A secure pixel level self-recovery scheme for digital images

Abstract

This paper presents a secure image authentication scheme for tamper localization and recovery at pixel level. The proposed scheme encrypts the watermark comprising tamper localization code and self-recovery code using chaotic sequence to ensure security. This scheme uses pixel to block conversion technique for ensuring lossless recovery of the original image from an untampered watermarked image. For enhancing the localization accuracy, a multilevel tamper localization strategy is used. The experimental results show that the proposed scheme generates watermarked images with minimal information loss and can withstand copy-move, image splicing, content removal, vector quantization, collage and content only attacks. This scheme has better security, better tamper localization accuracy and better recovered image quality under extensive tampering and takes less computation time in comparison to the state-of-the-art schemes.

Keywords

Chaotic sequence fragile watermarking image authentication image recovery tamper localization

1 Introduction

Due to the tremendous growth in the field of communication technology, it is easy to transmit and distribute digital images. State-of-the-art sophisticated editing tools makes image content modification without rendering any visual artifacts very easy. Falsification of images leads to undesired or serious consequences in various fields where the images are used as supporting evidence. For example, a tampered medical image misleads the diagnosis, a tampered forensic image deludes investigation. This mandates image content authentication in sensitive applications like medical diagnosis, forensic investigation, law enforcement, etc. to ensure the integrity of images.

One of the prominent solutions for image content authentication is fragile watermarking in which embedded watermarks are sensitive towards slight modification in the contents [1]. These schemes are suitable to authenticate the images which carry sensitive and valuable information. Fragile watermarking schemes such as [2 –5] can locate the tampered regions. These schemes divide the image into non-overlapping blocks and generate watermark containing authentication information from the image. The generated watermark is placed in the image to identify the tampered regions whenever it is needed. The schemes [6, 7] are capable of hiding application-specific data in addition to tamper localization. These schemes are less secure since authentication information is not protected. In addition to tamper localization, fragile watermarking schemes such as [8 –18] are able to recover the tampered regions. These schemes known as self-recovery schemes generate and place the watermark containing authentication and recovery information into the cover image to enable tamper localization and recovery. We propose a secure fragile watermarking scheme that provides authentication and recovery of the original image at pixel level.

The rest of this paper is organized as follows. A brief description of related works is given in section 2. The proposed scheme is described in section 3 and its security is discussed in section 4. The experimental results including watermarked image quality, tamper detection and recovery performance under various tamper ratios, and performance comparison with state-of-the-art schemes are included in section 5 before concluding in section 6.

2 Related works

This section gives a brief description of fragile watermarking schemes that can locate and recover the tampered regions. Benrhouma et al. [9] proposed a fragile watermarking scheme for tamper localization and recovery in which authentication information is generated using Singular Value Decomposition (SVD) and recovery information is computed using block average. In this scheme, if the recovery information about the tampered block is lost then that block cannot be recovered.

D. Singh and S. K. Singh proposed self-recovery schemes based on Discrete Cosine Transform [8] and Block Truncation Coding (BTC) [12]. To resist the collage attack, these schemes enable block-wise dependency by placing the watermark generated for a block in another block designated as mapping block. This dependency causes misclassification of untampered blocks if their mapping block is tampered that further degrades the recovered image quality. Haghighi et al. [10] proposed a fragile watermarking scheme for tamper localization and recovery based on Lifting Wavelet Transform (LWT) and halftoning. Qin et al. [11] proposed a non-uniform reference sharing based fragile watermarking scheme in which the Optimal Iterative Block Truncation Coding (OIBTC) algorithm is used to generate recovery information. These schemes cannot resist collage attack. Rajput and Ansari [13] proposed a fragile watermarking scheme in which four copies of the recovery information are placed in the different parts of the image. The watermark placed in the four Least Significant Bits (LSB) of image pixels is not encrypted and is vulnerable to four scanning attack [19].

Gul and Ozturk [14] proposed a pixel-wise authentication scheme in which recovery information is generated using the average value of image blocks. In this scheme, authentication information of length 2 bit per pixel is generated from the 5 MSBs of that pixel and one recovery information and placed in the last 2 LSBs. From the authentication bits, an attacker can deduce the secret bits that are used to compute authentication bits and further he can authenticate any images which pass the authentication test using this scheme.

Kim and Yang [16] proposed a self-recovery scheme in which Absolute Moment Block Truncation Code (AMBTC) is used to generate recovery information. In this scheme, Optimal Pixel Adjustment Process (OPAP) is used to hide watermark for enhancing the watermarked image quality. Hussan et al. [17] proposed a self-recovery scheme for color images in which recovery information is generated using block average. Jana et al. [18] proposed an image authentication scheme with tamper localization and recovery based on AMBTC and fuzzy logic.

The schemes [8–14 , 16–18] cannot completely recover the original image even if the received image is not tampered. Neena and Shreelekshmi [15] proposed an image authentication scheme for tamper localization, recovery, and data hiding. In this scheme, the cover image is prepared from the original image using Pixel to Block (PTB) conversion technique and divided into non-overlapping 4 × 4 blocks. The watermark containing authentication and recovery information is encrypted using chaotic sequences. The recovery information is generated using the average of 2 × 2 blocks in the original image and authentication information is computed using SVD and chaotic sequence. This scheme provides good watermarked image quality and ensures lossless recovery of the image.

From the above discussion, the existing schemes suffer from low tamper localization accuracy due to the use of large block size or miss-classification of untampered blocks if their mapping block is tampered. These schemes generate recovery information using average, BTC, and coefficients of DCT. The schemes except [15] cannot ensure lossless recovery from an untampered watermarked image and are designed for images with 8 bits per channel.

To improve the tamper localization and recovery, we propose an image authentication scheme based on chaotic sequence which is an extension of [15]. In this scheme, authentication and recovery information is computed for each image pixel in the original image to improve both tamper localization and recovery.

The contributions of the proposed scheme are as follows:

Authentication, tamper localization and recovery at pixel level.

Enhanced security due to randomness introduced using chaotic sequence in the generation, encryption and embedding of watermark.

Better image quality of recovered images under extensive tampering.

Less computational complexity in watermarked image generation process.

3 Proposed Scheme

The proposed scheme ensures complete recovery of the original image from the unaltered protected image. The cover image is created from the original image and authentication information or Tamper Localization Code (TLC) for locating the tampered regions is computed from the image pixels using chaotic sequence to make it sensitive to the changes in the image contents. The recovery information or Self Recovery Code (SRC) is computed from the MSBs of image pixels and is placed in different parts of the image to recover the tampered regions under extensive tampering. The watermark containing TLC and SRC is encrypted using chaotic sequence and placed in the three LSBs of randomly selected pixels. After embedding the watermark in the cover image, a smoothing function is applied for enhancing its perceptual quality. A multilevel tamper localization strategy is used for locating the tampered regions more precisely. Moreover, the original image is recovered from the received image in two stages to improve the quality of recovered image under extensive tampering. Table 1 shows the notations used in the proposed scheme.

Table 1
List of notations and descriptions

Notations Description

ℐ Original image

C Cover image

𝒲 Watermarked image

М Received image

ℛ Recovered image

h Height of the image

w Width of the image

c Number of channels

b Number of bits per channnel

N Number of image blocks

𝒲 Watermark

ℰ Encrypted watermark

𝒲′ Extracted watermark

C Computed watermark

D Decrypted watermark

ℐ Image identifier

key Key

Notations	Description
ℐ	Original image
C	Cover image
𝒲	Watermarked image
М	Received image
ℛ	Recovered image
h	Height of the image
w	Width of the image
c	Number of channels
b	Number of bits per channnel
N	Number of image blocks
𝒲	Watermark
ℰ	Encrypted watermark
𝒲′	Extracted watermark
C	Computed watermark
D	Decrypted watermark
ℐ	Image identifier
key	Key

3.1 Watermarked image generation

Figure 1 shows the entire procedure involved in the watermarked image generation phase.

Cover image generation: The cover image C of size 2h × 2w × c is created from the original image ℐ of size h × w × c with b bits per channel using Pixel to Block (PTB) conversion technique [6]. Then C is divided into 2 × 2 blocks C₁, C₂, …, C_N in row-major order where N = h × w.

Chaotic sequence generation: A chaotic sequence sequence = {s_i | i = 1, 2, …, (b + 9) N} is used for block mapping sequence generation, watermark encryption, and watermark embedding. The chaotic sequence sequence is generated based on logistic map using the equation $x_{n + 1} = μ x_{n} (1 - x_{n})$ (1) where n ≥ 0, 0 ≤ x₀ ≤ 1 and 0 ≤ μ ≤ 4. In order to guarantee the chaotic nature of sequence, μ is chosen from the closed range of 3.57 and 4 [20]. The key for the chaotic sequence generation, K₁ is formulated from μ and initial condition x₀. The sequence α = {s_i ∈ sequence | i = 1, 2, …, N} is created for block mapping sequence generation. Another sequence SA = {s_i ∈ sequence | i = 1, 2, …, bN} is formed for generating TLC. The sequences SE = {s_i ∈ sequence | i = bN + 1, …, (b + 9) N} and SR = {s_i ∈ sequence | i = 1, 2, …, 4N} are formed from sequence for watermark encryption and watermark embedding respectively.

Block mapping sequence generation: Block mapping sequence is generated to determine the mapping block in which the recovery data is to be hidden. A table L of size h × w to store these sequences is created as follows.

Block permutation: In order to ensure security and randomness in block mapping, blocks are permuted as follows.

Sort α in descending order

Store the original indices of the elements in α in row major order in L.

Elimination of self-mapping: After permutation, some cells may be mapped to the same cell. Such cells are swapped according to the operation $L (p, q) \leftrightarrow {\begin{matrix} L (p, q + \frac{w}{2}) & if q \leq \frac{w}{2} \\ L (p, q - \frac{w}{2}) & if q > \frac{w}{2} \end{matrix}$

for p = 1, 2, …, h, q = 1, 2, …, w.

Watermark generation and embedding: Watermark 𝒲 of length 9 bits is generated for each channel d in _Ci’s mapping block _Cj and placed in the corresponding channel of _Cj after encrypting the watermark.

Watermark generation: Watermark 𝒲 is generated by concatenating TLC and SRC. The TLC and SRC for each block is generated as follows.

TLC generation: A 2 bit tamper localization code TLC is generated as follows.

For each block _Ci, form an array T using b elements chosen from SA from positions br_i + 1 to b (r_i + 1), where r_i is a random value in the range [0, N - 1]. The random values r_i, 1 ≤ i ≤ N are generated using key K₂, image ID ℐ and channel ID as seed.

Compute the mean of values in T as m.

Sort T in decreasing order and store the original indices of the elements in T in an array U.

Compute the binary representation of j^th pixel in original image ℐ denoted by _ℐj as p.

Complement p (k) if m < T (k) for k = 1, 2, …, b.

Compute n₁ as the number of 1s in p in positions corresponding to the first $\frac{b}{2}$ positions in U.

Compute n₂ as the number of 1s in p in positions corresponding to the last $\frac{b}{2}$ positions in U.

Compute $a_{1} = {\begin{matrix} 0 & if n_{1} is even \\ 1 & otherwise \end{matrix}$ $a_{2} = {\begin{matrix} 0 & if n_{2} is even \\ 1 & otherwise \end{matrix}$

Form TLC = a₁||a₂.

Figure 2 shows an illustration of TLC generation with pixel value of 59 in original image.

SRC generation: The self-recovery code SRC is the 7 MSBs of i^th pixel in the original image ℐ.

Watermark encryption:

Compute W′ by XORing bits in 𝒲 and v_i, 1 ≤ i ≤ N where v_i is a random number in the range [1, 511]. The random values v_i, 1 ≤ i ≤ N are generated using key K₃, image ID ℐ and channel ID as seed.

Form an array A using 9 elements chosen from position 9r_i + 1 to 9 (r_i + 1) in SE where r_i is a random number as described in step i.A. in TLC generation.

Sort A in descending order and store the original indices of the elements in A in an array X.

Permute W′ using indices in X to obtain the encrypted watermark E as $E (X (k)) = W^{'} (k)$ (2) for k = 1, 2, …, 9.

Watermark embedding:

Form an array B using 4 elements chosen from positions 4r_i + 1 to 4 (r_i + 1) in SR where r_i is a random number as described in step i.A. in TLC generation.

Sort B in descending order and store the original indices of the elements in B in an array Y.

Store the pixel values in _Cj in the array Z in row major order.

Set ω₁ = Z (Y (1)) as the unchangeable pixel and others as changeable pixels to introduce randomness in positions of unchangeable pixels.

Embed the encrypted W E in 3 LSBs of Z (Y (2)) , Z (Y (3)) and Z (Y (4)). Let ρ_l, l = 2, 3, 4 be the resulting pixel values and apply smoothing function to improve the watermarked image quality as per the following steps.

f = ρ_l - Z (Y (l))

$t_{l} = {\begin{matrix} ρ_{l} + 8 & if f < = - 5 \\ ρ_{l} - 8 & if f > = 5 \\ ρ_{l} & otherwise \end{matrix}$

Following modification is done to overcome underflow-overflow problem. $ω_{l} = {\begin{matrix} t_{l} & if 0 \leq t_{l} \leq 2^{b} - 1 \\ ρ_{l} & otherwise \end{matrix}$ (3)

Z (Y (l)) = ω_l.

Form block _Cj in row major order from values in Z.

Fig. 1

Block diagram of watermarked image generation phase.

Fig. 2

Illustration of TLC generation with pixel value of 59 in original image.

3.2 Tamper detection and localization

The tamper detection and localization procedure include watermark extraction, watermark decryption and a multilevel tamper localization. Let М be the received image. М is divided into non overlapping blocks _Мi, i = 1, 2, …, N of size 2 × 2.

Watermark extraction and decryption: For each channel, the watermark is extracted and decrypted from the mapping block _Мj of _Мi as per the following steps.

Create the array Y according to step (c)ii. of watermark generation and embedding process in section 3.1.

Store the terms of _Мj in the array Z in row major order.

Extract the watermark 𝒲′ from the 3 LSBs of Z (Y (2)) , Z (Y (3)) , Z (Y (4)).

Create the array X according to step (b)iii. of watermark encryption process in section 3.1.

Do inverse permutation on 𝒲′ using X as t (k) = 𝒲′ (X (k)) for k = 1, 2, …, 9.

Compute decrypted watermark D = t ⊕ v_i.

Multilevel tamper localization: Initially, all blocks in М are considered valid and the tampered blocks are identified using a multilevel tamper localization strategy that helps to resist various tampering attacks.

In this level invalid blocks are identified using changeable and unchangeable pixels.

Classify the pixels in _Мi as unchangeable pixel ω₁ and changeable pixels ω₂, ω₃, ω₄.

Compute TLC for ω₁ and compare with extracted TLC. If a mismatch occurs, the block is labeled as invalid otherwise go to next step.

Extract 3 LSBs from ω₂ and insert into the 3 LSBs of ω₁.

Apply smoothing function on ω₁.

If ω₁ is different from ω₂, _Мi is considered as invalid, otherwise repeat steps iii-v for ω₃ and ω₄.

Let A₁, …, A₈ be the neighboring blocks of a valid block B as shown in Figure 3. For each valid block B after level 1 if all three blocks in any one of the four triples (A₂, A₃, A₅) , (A₅, A₈, A₇) , (A₇, A₆, A₄) , (A₄, A₁, A₂) are invalid, B is considered invalid. The above step is repeated on all blocks in the image once again. All invalid blocks are considered tampered.

For each valid block, 7 MSBs of the unchangeable pixel are compared with the extracted SRC from the mapping block. In case of a mismatch, the block is labeled invalid. If a block is invalid and the number of invalid neighboring blocks is greater than or equal to the number of invalid neighboring blocks of its mapped block or at most two neighboring blocks are valid, the block is considered tampered.

For images with single channel, the untampered blocks are considered as tampered if the number of tampered neighboring blocks is more than four.

3.3 Image recovery

Suppose ℛ of size h × w × c represents the recovered image that is obtained from М. Initially, the pixels of ℛ are assigned with zeros. The pixels of ℛ is obtained in two stages as described below.

Stage 1:

For each pixel _ℛi,

If _Мi is not tampered, then _ℛi is assigned with the unchangeable pixel in _Мi.

If _Мi is tampered and it’s mapping block _Мj is not tampered, then _ℛi is assigned with extracted 7 bit recovery information from _Мj after appending with b - 7 zero bits

Fig. 3

Neighboring blocks of a block B.

Stage 2:

An image inpainting algorithm [21] is adopted to recover the pixels which are not recovered in the first stage.

4 Security analysis

The security of the watermark along with the resistance of the proposed scheme against copy-move, image splicing, content removal, Vector Quantization (VQ), collage, and content only attacks are discussed in this section.

Security of the watermark:

Security of the watermark implies the difficulty to remove or modify the watermark without changing the watermarked image knowing the scheme. In this scheme, a watermark of length 9 × h × w bits is generated for an image of size h × w. The generated watermark is encrypted by first XORing with a random bit sequence generated using secret key, image identifier and channel identifier as key and then permuting using a chaotic sequence. The scheme has perfect secrecy as the random bit sequence varies for each channel for each image and chaotic sequence has infinite key space. For each channel, since the chaotic sequence is highly susceptive to the initial condition and control parameter which is used as one of the keys of the proposed scheme, the encrypted watermark is highly key sensitive. If the attacker guesses a 9-bit combination as watermark bits for a particular block, he cannot verify it without knowing the exact keys from the infinite key space since the generated watermark for that block depends on the chaotic sequence and image contents. Hence embedded watermark is highly secure for the proposed scheme.

Resistance to tampering attacks:

A multilevel tamper localization strategy is used to identify any modifications in the image contents and resist various tampering attacks. The first level identifies the modifications using TLC which depends on the image content and random number generated based on the key, image identifier and channel identifier. Also, this level uses the modifications in the changeable pixels using unchangeable pixels and the embedded watermark which in turn depends on the chaotic sequence. This helps to identify change in the block position and block contents. This resists image splicing, copy move, content removal, VQ, collage and content only attacks. Level 2 increases the tamper detection rate by identifying the unidentified tampered blocks in the first level. To further improve the resistance against VQ and collage, third level tamper localization is based on embedded recovery information that enables block wise dependency. The remaining levels help to increase the tamper detection rate by using the tamper detection status of the neighboring blocks. This shows that the proposed scheme can identify any modification in the image and have resistance to copy-move, image splicing, content removal, VQ, collage and content only attacks.

5 Experimental results and analysis

The proposed scheme is evaluated by conducting experiments on 96 grayscale (IS1) and 64 color (IS2) images of size 512 × 512 selected from CVG-UGR [22] database. The scheme is also tested on 50 MR images (IS3) of size 256 × 256 in DICOM format [23]. The experimental setup uses a computer with Intel 2.3 GHz processor, 4 GB memory, Ubuntu 16.04 LTS operating system and MATLAB R2017b. In the experiments, the parameters K₁, K₂, K₃ and image identifier ℐ are set as (0.8566, 3.998), 100, 101 and filename in the database respectively. Channel ID takes values varies from 1 to 3 for color images.

5.1 Watermarked image quality analysis

Peak Signal to Noise Ratio (PSNR) and Structural Similarity Index Metric (SSIM) measures perceptual quality of watermarked image. The average PSNR and SSIM values for each image set before and after applying the smoothing function are shown in Table 2. The results show that the smoothing function helps to enhance the watermarked image quality and the proposed scheme generates watermarked images with good quality.

Table 2
Watermarked image quality before and after applying smoothing function

Image Set Before smoothing function After smoothing function

PSNR SSIM PSNR SSIM

IS1 39.068 0.948580 41.715 0.966332

IS2 38.665 0.970406 41.520 0.977624

IS3 63.294 0.999997 66.06 0.999999

Image Set	Before smoothing function	After smoothing function
IS1	39.068	0.948580	41.715	0.966332
IS2	38.665	0.970406	41.520	0.977624
IS3	63.294	0.999997	66.06	0.999999

5.2 Tamper detection and recovery performance analysis

The effectiveness of the proposed scheme for tamper detection is measured by True Positive Rate (TPR) or Tamper Detection Rate (TDR), True Negative Rate (TNR), accuracy and precision (p) [1]. The recovery performance is evaluated using PSNR that measures the similarity between the recovered and original image.

To analyze the performance of the proposed scheme, tampering attacks such as copy-move, image splicing, content removal, VQ, collage, and content only attacks are simulated as follows at various tamper ratios on each watermarked image.

Copy-move attack: Image is altered by copying a portion of the image and pasting them to the same image.

Image splicing: Image is tampered by replacing the regions with portions from an external image.

Content removal: Image is tampered by replacing the pixels with grey pixels.

VQ attack: A region of the watermarked image is replaced with a region from the other watermarked image without considering the spatial location.

Collage attack: A portion of the watermarked image is replaced with the portion from the other watermarked image while preserving the spatial location.

Content only attack: Image is tampered by replacing a specified number of MSBs of each image pixels with that of other images while preserving the 3 LSBs.

Figure 4 shows the tamper localization and recovery performance of the proposed scheme on sample images from image sets IS1 and IS2.

Fig. 4

Visual performance of the proposed scheme on tamper localization and recovery on sample images from image sets IS1 and IS2.

Table 3 shows the average TPR for different tampering attacks on each image set. Since the obtained average TPR is above 99.99 % in all cases, the proposed scheme can resist copy-move, image splicing, content removal, VQ, collage and content only attacks.

Table 3

Tamper detection performance for different tampering attacks on each image set in terms of TPR

Image Set	Attacks	Tamper ratio (%)
		0	10	20	30	40	50	60	70	80	90
IS1	Copy-move	100	99.9996	99.9998	99.9998	99.9998	99.9999	99.9998	99.9997	99.9995	99.9995
	Image splicing	100	99.9999	100	99.9999	99.9999	99.9998	99.9998	99.9998	99.9996	99.9995
	Content removal	100	99.9999	99.9998	99.9991	99.9991	99.999	99.9998	99.9998	99.9978	99.9975
	VQ	100	99.9998	99.9999	99.9998	99.9999	99.9999	99.9999	99.9998	99.9996	99.9995
	Collage	100	100	100	99.9999	99.9999	100	100	100	99.9998	99.9998
	Content only	100	100	100	99.9998	99.9998	99.9997	99.9995	99.999	99.9978	99.9958
IS2	Copy-move	100	100	100	100	100	100	100	100	100	100
	Image splicing	100	100	100	100	100	100	100	100	100	100
	Content removal	100	100	100	100	100	100	100	100	100	100
	VQ	100	100	100	100	100	100	100	100	100	100
	Collage	100	100	100	100	100	100	100	100	100	100
	Content only	100	100	100	100	100	100	100	100	100	100
IS3	Copy-move	100	99.9982	100	99.9994	100	99.9999	99.9993	99.9998	99.9992	99.9996
	Image splicing	100	99.9976	99.9997	99.9992	99.9996	99.9996	99.9993	99.9997	99.9993	99.9997
	Content removal	100	100	100	99.9998	100	99.9998	99.9973	99.9996	99.9972	99.9993
	VQ	100	99.9961	99.9989	99.9989	99.9992	99.9996	99.9986	99.9995	99.9991	99.9996
	Collage	100	99.9985	100	99.9985	100	99.9993	99.9994	99.9998	99.9994	99.9999
	Content only	100	100	100	99.9999	100	99.9999	99.9999	100	99.9999	100

Table 4 shows the average TNR for different tampering attacks on each image set. The proposed scheme achieves an average TNR of 99 % in all cases except content only attack for grayscale and MR images. This implies the proposed scheme classifies more than 99 % of the untampered pixels of extracted original image correctly.

Table 4

Tamper detection performance for different tampering attacks on each image set in terms of TNR

Image Set	Attacks	Tamper ratio (%)
		0	10	20	30	40	50	60	70	80	90
IS1	Copy-move	100	99.9994	99.9989	99.9988	99.998	99.997	99.9948	99.992	99.9881	99.9729
	Image splicing	100	99.9999	99.9998	99.9998	99.9996	99.9994	99.9989	99.9982	99.9974	99.9942
	Content removal	100	99.9998	99.9996	99.9996	99.9994	99.9991	99.9983	99.9974	99.9961	99.9911
	VQ	100	99.9999	99.9997	99.9997	99.9995	99.9993	99.9989	99.9985	99.9977	99.9945
	Collage	100	99.9997	99.9997	99.9996	99.9995	99.9993	99.9986	99.9979	99.9969	99.993
	Content only	100	99.8862	99.7272	99.52	99.2194	98.7961	98.1483	97.143	95.1689	89.768
IS2	Copy-move	100	100	100	100	100	100	100	100	100	100
	Image splicing	100	100	100	100	100	100	100	100	100	100
	Content removal	100	100	100	100	100	100	100	100	100	100
	VQ	100	100	100	100	100	100	100	100	100	100
	Collage	100	100	100	100	100	100	100	100	100	100
	Content only	100	99.9962	99.9905	99.9845	99.9757	99.9673	99.9529	99.9263	99.8377	99.5996
IS3	Copy-move	100	99.9998	99.9992	99.9992	99.9981	99.9979	99.9971	99.9947	99.9923	99.9781
	Image splicing	100	99.9998	99.9991	99.9993	99.9981	99.9987	99.9978	99.9958	99.9946	99.9822
	Content removal	100	100	100	100	99.9998	99.9999	99.9999	99.9993	99.9991	99.9994
	VQ	100	99.9998	99.9993	99.9994	99.9982	99.9986	99.9979	99.9953	99.994	99.9813
	Collage	100	99.9998	99.9984	99.9988	99.9978	99.9973	99.9954	99.9921	99.9897	99.971
	Content only	100	99.3671	98.5787	97.6914	96.5466	95.2174	93.2498	90.1478	84.7669	70.9904

Tables 5 and 6 show the average accuracy and precision for different tampering attacks on each image set. The average accuracy and precision are above 99.9 % for all cases except content only attack for grayscale and MR images. It is evident that the proposed scheme can locate the tampered regions precisely. In case of content only attack on grayscale and MR images, TNR, accuracy and precision are less due to the misclassification of untampered blocks at various levels of tamper localization procedure.

Table 5

Tamper detection performance for different tampering attacks on each image set in terms of accuracy

Image Set	Attacks	Tamper ratio (%)
		0	10	20	30	40	50	60	70	80	90
IS1	Copy-move	100	99.9994	99.9991	99.9991	99.9987	99.9984	99.9978	99.9974	99.9972	99.9968
	Image splicing	100	99.9999	99.9999	99.9998	99.9997	99.9996	99.9995	99.9993	99.9991	99.999
	Content removal	100	99.9998	99.9996	99.9994	99.9993	99.999	99.9992	99.9991	99.9975	99.9968
	VQ	100	99.9999	99.9998	99.9997	99.9997	99.9996	99.9995	99.9994	99.9992	99.999
	Collage	100	99.9998	99.9997	99.9997	99.9996	99.9996	99.9994	99.9994	99.9992	99.9991
	Content only	100	99.897	99.7797	99.6599	99.5232	99.3828	99.2368	99.1042	98.9611	98.8092
IS2	Copy-move	100	100	100	100	100	100	100	100	100	100
	Image splicing	100	100	100	100	100	100	100	100	100	100
	Content removal	100	100	100	100	100	100	100	100	100	100
	VQ	100	100	100	100	100	100	100	100	100	100
	Collage	100	100	100	100	100	100	100	100	100	100
	Content only	100	99.9966	99.9924	99.9891	99.9853	99.9835	99.9811	99.9778	99.9671	99.9585
IS3	Copy-move	100	99.9996	99.9994	99.9993	99.9988	99.9989	99.9984	99.9983	99.9979	99.9975
	Image splicing	100	99.9996	99.9992	99.9993	99.9987	99.9991	99.9987	99.9985	99.9984	99.998
	Content removal	100	100	100	99.9999	99.9999	99.9999	99.9983	99.9995	99.9976	99.9993
	VQ	100	99.9994	99.9992	99.9992	99.9986	99.9991	99.9983	99.9983	99.9981	99.9978
	Collage	100	99.9997	99.9987	99.9987	99.9987	99.9983	99.9978	99.9975	99.9975	99.997
	Content only	100	99.4277	98.8509	98.3472	97.861	97.486	97.1106	96.7453	96.4005	95.9657

Table 6

Tamper detection performance for different tampering attacks on each image set in terms of precision

Image Set	Attacks	Tamper ratio (%)
		0	10	20	30	40	50	60	70	80	90
IS1	Copy-move	100	99.9946	99.9956	99.9971	99.997	99.997	99.9966	99.9966	99.997	99.997
	Image splicing	100	99.9989	99.9993	99.9996	99.9995	99.9994	99.9993	99.9993	99.9994	99.9994
	Content removal	100	99.998	99.9983	99.9991	99.9991	99.9991	99.9989	99.9989	99.999	99.999
	VQ	100	99.9988	99.9989	99.9993	99.9993	99.9993	99.9993	99.9993	99.9994	99.9994
	Collage	100	99.9977	99.9987	99.9991	99.9992	99.9993	99.999	99.9991	99.9992	99.9992
	Content only	100	98.9229	98.8763	98.8546	98.7986	98.7577	98.7254	98.7183	98.7007	98.6781
IS2	Copy-move	100	100	100	100	100	100	100	100	100	100
	Image splicing	100	100	100	100	100	100	100	100	100	100
	Content removal	100	100	100	100	100	100	100	100	100	100
	VQ	100	100	100	100	100	100	100	100	100	100
	Collage	100	100	100	100	100	100	100	100	100	100
	Content only	100	99.9662	99.9622	99.9637	99.9634	99.967	99.9685	99.9683	99.9588	99.9539
IS3	Copy-move	100	99.9982	99.997	99.9982	99.9971	99.9979	99.9981	99.9977	99.9981	99.9976
	Image splicing	100	99.9982	99.9964	99.9984	99.9972	99.9987	99.9985	99.9982	99.9987	99.9981
	Content removal	100	99.9997	99.9998	99.9999	99.9998	99.9999	99.9999	99.9997	99.9998	99.9999
	VQ	100	99.9979	99.9971	99.9986	99.9973	99.9986	99.9986	99.998	99.9985	99.998
	Collage	100	99.9982	99.9937	99.9973	99.9967	99.9973	99.997	99.9967	99.9974	99.9969
	Content only	100	94.3651	94.343	94.5051	94.6836	94.9721	95.1969	95.3711	95.5051	95.529

Table 7 shows the recovery performance of the scheme under various tampering attacks. From the table, it is clear that the proposed scheme recovers the original image completely if the received image is unaltered. The quality of the recovered image is greater than 31 dB for all image sets for tamper ratio up to 50%. The PSNR reduces to 23 dB when tamper ratio reduces to 90%. This shows that the proposed scheme achieves acceptable recovered image quality under extensive tampering.

Table 7

Recovery performance under different tampering attacks

Image Set	Attacks	Recovered image quality with various tamper ratios (dB)
		0	10	20	30	40	50	60	70	80	90
IS1	Copy-move	∞	46.4	40.23	36.43	33.68	31.47	29.65	27.84	25.94	23.67
	Image splicing	∞	46.4	40.23	36.43	33.68	31.47	29.65	27.84	25.94	23.67
	Content removal	∞	49.5	42.84	38.55	35.16	32.39	29.98	27.86	25.79	23.54
	VQ	∞	46.4	40.23	36.43	33.68	31.47	29.65	27.84	25.94	23.67
	Collage	∞	49.5	42.84	38.57	35.17	32.4	29.98	27.86	25.8	23.56
	Content only	∞	49.54	42.87	38.58	35.18	32.4	29.98	27.86	25.75	23.48
IS2	Copy-move	∞	47.4	41.01	37.1	34.25	32.04	30.31	28.53	26.6	24.32
	Image splicing	∞	47.4	41.01	37.1	34.25	32.04	30.31	28.53	26.6	24.32
	Content removal	∞	51.06	43.89	39.38	36.14	33.49	31.04	28.85	26.7	24.33
	VQ	∞	47.4	41.01	37.1	34.25	32.04	30.31	28.53	26.6	24.32
	Collage	∞	50.94	43.81	39.3	36.07	33.43	30.99	28.81	26.65	24.29
	Content only	∞	51.06	43.89	39.38	36.14	33.49	31.04	28.85	26.7	24.33
IS3	Copy-move	∞	56.95	53.72	51.64	50.18	41.84	40.85	39.93	38.97	37.3
	Image splicing	∞	56.87	53.72	51.62	50.1	41.82	40.83	39.91	39	37.3
	Content removal	∞	57.15	54.07	52.26	50.72	49.34	46.76	46.63	44.18	43.25
	VQ	∞	56.72	53.67	51.57	49.99	41.82	40.78	39.9	38.95	37.29
	Collage	∞	57.15	54.07	52.21	50.72	49.28	47.79	46.64	45.13	43.33
	Content only	∞	57.15	54.07	52.26	50.72	49.41	48.03	46.67	45.24	43.36

5.3 Comparison with state-of-the-art schemes

To compare the proposed scheme with Pixel to Block conversion and Checksum based scheme (PBC) [6], DCT and Linear mapping based Self-recovery scheme (DLS) [8], SVD and Linear mapping based Self-recovery scheme (SLS) [9], Lifting wavelet transform and Halftoning based Self-recovery scheme (LHS) [10], Reference Sharing based Self-recovery scheme (RSS) [11], BTC and Linear mapping based Self-recovery scheme (BLS) [12], Block Average based Self-recovery scheme (BAS) [13] and Self-recovery scheme using Chaotic sequence and SVD (SCS) [15], the schemes are tested on grayscale images.

Table 8 shows a comparison of the proposed scheme in terms of data payload, watermarked image quality, time required to generate the watermarked image, tamper localization accuracy and quality of recovered image from received image under various tamper ratios.

Table 8
Performance comparison of proposed scheme with state-of-the-art schemes

Schemes Data payload (bpp) Watermarked image Watermark encrypted or not Tamper localization wrt original image Recovered image quality with various tamper ratio (dB)

Quality (dB) Generation time (s) Block size Accuracy 0 10 20 30 40 50 60 70 80 90

PBC [6] 0.75 46.39 5.21 No 2 × 2 88.09 ∞ 16 12.76 10.75 9.32 8.19 7.25 6.47 5.76 5.14

DLS [8] 3 38.19 52.79 Yes 2 × 2 93.77 38.19 27.95 24.26 22 20.34 19.17 17.88 16.82 15.67 14.56

SLS [9] 2 44.12 7.19 Yes 2 × 2 97.35 44.12 18.96 15.76 13.71 12.32 11.18 9.15 7.75 6.65 5.75

LHS [10] 2 46.41 8.96 Yes 2 × 2 77.46 42.81 35.25 32.73 30.82 29.22 28.32 22.62 18.49 15.56 13.05

RSS [11] 2 44.12 11.56 Yes 8 × 8 54.49 44.12 38.18 35.82 33.8 32.41 31.26 19.69 18.81 13.32 12.77

BLS [12] 3 37.24 99.16 Yes 2 × 2 96.56 37.24 16.37 12.99 10.97 9.56 8.43 7.42 6.6 5.84 5.19

BAS [13] 4 32.52 0.04 No 2 × 2 85.19 28.22 24.93 22.59 21.69 20.49 21.22 10.77 7.1 5.39 4.82

SCS [15] 1.5 47.46 17.97 Yes 2 × 2 89.15 ∞ 40.2 36.33 34.01 32.13 30.77 28.74 26.91 25.05 22.9

Proposed Scheme 2.25 41.72 6.33 Yes 1 × 1 99.9 ∞ 49.5 42.84 38.52 35.14 32.35 29.97 27.85 25.76 23.51

Schemes	Data payload (bpp)	Watermarked image	Watermark encrypted or not	Tamper localization wrt original image	Recovered image quality with various tamper ratio (dB)
PBC [6]	0.75	46.39	5.21	No	2 × 2	88.09	∞	16	12.76	10.75	9.32	8.19	7.25	6.47	5.76	5.14
DLS [8]	3	38.19	52.79	Yes	2 × 2	93.77	38.19	27.95	24.26	22	20.34	19.17	17.88	16.82	15.67	14.56
SLS [9]	2	44.12	7.19	Yes	2 × 2	97.35	44.12	18.96	15.76	13.71	12.32	11.18	9.15	7.75	6.65	5.75
LHS [10]	2	46.41	8.96	Yes	2 × 2	77.46	42.81	35.25	32.73	30.82	29.22	28.32	22.62	18.49	15.56	13.05
RSS [11]	2	44.12	11.56	Yes	8 × 8	54.49	44.12	38.18	35.82	33.8	32.41	31.26	19.69	18.81	13.32	12.77
BLS [12]	3	37.24	99.16	Yes	2 × 2	96.56	37.24	16.37	12.99	10.97	9.56	8.43	7.42	6.6	5.84	5.19
BAS [13]	4	32.52	0.04	No	2 × 2	85.19	28.22	24.93	22.59	21.69	20.49	21.22	10.77	7.1	5.39	4.82
SCS [15]	1.5	47.46	17.97	Yes	2 × 2	89.15	∞	40.2	36.33	34.01	32.13	30.77	28.74	26.91	25.05	22.9
Proposed Scheme	2.25	41.72	6.33	Yes	1 × 1	99.9	∞	49.5	42.84	38.52	35.14	32.35	29.97	27.85	25.76	23.51

The average data payload of the proposed scheme is higher than PBC, SLS, LHS, RSS, SCS and lower than DLS, BLS and BAS. This influences the watermarked image quality and proposed scheme provides watermarked image quality greater than DLS, BLS and BAS.

The computational time complexity of all schemes is $O (h \times w)$ for an image of size h × w. The computation time for each scheme depends on the number of blocks and block inner operations. From Table 8, the average watermarked image generation time of the proposed scheme is 6.33 s which is faster than DLS, SLS, RSS, LHS, BLS, SCS. The proposed scheme takes more time in comparison to schemes that do not encrypt watermark like PBC and BAS.

The proposed scheme locates the tampered regions at pixel level and other schemes locate the tampered regions at block level. This influences the localization accuracy especially in noise addition attack. For illustrating the localization accuracy, salt and pepper noise with a density of 0.01 is added to the watermarked image. From Table 8, it is evident that the accuracy of the proposed scheme is high since the tamper localization is done at pixel level.

To demonstrate comparison in terms of recovered image quality under extensive tampering, each watermarked image is tampered by replacing image pixels with white pixels from left to right at various tamper ratios. Table 8 shows the average PSNR of the watermarked image and recovered image. The proposed scheme provides watermarked images with better quality as compared with recent schemes. For the proposed scheme and PBC, PSNR of the recovered image is ∞ at tamper ratio 0 %. This means that these schemes ensure 100 % recovery of the original image from an unaltered protected image. It is noticed that the quality of recovered image decreases with increase in tamper ratio for all schemes. Among the schemes, the proposed scheme provides improved recovered image quality under extensive tampering.

Table 9 summarizes resistance of the self-recovery schemes PBC, DLS, SLS, RSS, LHS, BLS, BAS, Pixel level Authentication based Self-recovery scheme (PAS) [14], SCS and the proposed scheme against various tampering attacks such as VQ, collage (CA), content only (COA), and constant feature (CFA). DLS, BLS, SCS and the proposed scheme can resist all attacks since these schemes enable block-wise dependency and authentication information depends on the image contents and its position. As compared with the state-of-the-art schemes, the proposed scheme is more secure by introducing more randomness in selecting pixel positions where watermark bits are embedded.

Table 9

Comparison of resistance of self-recovery schemes against various tampering attacks

Methods	VQ	CA	COA	CFA
PBC [6]	No	No	Yes	No
DLS [8]	Yes	Yes	Yes	Yes
SLS [9]	Yes	Yes	Yes	No
LHS [10]	Yes	No	No	No
RSS [11]	Yes	No	Yes	Yes
BLS [12]	Yes	Yes	Yes	Yes
BAS [13]	Yes	Yes	Yes	No
PAS [14]	Yes	Yes	Yes	No
SCS [15]	Yes	Yes	Yes	Yes
Proposed Scheme	Yes	Yes	Yes	Yes

6 Conclusion

In this paper, a secure image authentication scheme that performs tamper localization and recovery is proposed. The embedded watermark is highly secure and fragile in nature. The proposed scheme provides 100% recovery of the original image if the received image is not tampered. This scheme provides pixel-wise authentication and ensures tamper localization at pixel-level. Experimental results demonstrate that the proposed scheme can resist content removal, copy-move, VQ, image splicing and collage attacks. The scheme has better security, better tamper localization accuracy and better recovered image quality under extensive tampering compared to the state-of-the-art schemes. The scheme can be used to secure the images carrying sensitive information like medical images, biometric images that demand lossless recovery of image, precise tamper localization and high recovery rate. The limitation of the scheme is that the storage requirement is high for ensuring lossless recovery. A future direction of research is to reduce storage requirements while maintaining other performance parameters at optimum.

Acknowledgment

Authors are grateful to the Department of Higher Education, Government of Kerala, for granting the research fellowship.

References

Neena Raj

N.R.

and Shreelekshmi

, A survey on fragile watermarking based image authentication schemes, Multimedia Tools and Applications 80 (2021), 19307–19333.

Neena Raj

N.R.

and Shreelekshmi

, Blockwise fragile watermarking schemes for tamper localization in digital images, In International Conference on Control, Communication, and Computing (IC4), IEEE, 2018, pp. 441–446.

Gull

, Loan

N.A.

, Parah

S.A.

, Sheikh

J.A.

and Bhat

G.M.

, An efficient watermarking technique for tamper detection and localization of medical images, Journal of Ambient Intelligence and Humanized Computing 11(5) (2020), 1799–1808.

Sahu

A.K.

, A logistic map based blind and fragile water-marking for tamper detection and localization in images, Journal of Ambient Intelligence and Humanized Computing (2021), 1–13.

Neena Raj

N.R.

and Shreelekshmi

, Fragile watermarking scheme for tamper localization in images using logistic map and singular value decomposition, Journal of Visual Communication and Image Representation (2022), 103500.

Parah

S.A.

, Ahad

, Sheikh

J.A.

and Bhat

G.M.

, Hiding clinical information in medical images: A new high capacity and reversible data hiding technique, Journal of Biomedical Informatics 66 (2017), 214–230.

Geetha

and Geetha

, Embedding electronic patient information in clinical images: An improved and efficient reversible data hiding technique, Multimedia Tools and Applications 79(19) (2020), 12869–12890.

Singh

and Singh

S.K.

, Dct based efficient fragile watermarking scheme for image authentication and restoration, Multimedia Tools and Applications 76(1) (2017), 953–977.

Benrhouma

, Hermassi

and Belghith

, Security analysis and improvement of an active watermarking system for image tampering detection using a self-recovery scheme, Multimedia Tools and Applications 76(20) (2017), 21133–21156.

10.

Haghighi

B.B.

, Taherinia

A.H.

and Harati

, Trlh: Fragile and blind dual watermarking for image tamper detection and self-recovery based on lifting wavelet transform and halftoning technique, Journal of Visual Communication and Image Representation 50 (2018), 49–64.

11.

Qin

, Ji

, Chang

C.-C.

, Dong

and Sun

, Non-uniform watermark sharing based on optimal iterative btc for image tampering recovery, IEEE Multi Media 25(3) (2018), 36–48.

12.

Singh

and Singh

S.K.

, Block truncation coding based effective watermarking scheme for image authentication with recovery capability, Multimedia Tools and Applications 78(4) (2019), 4197–4215.

13.

Rajput

and Ansari

I.A.

, Image tamper detection and self-recovery using multiple median watermarking, Multimedia Tools and Applications 79(47) (2020), 35519–35535.

14.

Gul

and Ozturk

, A novel pixel-wise authentication-based self-embedding fragile watermarking method, Multimedia Systems 27(3) (2021), 531–545.

15.

Neena Raj

N.R.

and Shreelekshmi

, A secure image authentication scheme with tamper localization and recovery, Fuzzy Systems and Data Mining VII: Proceedings of FSDM 2021 340 (2021), 277–284.

16.

Kim

and Yang

C.-N.

, Self-embedding fragile watermarking scheme to detect image tampering using ambtc and opap approaches, Applied Sciences 11(3) (2021), 1146.

17.

Hussan

, Parah

S.A.

, Jan

and Qureshi

G.J.

, Self-embedding framework for tamper detection and restoration of color images, Multimedia Tools and Applications (2022), 1–32.

18.

Jana

, Jana

and Joardar

, Local feature based self-embedding fragile watermarking scheme for tampered detection and recovery utilizing ambtc with fuzzy logic, Journal of King Saud University-Computer and Information Sciences (2022).

19.

Chang

C.-C.

, Fan

Y.-H.

and Tai

W.-L.

, Four-scanning attack on hierarchical digital watermarking method for image tamper detection and recovery, Pattern Recognition 41(2) (2008), 654–661.

20.

Mandal

M.K.

, Banik

G.D.

, Chattopadhyay

and Nandi

, An image encryption process based on chaotic logistic map, IETE Technical Review 29(5) (2012), 395–404.

21.

Shen

and Chan

T.F.

, Mathematical models for local nontexture inpaintings, SIAM Journal on Applied Mathematics 62(3) (2002), 1019–1043.

22.

The cvg-ugr image database. https://ccia.ugr.es/cvg/dbimagenes/index.php. Accessed on January 2021.

23.

Cancer imaging archive. https://nbia.cancerimagingarchive.net/nbia-search/. Accessed on October 2021.

A secure pixel level self-recovery scheme for digital images

Abstract

Keywords

1 Introduction

2 Related works

3 Proposed Scheme

3.3 Image recovery

Stage 1:

Stage 2:

Security of the watermark:

Resistance to tampering attacks:

5 Experimental results and analysis

5.1 Watermarked image quality analysis

Table 2 Watermarked image quality before and after applying smoothing function Image Set Before smoothing function After smoothing function PSNR SSIM PSNR SSIM IS1 39.068 0.948580 41.715 0.966332 IS2 38.665 0.970406 41.520 0.977624 IS3 63.294 0.999997 66.06 0.999999

Acknowledgment

References

Table 2
Watermarked image quality before and after applying smoothing function

Image Set Before smoothing function After smoothing function

PSNR SSIM PSNR SSIM

IS1 39.068 0.948580 41.715 0.966332

IS2 38.665 0.970406 41.520 0.977624

IS3 63.294 0.999997 66.06 0.999999