DIGITAL BLIND AUDIO WATERMARKING FOR E-LEARNING MEDIA By: Youngseock Lee, Jongweon Kim Research done at: Chungwoon University, Sangmyung University
2 Motivation- Why Watermark? The need to limit the number of copies created whereas the watermarks are modified by the hardware and at some point would not create any more copies (i.e. DVD) - the reading device must be able to modify the watermark Content protection – content stamped with a visible watermark that is very difficult to remove so that it can be publicly and freely distributed
What is a Watermark? A watermark is a secret message that is embedded into a cover (original or host) message. Only the knowledge of a secret key allows us to extract the watermark from the cover message. Effectiveness of a watermarking algorithm is a function of its – Resilience to attacks. – Capacity. – Stealth.
What Can Be Watermarked? Multimedia data. – Video. – Audio. – Still Images. – Documents. Software. Hardware designs. E- learning contents Protection!
Multimedia Watermarks A digital watermark is a secret key dependent signal inserted into digital multimedia data. Watermark can be later detected/extracted in order to make an assertion about the data. A digital watermark can be. – Visible (perceptible). – Invisible (imperceptible).
Watermark Applications Proof of ownership. – Prove ownership in a court of law. – Simple copyright notice may not help for digital multimedia data. Easily destroyed. Copy prevention or control. – Recording device may inhibit recording a signal if detected watermark indicates that it is prohibited. – DVD video and digital music distribution. Content protection (visible watermarks). – Destruction of watermark destroys the content.
Watermark Applications Authentication. – Detect if image/video has been altered. – Digital cameras. Media Bridging. – Bridge media such as magazines and the Internet. Broadcast Monitoring. – Keep track of when and where an advertisement is played.
Watermark Applications Fingerprinting. – Identify the source of an illegal copy. – Unique watermark embedded in each copy. – DiVX, a modified version of DVD. Secret Communications. – Hide information such that general public do not know its presence. – Bin Laden hides attack plans in images on the web – USA Today, Feb. 26, 2001.
9 Some Digital Watermarking Types (1/2) Visible vs. Invisible: Visible such as a company logo stamped on an image or Video. Invisible intended to be imperceptible to the human eye or inaudible. the watermark can only be determined through wat ermark extraction or detection by computers. Fragile vs. Robust : Fragile watermarks break down easily. Robust survive manipulations of content.
10 Some Digital Watermarking Types (2/2) Public vs. private – Private watermarking techniques require that the original be used as a basis of encryption whereas public does not Public-key vs. secret-key – Secret-key watermarking uses the same watermarking key to read the content as the key that was inserted into the image; public key uses different keys for watermarking the image and reading the image
11 Desired Properties ( 1/2) (1) Robustness: A watermark must be difficult or impo ssible to remove, at least without visibly degrading the original image. A watermark must survive image modifi cations. – Geometric distortions: rotation, scaling, translation, etc. (2) Tamper Resistance: The watermark must resist a ny type of attacks, what ever the intentions are: remove or modify
12 Desired Properties ( 2/2) (3) Economically implementable: Time and effort, cost. (4 ) Unambiguous: The watermark, when retri eved, should unambiguously identify the ow ner. (5) Capacity: The amount of information that can be embedded (6) Quality: (High Quality) - Quality not degraded
14 Why do we need to study attacks? – Identify weakness – Propose improvement – Security – Attackers are knowledgeable, creative, have lots of time, and are numerous
15 Attackers Main Goal Attackers seek to destroy watermark for the purposes of use without having to pay royalties to the originator of the content.
Watermark Attacks Active Attacks. – Hacker attempts to remove or destroy the watermark. – Watermark detector unable to detect watermark. – Key issue in proof of ownership, fingerprinting, copy control. – Not serious for authentication or covert communication.
Watermark Attacks Passive Attacks. – Hacker tries to find if a watermark is present. – Removal of watermark is not an aim. – Serious for covert communications. Collusion Attacks. – Hacker uses several copies of watermarked data (images, video etc.) to construct a copy with no watermark. – Uses several copies to find the watermark. – Serious for fingerprinting applications.
Watermark Attacks Forgery Attacks. – Hacker tries to embed a valid watermark. – Serious in authentication. – If hacker embeds a valid authentication watermark, watermark detector can accept bogus or modified media.
 General Framework of Watermarking marked media (w/ hidden data) embed data to be hidden host mediacompress process / attack extract play/ record/… extracted data player 101101 … Hello, World 101101 … Hello, World test media
20 Important Definitions Cover : Audio-video, text in which data will be hidden Watermark: What is actually added to the cover Information: message to be added Watermarking key: Secret parameter needed for e mbedding & detecting the watermark & extracting the inf ormation Watermarking Function: Embedding & Extraction algorithms.
21 Audio Watermarking Echo Data Hiding – Discrete copies of the original signal are mixed in with the original signal creating echoes of each sound. – By using two different time values between an echo and the original sound, a binary 1 or binary 0 can be encoded.
22 Inaudible echo theory If the offset or delay is short then the echo produced will be unperceivable. Depends on the quality of recording but max delay without effect is noted to be around 1 ms. Also, initial amplitude and decay rate can also be set below the audible threshold of the human ear.
23 Echo Data Hiding Echo introduced to hide data into audio signal Echo is varied with three parameters: – Initial Amplitude – Decay Rate – Offset
AUDIO WATERMARKING Echo data hiding The delay (δ b ) between the original signal and the echo is dependent on which kernel or system function we use. The one kernel is created with a delay of (δ 1 ) seconds while the zero kernel has a (δ 0 ) second delay.
25 Encoding The audio signal is divided into multiple windows. Two delay times are used to encode the hidden data. – Binary 0 encoded with delay = offset – Binary 1 encoded with delay = offset + delta.
26 FIR Filter A simple FIR Filter equation is used to delay the audio signal. H(z) = 1 +g*z –d – g = initial amplitude – d = delay Therefore two impulses are used; one to copy the original signal and one to introduce an echo.
27 Final Encoding Step Filter original signal separately through both binary one and zero filter. Use mixer signal that contains a ramping function to switch between 0 and 1 encodings.
28 Decoding Decoding is done by finding the delay before the echo. First find the Cepstrum of the encoded signal. – Finding the Cepstrum makes the echo delay more pronounced and easier to detect. – F -1 (ln(F(x)) 2 ) : Inverse log fast Fourier transform Then find the autocorrelation of the Cepstrum signal.
2008/5/2733 Fig 5.4. Original audio signal Fig 5.5. Embedded audio signal
34 Experiment with Lossy Compression The performance of the scheme is signif icantly improved by combining with au dio watermark, especially when the qua lity factor of MPEG is low. When the quality factor of MPEG is lo w, the error of the extracted watermark i s increased and the watermark is damag ed significantly. As the error correcting code is provided from the audio watermark, it can surviv e the attack by lossy compression which is applied to the video channel.
35 Experiment with Resampling Echo hiding technique inherits many advantages in resisting th e attacks on the watermarked fr ames. It achieves perceptual inv isibility and attacks by image pr ocessing techniques. Resampling is one of the most c ommon attack to audio waterma rk.
36 Conclusion AttacksBER(%) ProposedThe method ref.  Re-sampling45.255.5 Re-quantization57.362.9 Time-scaling14.618.5 MP3 compression42.349.2 Robust against common signal processing attacks!! Thank you !