Abstract: In the attempt to investigate the final race of arms between the forensic analyst and the adversary in practical scenarios based on data-driven approaches, we introduce the idea of adversary-aware SVM-based forensic detection. By focusing on the problem of double JPEG compression, we first propose an improved universal counter-forensic (C-F) attack which works against any forensic detector based on the first order statistics of block-DCT coefficients and show its good performance against three different forensic detectors. Forensic detectors are commonly designed to distinguish between the absence and the presence of a given processing in a non-adversarial environment. We emphasize how such an evaluation methodology is unfair as, in order to test the real effectiveness of an attack, the forensic detector should take into account the possible presence of the attack. Accordingly, we propose an adversary-aware double JPEG detector which is trained to recognize the universal C-F attack. Experimental results confirm that the adversary-aware detector yields good performance thus suggesting that developing an effective counter-forensic attack is much harder than one could expect.

Barni, M., Chen, Z., Tondi, B. (2016). Adversary-aware, data-driven detection of double JPEG compression: how to make counter-forensics harder. In Proceedings of WIFS 2016 (pp.1-6). IEEE [10.1109/WIFS.2016.7823902].

Adversary-aware, data-driven detection of double JPEG compression: how to make counter-forensics harder

M Barni;B Tondi
2016-01-01

Abstract

Abstract: In the attempt to investigate the final race of arms between the forensic analyst and the adversary in practical scenarios based on data-driven approaches, we introduce the idea of adversary-aware SVM-based forensic detection. By focusing on the problem of double JPEG compression, we first propose an improved universal counter-forensic (C-F) attack which works against any forensic detector based on the first order statistics of block-DCT coefficients and show its good performance against three different forensic detectors. Forensic detectors are commonly designed to distinguish between the absence and the presence of a given processing in a non-adversarial environment. We emphasize how such an evaluation methodology is unfair as, in order to test the real effectiveness of an attack, the forensic detector should take into account the possible presence of the attack. Accordingly, we propose an adversary-aware double JPEG detector which is trained to recognize the universal C-F attack. Experimental results confirm that the adversary-aware detector yields good performance thus suggesting that developing an effective counter-forensic attack is much harder than one could expect.
978-150901138-4
Barni, M., Chen, Z., Tondi, B. (2016). Adversary-aware, data-driven detection of double JPEG compression: how to make counter-forensics harder. In Proceedings of WIFS 2016 (pp.1-6). IEEE [10.1109/WIFS.2016.7823902].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11365/1032689