利用資料隱藏技術的數位內容授權服務之研究 - 政大學術集成

全文

(1)國⽴立政治⼤大學資訊管理學系. 碩⼠士學位論⽂文指導教授：郁⽅方博⼠士. 立. 政治大. ‧. ‧ 國. 學 sit. y. Nat. 利⽤用資料隱藏技術的數位內容授權服務之研究. n. er. io. Digital Content Authorization with Invisible al v i n Ch Watermarking engchi U. 研究⽣生：林⽻羽真中華民國 104 年 07 ⽉月.

(2) ABSTRACT With the digitalization of media, the improvement of video compression technique and the adaptation of the Internet, videos have become one of the most prominent mediums in the network age. However, due to its nature to be easily copied and distributed, creative workers easily become victims to the piracy. While corporations use proprietary digital rights management (DRM) [28] to guarantee fair use of intellectual properties, individuals are seldom able to afford huge royalty. In this work, we investigate. 立. 政治大 invisible watermarking techniques,. discuss their. ‧ 國. 學. properties, and apply cryptography [13] and steganography [13] techniques to data hiding in digital contents. Specifically, we develop a new public online service of data. ‧. hiding in digital contents with the aim of proving content owners the ability to claim. y. Nat. io. sit. digital ownership. The current technique used to embed messages in video satisfies. n. al. generic active authentication. er. integrity but cannot resist attacks/modifications on the video. Also, we proposed a. v i n Ch framework programs e n gviac hiding hi U. in digital contents,. giving the developer the possibility to design their own variant from passive authentication to active code execution.. i.

(3) ABSTRACT ...................................................................................................................i 1. INTRODUCTION ................................................................................................ 1 1.1 Steganography ............................................................................................................ 2 1.2 The Property Of Steganography .............................................................................. 3 1.2.1 Robustness ............................................................................................................ 3 1.2.2 Transparency or Imperceptibility ......................................................................... 3 1.2.3 Undetectability...................................................................................................... 3 . 政治大. 1.2.4 Integrity ................................................................................................................ 4 . 立. 1.2.5 Capacity ................................................................................................................ 4 . ‧ 國. 學. 1.2.6 Security ................................................................................................................. 4 . ‧. 1.2.7 Data Payload ......................................................................................................... 5 . Nat. sit. y. 2. LITERATURE REVIEWS .................................................................................. 6 . n. al. er. io. 2.1 Image Steganography ................................................................................................ 7 . i n U. v. 2.2 Streaming Steganography ......................................................................................... 8 . Ch. engchi. 2.3 Steganography tools introduction ............................................................................ 9 . 3. SYSTEM DESIGN .............................................................................................. 17 3.1 System Structure ...................................................................................................... 18 3.2 System functionality ................................................................................................. 25 3.2.1 Html/Css ............................................................................................................. 25 3.2.2 Javascript ............................................................................................................ 26 3.2.3 Php/SQL ............................................................................................................. 27 . ii.

(4) 4. SYSTEM IMPLEMENTATION AND RESULTS ............................................. 29 4.1. Instruction of the website ....................................................................................... 29 4.2. Result ........................................................................................................................ 33 4.2.1. Robustness ......................................................................................................... 33 4.2.2. Transparency and Undetectability ..................................................................... 33 4.2.3. Integrity ............................................................................................................. 34 4.2.4. Capacity ............................................................................................................. 34 . 政治大. 4.3. Future work ............................................................................................................. 34 . 立. 5.CONCLUSION ....................................................................................................... 36 . ‧ 國. 學. Reference .................................................................................................................... 37 . ‧. n. er. io. sit. y. Nat. al. Ch. engchi. iii. i n U. v.

(5) 1. INTRODUCTION With the digitalization of media, the improvement of video compression technique and the adaptation of the Internet, video has become one of the most prominent mediums in the network age. However, due to its nature to be easily copied, transformed, and distributed, creative workers usually fall victim to the piracy. How to protect the authentication of the digital media becomes a popular issue in recent years. While corporations use proprietary digital rights management (DRM)[28] to. 政治大 guarantee fair use of intellectual property, individuals are seldom able to afford huge 立. ‧ 國. 學. royalty.. The first technology for protecting the authentication of digital content is. ‧. cryptography. Cryptography means to encrypt data, and only the one who has the. y. Nat. io. sit. valid key can decrypt the cipher messages. However, encryption cannot directly. n. al. content, they can distribute. er. monitor those who have purchased the legitimate content. Once they decrypt the. v i n C hcontent. That is U the e n g c h i the reason. why watermarking. researches begin. Watermark researches can be divided into two parts. One kind of it is visible, and the other one is invisible. Visible watermark is as the image or text we usually see on the paper, newspaper, and digital files. It is can be easily removed by some programs like PhotoShop in a short time. Invisible watermark cannot be seen in the files. Embedding copyright information or watermark in digital files is named Data Hiding [9], and it is one kind 1.

(6) of steganography. Using cryptography and steganography techniques, authentication can be achieved with relatively low cost. The proposed of this research is to compare the pros and cons of several common used steganography techniques, and several common used data hiding algorithms, then integrates a technique in the web as a package service which provides individuals to protect their intellectual property. We want to embed the tool named OpenPuff [23] into a website by installing it on a dedicated server with a remote connection, which may provide users watermark. 政治大. their media files or using data hiding functions from back-end operation. In this way,. 立. the services are cross-platform. Users don’t have to install OpenPuff [23], limit by the. ‧ 國. 學. operating system and can still achieve that steganography goal.. ‧. 1.1 Steganography. y. Nat. er. io. sit. Steganography [19] is different from cryptography. It refers to techniques embedding secret messages into carrier (cover message) to ensure data security that. al. n. v i n C hIn digital steganography, no one will discover its existence. e n g c h i U some secret data will be encrypted by cryptography algorithm before embedded, e.g., Bhaumik, Choi, Robles, and Balitanas (2009) [2] hide encrypted data into videos. We use invisible watermarks to encode secret messages in videos and images. This is done by integrating several existed tools into a web service to provide public users a convenient way to embed messages to their videos, e.g., to sign up their homemade video before uploading to the web. The service can be used to provide digital content authentication. Before delving into techniques, below we first discuss 2.

(7) properties of steganography [19].. 1.2 The Property Of Steganography There are several properties that invisible watermark need to have.. 1.2.1. Robustness. Robustness [29][31] is the ability of the hidden data to resist attacks/modifications on the carrier. I.e., modification on carriers may break the embedded messages, and. 政治大. the modification may be compression, rotation, cropping, and scaling …etc. If the. 立. watermark is not robust, it is called fragile watermarking.. ‧ 國. 學. 1.2.2. Transparency or Imperceptibility. ‧. sit. y. Nat. Transparency [31] can also be called as imperceptibility. It refers to the similarity. io. al. er. between the original and watermarked. The invisible watermark must be. v. n. imperceptible. The loss of modified cover has to be so low that human cannot detect. Ch. engchi. i n U. the change. The higher transparency of the watermark means the attackers can’t easily aware of its exist to maintain the goal of security.. 1.2.3. Undetectability. Even though the invisible watermark can’t be seen, it does not represent that the hidden message is safe. If the invisible watermark detected by attackers by measuring some features changed, they will try to extract the hidden watermark or modify the cover data to destroy our authentication. 3.

(8) 1.2.4. Integrity. Integrity [30] means the accuracy and consistency when watermark embedded into the cover data. We should ensure that the encrypted videos or images should have not been modified before decryption; any modification that changes consistency of videos should be able to be detected.. 1.2.5. Capacity. Capacity [31] is refer to as the hiding capacity of hidden data. Many. 政治大 steganography methods are researching how to increase the capacity and hide more 立. ‧ 國. 學. data in the cover by changing the algorithm. The more we can hide under the same transparency, the better the method is.. ‧. There are several limited supports on satisfying the required properties from. y. Nat. er. io. sit. available tools. Also, these properties conflict with each other. We can’t satisfy all the properties at the same time. The objective of this work is to provide a public service. al. n. v i n C h techniques to address that integrates multiple steganography e n g c h i U this concern. We realized the idea in a prototype system MIA (multimedia intelligent authentication) [33], where public users can encode data in both videos and images respect to their requirements.. 1.2.6. Security. Security means to make sure the authority to remove watermark, detect it and resist hostile attacks. Some embedded watermark cannot be extracted because the. 4.

(9) carrier is rotated. But as long as the carrier is rotated to the original direction, the algorithm then can extract the embedded watermark.. 1.2.7. Data Payload. Data payload refers to the number of bits embedded into a frame, audio or image files per second. The larger data payload the faster and more scalable for the data hiding mechanism is.. 立. 政治大. ‧. ‧ 國. 學. n. er. io. sit. y. Nat. al. Ch. engchi. 5. i n U. v.

(10) 2. LITERATURE REVIEWS Steganographic encoding processes [9] are as the figure showed.. Key Digital Files. Data Embedding. (cover files). (function). Watermarked Files. Watermark (message). 立. 政治大. Figure 1. Steganographic Encoding. ‧ 國. 學. Only the authorized users who know the key can decrypt the message from. ‧. watermarked files. The method can be used in feature tagging, such as hiding. sit. y. Nat. someone’s name in a photo or recording locations in a map. It can also be used for. io. al. er. secret communications to transform some sensitive messages without alerting. v. n. possible attackers. Most of common tools are all based on this method for embedding. Ch. engchi. i n U. secret data into cover files. There are some common methods used to embed data into files: Least-Significant Bit embedding [19] modifies the least significant bit that the changes are too small to detect by human eyes. The advantage of LBS is simple and it allows high perceptual transparency. However, scaling, rotation, lossy compression or some changes in cover may easily destroy the message.. 6.

(11) Transform embedding method such as discrete-cosine transform (DCT) [8], discrete fourier transform (DFT) [8], or discrete wavelet transform (DWT). [1] embedding message in data files by changing the coefficients of the transform function. They can offer robustness and are widely used in watermark embedding in digital content, which are in the frequency domain.. 2.1 Image Steganography Reddy, Prasad, and Rao [17] develop an algorithm that can embed watermark. 政治大 without distortions to the image based on human visual system by modifying the 立. ‧ 國. 學. frequency coefficients of the Image. The embedding and extracting of watermarks are in frequency domain. Their algorithm is based on Spread spectrum Watermarking.. ‧. The method has more robust against attacks using a key to control a pseudo number. y. Nat. er. io. sit. generator. Pseudorandom sequences are used as the spreading sequences. Ko (2013) [5] focused on the data-hiding algorithm based on quantization index. al. n. v i n modulation (QIM). The author C developed level nest-structure algorithm based h e n ga two chi U. on the fractional discrete cosine transform that can hide two times bits, and reached higher transparency. Also, the author improved data hiding method based on pixel difference and histogram modification. This improvement increased transparency by 27.78%, and 48.48% hidden inside. In [18] is about using Quantization index modulation (QIM) techniques in data hiding in image because of the robustness. Hypothesis testing was held for the detection of whether the data is hidden in the data or not. The experiment conclusion 7.

(12) is that QIM can be detectable depends strongly on the host statistics. The detectability could be reduced by reducing the level of robustness against attacks, or by reducing the embedding rate. Lin, and Shiu [8] increase the capacity of DCT-based images and developed a new data-hiding scheme by notation transformation concept. The security of the hidden data is guaranteed because the secret data is embedded into DCT coefficients of the cover image by dividing the coefficients into six areas.. 政治大. Muhammad, Ahmad, Farman, and Zubair [13] presents a unique approach for image. 立. steganography using Hue-Saturation-Intensity (HSI) color space based on Least. ‧ 國. 學. Significant Bit (LSB). The proposed method transforms the image from RGB color. ‧. space to Hue-Saturation-Intensity (HSI) color space and then embeds secret data. y. sit. io. al. er. embedding.. Nat. inside the Intensity Plane (I-Plane) and transforms it back to RGB color model after. v. n. Lee, Tsai [6] conduct a method about a lossless data hiding based on histogram. Ch. engchi. i n U. shifting and the research break a bottleneck of data hiding rate in image that it can hide more data and produces stego-images with high qualities.. 2.2 Streaming Steganography In [15] propose a novel compression-domain video data-hiding algorithm as little perceptual distortion that determines the optimal embedding strategy to minimize both the output perceptual distortion and the output bit rate. The hidden data is embedded into selective Discrete Cosine Transform (DCT) coefficients, which are 8.

(13) found in most video compression standards. Hefeeda and Mokhtarian [4] conducted the quantitative analysis for authentication schemes by defining five metrics, which are computation cost, communication overhead, receiver buffer size, delay, and tolerance to packet losses. The research reveals the merits and shortcomings of each scheme. [7] is a robust audio watermarking scheme with high robustness against malicious attack precented for AVS audio. The original audio is segmented into. 政治大. frames. They insert the watermark into the audible spectrum area and keep the. 立. 學. ‧ 國. distortion imperceptible.. 2.3 Steganography tools introduction. ‧. We introduce four tools and have four experiments to verify the properties of. y. Nat. n. al. er. io. below.. sit. steganography, and we choose deep blue and white as the color of our original image. Ch. engchi. i n U. v. Figure 2. Original image OpenPuff[23], a advanced professional steganography tool written for Windows platform, is closed source and hard to modify.. 9.

(14) Openpuff[23] is a steganography tool developed by Cosimo Oliboni (2009). It has its public available executable running on Windows. It supports various functions to embed data into videos or images with a set of 16 kinds of 256bit open-source cryptography algorithms that can be used to protect embedded messages. We can embed media files or text into files, including audio, video, image and also text. However, up to 256Mb capacity can be hidden. It sets noises by random number generator (CSPRNG) to insist security and obfuscate stream pattern and sensitive data.. 立. 政治大. The tool is powerful not only because it is the only one, which supports video. ‧ 國. 學. format, but also it has transparency, undetectability, and integrity. We cannot. ‧. distinguish the difference between the origin image and embedded one by eyes, and. sit. y. Nat. the data size is also the same. However, severe modifications will destroy the. io. al. n. now and has not applied to commercial services yet.. Ch. engchi. i n U. Figure 3. Embedded image. 10. er. embedded watermark, so it is not robust. OpenPuff[23] is just used by normal user. v.

(15) Figure 4. The interface of OpenPuff OpenStego[24]: OpenStego can run on all platforms and written in java. It provides two functions,. 政治大 one is data hiding and the other is invisible signature Watermarking. 立. ‧ 國. 學. DES algorithm is used for data encryption, along with MD5 hashing to derive the DES key from the password provided. Currently, it supports two plugins -. ‧. RandomLSB (Randomized LSB) for data hiding and Dugad's algorithm for. er. io. sit. y. Nat. watermarking.. The tool has no robustness cause modifications still destroy the embedded image.. al. n. v i n C h image, and embedded We embedded an image in the cover e n g c h i U image size is several times. larger than original one. With the change of data size, attackers can easily detect that there’s a secret even if the images look the same.. 11.

(16) Figure 5. Embedded image. 學 sit. y. Nat. Figure 6. The interface of OpenStego. ‧. ‧ 國. 立. 政治大. io. al. er. Steganography Studio [25]:. v. n. Steganography Studio is a tool written in java, allowing using in windows but. Ch. engchi. i n U. not in mc os x. The functionalities are encode, decode, simulate and analysis. The limit range of support data format is only image (BMP, PNG,GIF). We can only embed one image to another image with one password by selecting one of 7 kinds of algorithms. Algorithms. include. BattleSteg,. BlindHide,. DynamicBattleSteg,. DynamicFilterFirst, FilterFirst,HideSeek and SLSB. The tool is weak, because the embedded files can only be saved as BMP or PNG format, so the files format is probable to be forced to change. This tool has another 12.

(17) big problem that it can only check whether there is a watermark or not with the corresponding password and the chosen algorithm, but it cannot revert the original data even if the password is correct, so it has no integrity.. 政治大立Figure 7. Embedded image ‧. ‧ 國. 學. n. er. io. sit. y. Nat. al. Ch. engchi. i n U. v. Figure 8. The interface of Steganography Studio. 13.

(18) Table 1. Algorithms induction (From Steganography: LSB Methodology Progress Report Angel N. Sierra, 2012) Name. Description. BattleSteg. Hides by filtering the image to obtain a list of ships (best places to hide), then randomly ‘shoots’ at the image until a ‘ship’ is ‘hit’. For a short while the shots are clustered around the ship, and then it moves away and begins randomly shooting again.. BlindHide. Starts writing at (0, 0) and moves along each pixel, colour. 治政大 steganography. 立 Works like BattleSteg only uses dynamic programming to and bit in scan lines across the image. Uses pure. prevent lots of memory from being used. This is NOT compatible with normal BattleSteg.. Works like FilterFirst only uses dynamic programming to. ‧. Nat. compatible with normal FilterFist. er. A pure steganography method, FilterFirst uses edge. io. FilterFirst. y. prevent lots of memory from being used. This is NOT. sit. DynamicFilterFirst. 學. ‧ 國. DynamicBattleSteg. al. v i n C hwrites to this list inUthe order given. hide. It then engchi n. detecting filters to obtain an ordered list of the best places to. HideSeek. HideSeek randomly picks a pixel / colour / bit and hides there. If it picks a bit it’s written to before, it will skip over it and go onto the next randomly selected bit. SilentEye[26] SilentEye is written in C++, and run as a cross-platform service, using LSB (Least Significant Bit) to embed text or image in image or audio. It encrypted data using AES algorithm. The method for embed contain inline and distribution. The tool is not robust so we cannot modify our cover file or the embedded. 14.

(19) watermark will be destroyed, and we can easily detect some black spot in the encrypted file so the tool does not have both transparency and undetectability. Also, the encrypted file size will be smaller than original one. According to the result of the experiment, the more black parts in the photos, the more data can be hidden inside, which will not be found easily. Black spots. 政治大. 立. ‧. ‧ 國. 學. io. n. al. er. Table 2. Steganography properties of Tools Comparison. OpenPuff. sit. y. Nat. Figure 9. Embedded image. Ch. OpenStego. engchi. iv n U Studio. Stegangraphy. SlientEye. Robustness. X. X. X. X. Transparency. O. O. O. X. Undetectability. O. X. X. X. Integrity. O. O. X. O. Capacity. Up to 256Mb. Not mentioned. Not mentioned. Password. O. O. O. 15. 0.02%~0.1% of cover image O/X.

(20) Table 3.Tools comparison. Program. Image files. support. algorithms. JPEG,BMP,. Openpuff. PNG,TGA. muti-encryptio. MP3,WAV. n,carrier. MP4,MPEG-1,. Windows all. chains,. MPEG-2,VOB,. muti-layered. SWF,FLV ,PD. obfuscation. F. bit Authored By Cosimo Oliboni , 2011 Open source Authored By George. LSB. Norman, 2008. Widows all. ) algorithm,. Authored by. SLSB. Juan José. ‧. BMP, PNG,GIF. sit. y. algorithm and. Roque, 2009. Roque filter. er. io. al. v i n PEG,BMP,WAC AES128, U hCross-platform i e h n gc VE AES256 n. Silent Eye. Freeware,256-. FilterFirst(LSB. Nat. Studio. and Linux. 學. Steganography. 立. BMP, PNG. ‧ 國. OpenStego. 治政 Windows all DES,MD5, 大. Notes. Open source Authored by Anselme Chorein. All the related works are free programs that realize the data hiding in digital content. We find out the only one program that can support video format is OpenPuff [23] and that’s the reason why we chose OpenPuff [23]at the back end, then automatically embed and extract the invisible watermarks.. 16.

(21) 3. SYSTEM DESIGN We have experiments about the common published tools in order to find the result of all the steganography properties, then select the ideal one tool named OpenPuff[23] to realize the data hiding services for digital content in our web because it is the only one tool for video encryption and decryption, and also it is free. We build a Multimedia Intelligent Authentication (MIA) [33] web service, and use OpenPuff[23] in the back-end to. provide some methods to encrypt video and. 政治大 decrypt video online. It plays a vital role in MIA [33]. In order to use OpenPuff[23], 立. ‧ 國. 學. we implement the web on Windows as mentioned that it can only run on that operating system. Embedding image in video is named Decrypt Video, and extracting. ‧. image form video is named Decrypt Video. Another function composition is for. y. Nat. n. al. er. io. the uploaded video.. sit. embedding text in video and extracting it from video. The profile page is for playing. Ch. Figure 10.. engchi. i n U. v. Functions of MIA [33]. Users can freely sign up for an account and upload their videos and images in order to embed a watermark into the videos. The format of the watermark can be image or text, which will be embedded into videos with an invisible way. Also, we can upload an encrypted video to decrypt the inside watermark out. All the encrypting and decrypting processes will automatically complete by back-end. 17.

(22) In this way, we can set our own signature or unique watermark into our videos to protect the intelligent authentication and also we can embed some text, which may be a code in the video. We use the function to protect our digital content authentication by embedding watermark in it. Whenever our video is duplicated or distributed by unauthorized users, we can claim the authority of the videos by extracting our own authentication.. 3.1 System Structure. 政治大 The whole system can be separated into three main parts, including the front-end, 立. ‧ 國. 學. back-end and the data processing.. ‧. Web (MIA). y. Nat. OpenPuff. n. al. er. io. sit. Data (Image,Text). Carrier (Video). 3 keys to encrypt. Figure 11.. Ch. 按鍵精靈. engchi. i n U. v. Embedded File. Java scheduler. System Architecture (Encryption). 18.

(23) Web (MIA) OpenPuff Embedded File. Data (Image, Text). 按鍵精靈 Carrier (Video) 3 keys to decrypt. Java scheduler. 立. Figure 12.. 政治大 System Architecture (Decryption). ‧ 國. 學. In the front-end, we use some general web skill, such as HTML, CSS and. ‧. Javascript. Use AngularJS [35] as the framework that is provided by Google to. sit. y. Nat. implement our website presentation.. n. al. er. io. In the back-end, we use PHP as programing language and implement. i n U. v. Model-View-Control (MVC) [32]design pattern to set up an API (Application. Ch. engchi. Interface) service. With these APIs, we can connect the front-end and our database for data presentation, communication and manipulation. The data processing is the most important part of the three. In this part we use OpenPuff [23] application to resolve data hiding of encryption and decryption. OpenPuff [23] has been discussed in the previous section. However, the author of it didn’t publish the source code so that we implement the encryption and decryption with another program named 按鍵精靈 9[27]. We use it in order to automate the data. 19.

(24) hiding function by simulating mouse to click the button on OpenPuff [23] for all the embedding work.. Figure 13.. 學. ‧ 國. 立. 政治大 Simulating mouse by 按鍵精靈 9. ‧. n. er. io. sit. y. Nat. al. Figure 14.. Ch. engchi. i n U. v. The interface of OpenPuff[23]. This is the interface of OpenPuff[23], the functions we use is Hide and Unhide. We use these two functions to hide image into video, and to extract it from video so we need to follow some rules of this software. 20.

(25) Figure 15.. 立. 政The data治hiding function 大. In this page, we need to insert three passwords as the keys for encryption, which. ‧ 國. 學. we could get from our database after they are inserted by the user in our website.. ‧. Then, we have to choose a carrier and an embedded file. In our research, we focused. n. al. er. io. sit. y. Nat. on hiding image or text in video format.. Ch. Figure 16.. engchi. i n U. v. The data unhiding function. This page is the screenshot of data unhiding function, we need to insert the 21.

(26) exactly the same three keys to decryption. Then select a carrier file. For all the steps of encryption and decryption, we use 按鍵精靈 9[27] to recorded every step of mouse’s positions to automate the function as mention above. We use it to write scripts to record every step of the embedding and extracting work like the screenshot.. Data. Use PHP to. Insert. Web. establish. Load. Text File. 按鍵精靈 9. 政治大. Figure 17.. 立 The data flow for script of 按鍵精靈 9. ‧ 國. 學. First, we have to let the mouse move to the position (x,y), then left click the. ‧. button. Sometimes, we need a delay between actions to wait the program executing.. y. Nat. io. sit. The script will load one established text file to get the variable including the input. er. path of image and video, the inserted passwords and the output path. The variables. al. n. v i n will be output at the step of selecting C h the file, insertingUpasswords or selecting the path engchi. of output finished file.. Figure 18.. A part of 按鍵精靈 9 code. About the information in the text file, we store them in the database by php and 22.

(27) use java to establish the text file for 按鍵精靈 9. After all the steps, we’ll output them as .exe files. These .exe files will be executed whenever java scheduler calls it because of discovering the new input video. Moreover, another providing function is embedding text in the video. When we want to embed text into the video, we use php to create a text file and save it as a bmp file. The action can mislead OpenPuff[23] as it will regard the text file as an image. In this way, the steps of embedding text are the same as embedding image. The variable. 政治大. keyText is somewhat we want to embed in the video.. 立. y. ‧. ‧ 國. 學. io. sit. PHP code of changing text into image. er. Nat. Figure 19.. However, Openpuff [23] has a few limitations on the input files. As show in the. n. al. Ch. engchi. i n U. v. figure we mentioned in chapter two. Three passwords cannot be similar with each other or we would not pass the examination by the tool to go to the next step. Also, the input size has to be many times bigger than the embedded data size or all the steganography work will not start. According to our testing, a 250 mb carrier can only embed approximately 3kb image. We need to follow all of these rules or we cannot complete the steganography work, and we cannot return the finished video to our user. The last part of the system is about the Scheduler. We schedule jobs in Java, and 23.

(28) detect whether the file is empty according to the column “is_finish”. The column records 0 for not finished and 1 as the work is completed. Once java program detects that we receive data uploaded form the front-end, the it will automatically call the scrip of 按鍵精靈 9 to automatically complete all the encryption and decryption works. After the works, the is_finish column will be modified to 1 and the user of our website fianlly can play the encrypted video online.. Figure 20.. 學. ‧ 國. 立. 政治大 Database. ‧. n. er. io. sit. y. Nat. al. Ch. engchi. Figure 21.. i n U. Java file. 24. v.

(29) 3.2 System functionality Our system can embed or extract two types of format into videos. One is image and the other is text. To extend the usability of MIA [33], the embedded text can be a program. We use PHP to save the text as a BMP format of image, and we can embed it into video using the same way without the limiting of characters by OpenPuff [23]. As we can embed the text into videos, we can also automatically extract it when we need. The texts which can be bound as a scripting language runtime as the callback,. 政治大. giving the developer the possibility to design their own variant from passive. 立. authentication to active code execution. Run the code after decrypting from video.. ‧ 國. 學. We use several languages in our web MIA to implement the functions we. Nat. io. sit. y. Html/Css. er. 3.2.1. ‧. provide:. Every function page is corresponding to an .html file, and uses css to control the view. n. al. of class in each div.. Ch. engchi. 25. i n U. v.

(30) 立. 政治大. n. Ch. engchi. Figure 23.. 3.2.2. sit. Html file. er. io. al. y. ‧. ‧ 國. 學. Nat. Figure 22.. i n U. v. Css file. Javascript. Every page is also corresponding to a javascript file and they all looks familiar 26.

(31) cause they are all for uploading file onto server no matter what function they process. It is because both encryption and decryption will need to upload files. The input video, image, and passwords will be sent to back-end to store in the database on server by php and sql.. 立. 政治大. ‧. ‧ 國. 學. n. al. er. io. sit. y. Nat Figure 24.. 3.2.3. i n U. v. Getting upload file at the front-end using javascript. Ch. engchi. Php/SQL. We use php at the back-end to upload data to server and use sql to isert or delete some detail information in the table of database. The movie table contain seven coulmns.. 27.

(32) Figure 25.. Adding video function is named addMovieRecord. 立. 政治大. ‧. ‧ 國. 學. n. er. io. sit. y. Nat. al. Figure 26.. Ch. engchi. i n U. v. Inserting information by SQL. 28.

(33) 4. SYSTEM IMPLEMENTATION AND RESULTS 4.1.Instruction of the website This website is located at http://140.119.19.91:9000/MIA. In the landing page, we will introduce the project. When users start using the system, they have to sign up an account for identifying.. 立. 政治大. ‧. ‧ 國. 學. n. er. io. sit. y. Nat. al. Ch. engchi. Figure 27.. i n U. Landing Page. 29. v.

(34) 治up page 政 Sing 大. Figure 28.. 立. After signing up and login, users can start to upload video and encrypt image into it. ‧ 國. 學. or upload encrypted video to decrypt the image out. Each member has his own profile,. ‧. and can only see his upload video. All people’s authority is distinct from others.. n. er. io. sit. y. Nat. al. Ch. engchi. Figure 29.. i n U. Encryption page. 30. v.

(35) 治 page 政 Decryption 大. Figure 30.. 立. The embed text page and extract text page are for text encryption service. In the. ‧ 國. 學. embed text page, we will transfer the typed text into a bmp image, and store it in the. ‧. database for embedding.. n. er. io. sit. y. Nat. al. Ch. engchi. Figure 31.. i n U. Encryption page. 31. v.

(36) 治 text page 政 Extract 大. Figure 32.. 立. After processing all the users’ videos, they will be displayed in profile review. ‧ 國. 學. area, and divide to encrypt type and decrypt type.. ‧. n. er. io. sit. y. Nat. al. Ch. engchi. Figure 33.. i n U. v. Profile page. For the encrypting video, users cannot click every button except for the delete button. They must wait to play the video or click the decrypt watermark until the back-end completed the encrypting work. 32.

(37) Figure 34.. 立. 政Profile治 page (Decrypt) 大. The encrypted video needs to wait for playing until the back end finish the. ‧ 國. 學. embedding work while the decrypt video doesn’t have to wait for playing.. ‧. All the uploaded video will be saved on our server.. al. er. io. sit. y. Nat. 4.2.Result. v. n. Our website MIA[33] is a package service to provide two kind of format to. Ch. engchi. i n U. embed in video, including image and text. We did a few experiments about the watermarked file to discuss the performance of our website.. 4.2.1.. Robustness:. We cut the embedded files, rotated them, adjusted the size of them, and the result is the embedded watermark would be destroyed.. 4.2.2.. Transparency and Undetectability:. 33.

(38) We measured the two properties by finding the differences between the embedded file and the origin one. Not only survey the color but also detect whether the size of them are changed. Some tools’ encoding process would change the image format, and this would appear something different to attackers.. 4.2.3.. Integrity:. We embedded the watermark into the selected images and extracted to find whether the watermark is correct.. 立. Capacity:. 學. ‧ 國. 4.2.4.. 政治大. We can embed maximum 256 MB data into videos and the carrier also limits the. ‧. embedded image size. Actually, it is difficult to embed a big size of image cause we. sit. y. Nat. need to find the big enough video as a carrier.. n. al. er. io. Now, MIA[33] cannot inspect the correctness of the passwords and the capacity. i n U. v. of the carrier. It can only save these input messages in the database and wait until the. Ch. engchi. back-end processing. If there is any problem while processing the works, the return uploaded file in the profile page could not have the right to play.. 4.3.Future work In the future, we want to combine more steganography software into our website to provide a visible service in our Website for embedding watermarks and having better control of our service. The next goal is for passive authentication to active code execution by binding a 34.

(39) scripting language runtime to the player. The specialized player is a program, which binds the sub process for processing modified video file. The player takes modified video file and the public key for encryption. As soon as the player is activated, the sub process is called and the video is played asynchronously. While the video is being played, a sub process decrypts it and reconstructed again. Using the exactly same public key, the reconstructed encrypted message is decrypted and the plain text is obtained. If the plain text is a script written in one of supported scripting languages,. 政治大. the corresponding interpreter will be loaded to execute the script. Under the. 立. circumstances that no data loss occurs during the redistribution, the framework. ‧ 國. 學. provides an active authentication process. If the sub process exits without success, it. ‧. indicates the user has no proper authentication.. n. er. io. sit. y. Nat. al. Ch. engchi. 35. i n U. v.

(40) 5.CONCLUSION In the article, we apply cryptography and steganography techniques named OpenPuff [23] to hide data in digital contents, proposing a new service that helps content owners claim digital ownership for free. We implement a website to provide online service of encrypting and decrypting message, which can be image or text. Moreover, the text we embedded can be bound as a scripting language runtime to the player. Hence, embedding text is the first step for passive authentication to active. 政治大 code execution. By using MIA [33], users can directly encrypt and decrypt their own 立. ‧ 國. 學. media data without installing any software on PC. Our web server will handle whole the data processing and provide a convenient user interface for user to manipulate.. Nat. y. ‧. Thus they will not be limited by the operation system.. io. sit. However, the technique used to embed message in video is fragile and therefore. er. cannot resist attacks/modifications on the video. I.e., modification on videos may. al. n. v i n CFollowing messages. h e n g cthehgeneric i U embedding. break the embedded. framework, an. ongoing work is to replace its own implementation as modules that can be integrated with other data hiding techniques, and implement all of them into our online service.. 36.

(41) Reference 1.. Abbass, A. S., Soleit, E. A., & Ghoniemy, S. A. (2007). Blind video data hiding using integer wavelet transforms. Ubiquit Comput Commun J, 2(1).. 2.. Bhaumik, A. K., Choi, M., Robles, R. J., & Balitanas, M. O. (2009). Data hiding in video. International Journal of Database Theory and Application, 2(2), 9-16.. 3.. Chae, J. J., & Manjunath, B. S. (1999). Data hiding in video. In Image Processing, 1999. ICIP 99. Proceedings. 1999 International Conference on(Vol. 1, pp. 311-315). IEEE.. 立. Hefeeda, M., & Mokhtarian, K. (2010). Authentication schemes for multimedia. ‧ 國. 學. 4.. 政治大. streams: Quantitative analysis and comparison. ACM Transactions on. ‧. Multimedia Computing, Communications, and Applications (TOMCCAP), 6(1),. y. sit. io. al. er. Ko, L. T. (2013). Design and Optimization for Digital Watermarking. n. 5.. Nat. 6.. Ch. Applications(Doctoral dissertation). 6.. engchi. i n U. v. Lee, C. W., & Tsai, W. H. (2010). A lossless data hiding method by histogram shifting based on an adaptive block division scheme. Pattern Recognition and Machine Vision, River Publishers, Aalborg, Denmark, 1-14.. 7.. Lei, B. Y., Feng, J., & Lo, K. T. (2010). Digital Watermarking Techniques for AVS Audio. INTECH Open Access Publisher.. 8.. Lin, C. C., & Shiu, P. F. (2010). High capacity data hiding scheme for DCT-based images. Journal of Information Hiding and Multimedia Signal 37.

(42) Processing,1(3), 220-240. 9.. Lin, E. T., & Delp, E. J. (1999, April). A review of data hiding in digital images. InPICS (pp. 274-278).. 10. Lin, E. T., Eskicioglu, A. M., Lagendijk, R. L., & Delp, E. J. (2005). Advances in digital video content protection. Proceedings of the IEEE, 93(1), 171-183. 11. Lu, C. S., & Liao, H. Y. (2001). Multipurpose watermarking for image authentication and protection. Image Processing, IEEE Transactions on, 10(10), 1579-1592. N.,. &. 立 Wong,. P.. W.. (1998).. Protecting. digital. media. 學. ‧ 國. 12. Memon,. 政治大. content.Communications of the ACM, 41(7), 35-43.. ‧. 13. Muhammad, K., Ahmad, J., Farman, H., & Zubair, M. (2014). A Novel Image. sit. y. Nat. Steganographic Approach for Hiding Text in Color Images Using HSI Color. io. al. er. Model. Middle-East Journal of Scientific Research, 22(5), 647-654.. v. n. 14. Mukherjee, D., Chae, J. J., & Mitra, S. K. (2000). A source and channel-coding. Ch. engchi. i n U. framework for vector-based data hiding in video. Circuits and Systems for Video Technology, IEEE Transactions on, 10(4), 630-645. 15. Paruchuri, J. K., & Cheung, S. (2008, May). Joint optimization of data hiding and video compression. In Circuits and Systems, 2008. ISCAS 2008. IEEE International Symposium on (pp. 3021-3024). IEEE 16. Quan, X., & Zhang, H. (2006, August). Data hiding in MPEG compressed audio using wet paper codes. In Pattern Recognition, 2006. ICPR 2006. 18th International Conference on (Vol. 4, pp. 727-730). IEEE. 38.

(43) 17. Reddy, R., Prasad, M. V., & Rao, D. S. (2009). Robust digital watermarking of color images under noise attacks. International Journal of Recent Trends in Engineering, 1(1), 334-338. 18. Sullivan, K., Bi, Z., Madhow, U., Chandrasekaran, S., & Manjunath, B. S. (2004, October). Steganalysis of quantization index modulation data hiding. In Image Processing, 2004. ICIP'04. 2004 International Conference on (Vol. 2, pp. 1165-1168). IEEE.. 政治大. 19. Swathi, A., & Jilani, D. S. Video Steganography by LSB Substitution Using. 立. Different Polynomial Equations. International Journal Of Computational. ‧ 國. 學. Engineering Research (ijceronline. com) Vol, 2.. ‧. 20. Wu, M., & Liu, B. (2003). Data hiding in image and video. I. Fundamental. sit. y. Nat. issues and solutions. Image Processing, IEEE Transactions on, 12(6), 685-695.. io. al. n. Media.. er. 21. Wu, M., & Liu, B. (2003). Multimedia data hiding. Springer Science & Business. Ch. engchi. i n U. v. 22. Wu, M., Yu, H., & Liu, B. (2003). Data hiding in image and video. II. Designs and applications. Image Processing, IEEE Transactions on, 12(6), 696-705. 23. OpenPuff 4.00 Available at: http://embeddedsw.net/OpenPuff_Steganography_Home.html 24. OpenStego Available at: http://www.openstego.info/ 25. Steganography Studio Available at: http://stegstudio.sourceforge.net/index.html 39.

(44) 26. SilentEye Available at: http://www.silenteye.org/writeplugins.html?i3s3 27. 按鍵精靈 9 Available at: http://tw.vrbrothers.com/qmacro/ 28. Digital rights management (DRM) Available at: http://en.wikipedia.org/wiki/Digital_rights_management 29. Roust. 政治大. Buchanan, J. M. (2004). Creating a robust form of Steganography (Doctoral. 立. dissertation, WAKE FOREST UNIVERSITY).. ‧. ‧ 國. 學. 30. Integrity. de Carvalho, D. F., Chies, R., Freire, A. P., Martimiano, L. A., & Goularte, R.. sit. y. Nat. (2008, September). Video steganography for confidential documents: integrity,. n. al. er. io. privacy and version control. In Proceedings of the 26th annual ACM. i n U. v. international conference on Design of communication (pp. 199-206). ACM.. Ch. 31. Transparency. engchi. Kraetzer, C., Dittmann, J., & Lang, A. (2006, February). Transparency benchmarking on audio watermarks and steganography. In Electronic Imaging 2006 (pp. 60721L-60721L). International Society for Optics and Photonics. 32. Model view controller (MVC) http://en.wikipedia.org/wiki/Model%E2%80%93view%E2%80%93controller 33. multimedia intelligent authentication (MIA). 40.

(45) http://140.119.19.91:9000/MIA/#/ 34. Adobe Photoshop http://www.photoshop.com/products/photoshop 35. Angularjs https://angularjs.org/. 立. 政治大. ‧. ‧ 國. 學. n. er. io. sit. y. Nat. al. Ch. engchi. 41. i n U. v.

(46)