machine learning techniques for image forensics in
play

Machine Learning Techniques for Image Forensics in Adversarial - PDF document

Jul 17, 2023 •12 likes •802 views

See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/340492084 Machine Learning Techniques for Image Forensics in Adversarial Setting (Ph.D. presentation) Presentation April 2020

  1. See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/340492084 Machine Learning Techniques for Image Forensics in Adversarial Setting (Ph.D. presentation) Presentation · April 2020 CITATIONS READS 0 116 1 author: Ehsan Nowroozi Università degli Studi di Siena 27 PUBLICATIONS 65 CITATIONS SEE PROFILE Some of the authors of this publication are also working on these related projects: Development of machine learning techniques for image and video forensics in adversarial setting View project All content following this page was uploaded by Ehsan Nowroozi on 07 April 2020. The user has requested enhancement of the downloaded file.

  2. Machine Learning Techniques for Image Forensics in Adversarial Setting Ph.D. Thesis Presentation by Ehsan Nowroozi Supervisor Prof. Mauro Barni Co Supervisor Dr. Benedetta Tondi Examination Committe Prof. Alessandro Piva Prof. Giulia Boato Prof. Stefano Melacci University of Florence University of Trento University of Siena 2, April 2020 Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi

  3. Outline Part I: Introduction Ø Introduction Ø Contribution Part II: Overview Ø Prior art on ML-based Image Forensics Ø Adversarial Image Forensics Part III: Original Contribution of the Thesis (SELECTED WORKS) Ø Improving the Security of Image Manipulation Detection Through One-and-a-half- class Multiple Classification. Ø On the Transferability of Adversarial Examples Against CNN-Based Image Forensics. Ø Effectiveness of Random Deep Feature Selection for Securing Image Manipulation Detectors Against Adversarial Examples. Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 2/59

  4. Introduction Ø Multimedia Forensics gathers information on the history of multimedia documents. From Model-based to Data-driven Ø A statistical characterization and modeling for complex forensic tasks is often not available. Ø Forensic researchers have resorted to ML techniques. Ø Disabiling ML-based forensic analysis turns out to be an easy task ! Ø Overcome the security limits and design systems thought to work in the adversarial setting is a necessity. Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 3/59

  5. Contribution of Thesis Ø We developed ML techniques for Image Forensics in adversarial setting (secure ML) • focus on image manipulation detection (and binary classification in particular). • Adversary-aware systems • Intrinsically more secure detectors [Focus] Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 4/59

  6. Part II Prior Art on ML-Based Image forensics Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 5/59

  7. Prior Art on ML-Based Image Forensics Most common ML techniques used in image forensics. Ø SVM-based image forensics Many ML-based Image Forensic methods rely on SVM classification. • [few examples]: A-JPEG detection based on DCT coefficent or Histogram of • low frequency DCT coeffiecient [1] …. Ø CNN-based forensics [recently] DL techniques and CNNs in particular are also used extensively for • Steganalysis and Multimedia Forensics (MF). [few examples]: Binary and multi-class CNN for detecting several • manipulation operations [2] …. [1] T. Pevny and J. Fridrich, “Detection of double-compression in JPEG images for applications in steganography," Trans. Info. For. Sec., vol. 3, no. 2, pp. 247-258, Jun. 2008. [2] B. Bayar and M. C. Stamm, “A deep learning approach to universal image manipulation detection using a new convolutional layer," in Proceedings of the 4th ACM Workshop on Information Hiding and Multimedia Security, ser. IH&MMSec '16. New York, NY, USA: ACM, 2016, pp. 5-10. Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 6/59

  8. Adversarial Image Forensics Ø What is Counter-Forensics (CF)? • Referred as anti-forensics . • Tools developed to DISABLE image forensic tools. • Many CF methods have been proposed, first against model-based tools then also against SVM-based and DL-based forensic tools. Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 7/59

  9. Adversarial Image Forensics Ø Attacks can be classified based on several properties [1] • Influence • Causative • Exploratory [1] L. Huang, A. D. Jpseph, B. Nelson, B. I. Rubinstein, and J. Tygar, “Adversarial machine learning”, in Proceedings of the 4 th ACM workshop in Security and artificial intelligence. ACM, 2011, pp. 43-58. Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 8/59

  10. Adversarial Image Forensics Ø Attacks can be classified based on several properties [1] • Influence • Causative • Exploratory • Specificity • Targeted: attack focuses on the deception of a specific algorithm (classier). • Indiscriminative: when the attack is targeted to a class of algorithms (rather than a specific algorithm). [1] L. Huang, A. D. Jpseph, B. Nelson, B. I. Rubinstein, and J. Tygar, “Adversarial machine learning”, in Proceedings of the 4 th ACM workshop in Security and artificial intelligence. ACM, 2011, pp. 43-58. Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 8/59

  11. Adversarial Image Forensics Ø Attacks can be classified based on several properties [1] • Influence • Causative • Exploratory • Specificity • Targeted: attack focuses on the deception of a specific algorithm (classier). • Indiscriminative: when the attack is targeted to a class of algorithms (rather than a specific algorithm). • Security violation • Integrity: False negative error. • Availability: both a false negative and a false positive error. [1] L. Huang, A. D. Jpseph, B. Nelson, B. I. Rubinstein, and J. Tygar, “Adversarial machine learning”, in Proceedings of the 4 th ACM workshop in Security and artificial intelligence. ACM, 2011, pp. 43-58. Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 8/59

  12. Adversarial Image Forensics Counter-forensic attack models (threat model) Ø The Adversarial Model can be defined by specifying the following: Attacker’s goal: it specifies the kind of security violation , hence the kind of • error, the attacker aims at. CF attacks are usually integrity violation attacks or evasion attacks. • Attacker’s knowledge: the attack can be Perfect Knowledge (PK) or Limited • Knowledge (LK). PK : the attacker has complete information about the forensic algorithm. • LK : attacker knows only some details about the forensic algorithm: e.g., • he knows the parameters of the algorithm and does not know the training data. Attacker’s capability : it applies mostly to ML, it refers to the control of the • attacker over the training and/or testing data. Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 9/59

  13. Adversarial Image Forensics Attacks to deep learning-based image forensics (FOCUS ON) Ø Recently, CF attacks against Deep Learning (DL) models have also been developed. Ø A key advantage of CNNs is the ability to learn forensic features directly from the images. Ø An intelligent attacker can use this property to his advantage and run powerful CF attacks, namely, adversarial examples [1]. [1] C. Szegedy, W. Zaremba, I. Sutskever, J. Bruna, D. Erhan, I. Goodfellow, and R. Fergus, “Intriguing properties of neural networks," arXiv preprint arXiv:1312.6199 , 2013. Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 10/59

  14. Adversarial Image Forensics Attacks to deep learning-based image forensics (FOCUS ON) Ø The vulnerability of DL to adversarial examples has recently been studied in forensics [1]. An attacker can easily create adversarial images by introducing a • perturbation (high PSNR). Many attacks have been proposed to fool CNN-based detectors for image • forensics (camera model identification and manipulation detection). [1] F. Marra, D. Gragnaniello, and L. Verdoliva, “On the vulnerability of deep learning to adversarial attacks for camera model identication," Signal Processing: Image Communication , vol. 65, pp. 240-248, July, 2018. Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 11/59

  15. Adversarial Image Forensics Anti-Counter Forensics (anti-CF) We classify the anti-CF methods according to the specificity of the analyst’s goal [1]. Ø Adversary-aware systems § The analyst develops a new algorithm to reveal the attack by looking the traces left by CF methods. § The analyst tries to exit the PK scenario or disinform the attacker. Ø Intrinsically more secure detectors § The analyst looks for a system which is more difficult to attack even in the PK case. [1] M. Barni, M. C. Stamm, and B. Tondi, “Adversarial multimedia forensics: Overview and challenges ahead," in 2018 26th European Signal Processing Conference (EUSIPCO). IEEE, 2018, pp. 962-966. Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 12/59

  16. Part III Original Contribution of the Thesis Machine Learning Techniques for Image Forensics in Adversarial Setting Ehsan Nowroozi 13/59

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Image and attribute based identification of Protea species using machine learning techniques

Image and attribute based identification of Protea species using machine learning techniques

Image and attribute based identification of Protea species using machine learning techniques Peter Thompson Supervisor: Dr Willie Brink Stellenbosch University, Applied Mathematics Division Introduction South Africa is very rich in plant

83 views • 7 slides
Classification and Machine Learning techniques for CBIR: introduction to the RETIN system

Classification and Machine Learning techniques for CBIR: introduction to the RETIN system

Classification and Machine Learning techniques for CBIR: introduction to the RETIN system Matthieu Cord ETIS CNRS UMR 8051 Classification and Machine Learning techniques for CBIR: introduction to the RETIN system p.1/81 Content-Based Image

1.37k views • 81 slides
Image Forensics of High Dynamic Range Imaging 10th International Workshop on Digital-Forensics

Image Forensics of High Dynamic Range Imaging 10th International Workshop on Digital-Forensics

Image Forensics of High Dynamic Range Imaging 10th International Workshop on Digital-Forensics & Watermarking P. J. Bateman, A. T. S. Ho, and J. A. Briffa This research is sponsored by an EPSRC/Charteris CASE Award Image Forensics

703 views • 38 slides
General-Purpose Image Forensics Using Patch Likelihood under Image Statistical Models The 7th

General-Purpose Image Forensics Using Patch Likelihood under Image Statistical Models The 7th

General-Purpose Image Forensics Using Patch Likelihood under Image Statistical Models The 7th IEEE International Workshop on Information Forensics and Security Wei Fan, Kai Wang, and Franc ois Cayre GIPSA-lab, Grenoble, France 18-11-2015

513 views • 19 slides
12/6/2013 Detecting Fakes Image Forensics: Detecting Forged Photos 1.Detecting photorealistic

12/6/2013 Detecting Fakes Image Forensics: Detecting Forged Photos 1.Detecting photorealistic

12/6/2013 Detecting Fakes Image Forensics: Detecting Forged Photos 1.Detecting photorealistic graphics 2.Detecting manipulated images Photo manipulation is the application of image editing techniques to photographs in order to create an

306 views • 13 slides
CSE 469: Computer and Network Forensics Topic 5: Image Forensics Dr. Mike Mabey | Spring 2019

CSE 469: Computer and Network Forensics Topic 5: Image Forensics Dr. Mike Mabey | Spring 2019

CSE 469: Computer and Network Forensics Topic 5: Image Forensics Dr. Mike Mabey | Spring 2019 CSE 469: Computer and Network Forensics Forensics for Graphics Files Types of graphics file formats Type of data compression How to locate

362 views • 25 slides
Sparse Fuzzy Techniques There Is Room for . . . Our Idea Improve Machine Learning Towards an

Sparse Fuzzy Techniques There Is Room for . . . Our Idea Improve Machine Learning Towards an

Machine Learning: A . . . Machine Learning: A . . . Machine Learning: . . . Sparse Fuzzy Techniques There Is Room for . . . Our Idea Improve Machine Learning Towards an Efficient . . . Taking the Specific . . . Reinaldo Sanchez 1 , Christian

577 views • 16 slides
ADVANCED MACHINE LEARNING Non-linear regression techniques 1 1 ADVANCED MACHINE LEARNING

ADVANCED MACHINE LEARNING Non-linear regression techniques 1 1 ADVANCED MACHINE LEARNING

ADVANCED MACHINE LEARNING ADVANCED MACHINE LEARNING Non-linear regression techniques 1 1 ADVANCED MACHINE LEARNING Regression: Principle N Map N-dim. input x to a continuous output y . Learn a function of the type:

1.29k views • 61 slides
About this presentation : Learning : What is Digital Forensics ? Political : Digital

About this presentation : Learning : What is Digital Forensics ? Political : Digital

An introduction to digital forensics About this presentation : Learning : What is Digital Forensics ? Political : Digital Forensics and Open Sources licensing Tool time : Digital Forensics Framework Presented by Solal Jacob core dev.

444 views • 30 slides
IMAGE RETRIEVAL IN DIGITAL LIBRARIES A LARGE SCALE MULTICOLLECTION EXPERIMENTATION OF MACHINE

IMAGE RETRIEVAL IN DIGITAL LIBRARIES A LARGE SCALE MULTICOLLECTION EXPERIMENTATION OF MACHINE

IMAGE RETRIEVAL IN DIGITAL LIBRARIES A LARGE SCALE MULTICOLLECTION EXPERIMENTATION OF MACHINE LEARNING TECHNIQUES Jean-Philippe MOREUX Guillaume CHIRON (L3i, La Rochelle) IFLA News Media Section Dresden, August 2017 Outline Image Search

573 views • 43 slides
Computational Forensics: Machine Learning and Predictive Analytics Carl Stuart Leichter PhD

Computational Forensics: Machine Learning and Predictive Analytics Carl Stuart Leichter PhD

Fundamentals of Computational Forensics: Machine Learning and Predictive Analytics Carl Stuart Leichter PhD carl.leichter@ntnu.no NTNU Testimon Digital Forensics Group NTNU Testimon Digital Forensics Group Cyber Threat Intelligence and

1.5k views • 131 slides
Anti-Forensics: Techniques, Detection and Countermeasures Simson L. Garfinkel Naval Postgraduate

Anti-Forensics: Techniques, Detection and Countermeasures Simson L. Garfinkel Naval Postgraduate

Anti-Forensics: Techniques, Detection and Countermeasures Simson L. Garfinkel Naval Postgraduate School What is Anti-Forensics? Computer Forensics: Scientific Knowledge for collecting, analyzing, and presenting evidence to the courts

322 views • 15 slides
Overview CS 446 What is machine learning? Machine learning : study of computational

Overview CS 446 What is machine learning? Machine learning : study of computational

Overview CS 446 What is machine learning? Machine learning : study of computational mechanisms that learn from data to make predictions and decisions. 1 / 21 Application 1: image classification Birdwatcher takes photos of birds,

1.08k views • 83 slides
Introduction to machine learning COMS 4721 Learning from data Machine learning : the study

Introduction to machine learning COMS 4721 Learning from data Machine learning : the study

Introduction to machine learning COMS 4721 Learning from data Machine learning : the study of computational mechanisms that learn from data in order to make predictions and decisions. Example 1: image classification A birdwatcher

932 views • 14 slides
Machine learning techniques to probe theoretical physics Intro In inSPIRE, search find t

Machine learning techniques to probe theoretical physics Intro In inSPIRE, search find t

Akinori Tanaka (RIKEN AIP/iTHEMS) Machine learning techniques to probe theoretical physics Intro In inSPIRE, search find t machine learning OR deep learning and date 20xx->20xx+1 year number of results Intro Mainly experimental, a few

908 views • 70 slides
ADVANCED MACHINE LEARNING Non-linear regression techniques (SVR and extensions, GPR, Gradient

ADVANCED MACHINE LEARNING Non-linear regression techniques (SVR and extensions, GPR, Gradient

ADVANCED MACHINE LEARNING ADVANCED MACHINE LEARNING Non-linear regression techniques (SVR and extensions, GPR, Gradient Boosting) 1 1 ADVANCED MACHINE LEARNING Regression: Principle N Map N-dim. input to a continuous

906 views • 89 slides
Submission Briefing PROJECT SARJANA MUDA (Undergraduate Final Year Project) SCR/SCJ/SCV/SCD/SCB

Submission Briefing PROJECT SARJANA MUDA (Undergraduate Final Year Project) SCR/SCJ/SCV/SCD/SCB

PSM Presentation & Submission Briefing PROJECT SARJANA MUDA (Undergraduate Final Year Project) SCR/SCJ/SCV/SCD/SCB By : Dr. Siti Hajar Othman Session : 20142015-1 CCNA Teaching Lab, N28 11 December 2014 (Thursday) T odays Briefing

630 views • 58 slides
ENGINEERING NEW FRONTIERS Mun Choi & Marty Wood 1 UCONN Faculty World Class Faculty

ENGINEERING NEW FRONTIERS Mun Choi & Marty Wood 1 UCONN Faculty World Class Faculty

ENGINEERING NEW FRONTIERS Mun Choi & Marty Wood 1 UCONN Faculty World Class Faculty Bryan Huey, Materials Science & Engineering B.S. Degree from Stanford Ph.D. Degree from U. Penn Atomic Force Microscopy allows nanoscale

453 views • 30 slides
V2X security, privacy and trust overview Dr. Jo s Ma ra de F ue nte s (jfue nte s@ inf.uc

V2X security, privacy and trust overview Dr. Jo s Ma ra de F ue nte s (jfue nte s@ inf.uc

V2X security, privacy and trust overview Dr. Jo s Ma ra de F ue nte s (jfue nte s@ inf.uc 3m.e s) COSE C L a b Unive rsity Ca rlo s I I I de Ma drid Agenda I ntro : Ve hic ula r c o mmunic a tio ns (V2X), wha t fo r? o Re a

497 views • 17 slides
Truecrypt The Joys Thereof. Truecrypt . Wh What ? Why ? Why ?

Truecrypt The Joys Thereof. Truecrypt . Wh What ? Why ? Why ?

Truecrypt The Joys Thereof. Truecrypt . Wh What ? Why ? Why ? How ? How ? What ? TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage

325 views • 14 slides
10 th National Investigations Symposium Stream D: Risks for Investigation Agencies Blind spots:

10 th National Investigations Symposium Stream D: Risks for Investigation Agencies Blind spots:

10 th National Investigations Symposium Stream D: Risks for Investigation Agencies Blind spots: Investigating so as to detect infiltration Dr Russell G Smith Principal Criminologist Outline Acknowledgments Based on AIC Trends and Issues

472 views • 18 slides
How to write programs that are right - lessons from science for software engineering Greg Detre

How to write programs that are right - lessons from science for software engineering Greg Detre

How to write programs that are right - lessons from science for software engineering Greg Detre @gregdetre 28th September, 2013 BarCamp Tampa @gregdetre, blog.gregdetre.co.uk Friday, 1 November 2013 1 @gregdetre, blog.gregdetre.co.uk

658 views • 46 slides
Muthayammal Engineering College, Rasipuram DEPARTMENT OF ELECTRICAL AND ELECTRONICS ENGINEERING

Muthayammal Engineering College, Rasipuram DEPARTMENT OF ELECTRICAL AND ELECTRONICS ENGINEERING

Muthayammal Engineering College, Rasipuram DEPARTMENT OF ELECTRICAL AND ELECTRONICS ENGINEERING National Conference on Innovative Technologies in Electrical and Electronics Systems (ITEES11) March 30 th SESSION- I DATE: 30.03.11(FN) VENUE-

384 views • 6 slides
Workplace Airborne Hazards and Air Sampling Jeremy Evans SKC Sales Development Manager IOSH

Workplace Airborne Hazards and Air Sampling Jeremy Evans SKC Sales Development Manager IOSH

Workplace Airborne Hazards and Air Sampling Jeremy Evans SKC Sales Development Manager IOSH Conference Striving for Excellence 19 th November 2015 in Health & Safety Size of the Problem? Recreation Bristol Home Park, Ground, Bath

869 views • 27 slides

More recommend