A replay button on a pop-up menu. (c) A dialog in which a user key can be inputted. (d) A dialog which can select the saving location of extracted secret messages. (e) The extracted secret messages on the desktop. (f) The content of the extracted secret messages. (continued)

(b)

(c)

Replay

Dialog

(d)

(e)

Downloaded secret

Dialog

(f)

3.6 Summary and Discussions

In this chapter, an active covert communication method that can be carried out on a web page with an ActiveX program has been proposed. In this method, the security of the communication becomes better with the use of a user key to randomize secret messages and authentication signals. Authentication signals of secret messages not only help us detect transmission errors over the public network but also find out any illicit tampering of the cover media or secret messages.

If the given user key is wrong, the extracted secret messages and the extracted

authentication signals will also be incorrect. That is, the recalculated authentication signals of the extracted secret messages will not be the same as the extracted ones. In this situation, the extracted secret messages will be discarded and malicious users can just get nothing.

Chapter 4 Active Authentication of MPEG Videos

4.1 Introduction

With the advance of computer networks, the data transmission rate on networks is getting higher. More and more videos are transmitted on public networks. Since these MPEG videos are exposed on the Internet, illicit users might want to intercept and modify them for deceiving the receiver. Thus, the verification of the fidelity of suspicious MPEG videos is necessary. The scheme proposed in this study is executed on a web page and can authenticate on-line MPEG videos to generate verification reports.

In Section 4.2, a review of an authentication method for I, P and B frames of MPEG videos is introduced. Then in Section 4.3, the proposed active authentication method for MPEG videos on web pages and flowcharts of the processes are described.

Finally, experimental results and some discussions are given.

4.2 Review of An Authentication Method for MPEG Videos

In this section, two authentication signal hiding methods for different frames of

MPEG videos are reviewed. In Section 4.2.1, a process for hiding authentication signals in I frames is introduced and a process for P and B frames is described in Section 4.2.2.

4.2.1 Process for Hiding Authentication Signals in I Frames

In the reviewed method, two different DCT coefficients with the same quantization step size in the luminance block of intra-coded frames are chosen as a pair to hide an authentication signal. There need two pairs of DCT coefficients for hiding authentication signals. One pair is for hiding random number authentication signals, and the other is for hiding video information, including the number of P and B frames in a GOP and the index of a GOP.

DC Coefficient Middle Frequency Coefficient 8

For Hiding Authentication Signals For Hiding Video Information

The method for hiding a pair of two coefficients is to adjust their relative values according to the hidden data. Because of the quantization step size of the selected frequency-domain coefficients are the same, hidden authentication signals may have the capability against image recompression. In order to reduce the probability of erroneous extraction of hidden bits, the number of inter-coded frames and the index are duplicated as many times as possible before the embedding process. A detailed algorithm is described as follows.

Algorithm 1: Hiding authentication signals in intra-coded macroblocks.

在文檔中主動式資訊隱藏與應用之研究 (頁 32-0)