Reference : Adversarial Embedding: A robust and elusive Steganography and Watermarking technique
Scientific congresses, symposiums and conference proceedings : Unpublished conference
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/40970
Adversarial Embedding: A robust and elusive Steganography and Watermarking technique
English
Ghamizi, Salah mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC) >]
Cordy, Maxime mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Papadakis, Mike mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC) >]
Le Traon, Yves mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
2020
13
Yes
IEEE Symposium on Security and Privacy
from 18-05-2020 to 20-05-2020
[en] Watermarking ; Steganography ; Adversarial Examples ; Adversarial Attack ; Deep Learning ; Image Classification
[en] We propose adversarial embedding, a new steganography and watermarking technique that embeds secret information within images. The key idea of our method is to use deep neural networks for image classification and adversarial attacks to embed secret information within images. Thus, we use the attacks to embed an encoding of the message within images and the related deep neural network outputs to extract it. The key properties of adversarial attacks (invisible perturbations, nontransferability, resilience to tampering) offer guarantees regarding the confidentiality and the integrity of the hidden messages. We empirically evaluate adversarial embedding using more than 100 models and 1,000 messages. Our results confirm that our embedding passes unnoticed by both humans and steganalysis methods, while at the same time impedes illicit retrieval of the message (less than 13% recovery rate when the interceptor has some knowledge about our model), and is resilient to soft and (to some extent) aggressive image tampering (up to 100% recovery rate under jpeg compression). We further develop our method by proposing a new type of adversarial attack which improves the embedding density (amount of hidden information) of our method to up to 10 bits per pixel.
http://hdl.handle.net/10993/40970

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
Adversarial Embedding A robust and elusive Steganography and Watermarking technique - SP2020.pdfAuthor preprint2.01 MBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.