Are Social Networks Watermarking Us or Are We (Unawarely) Watermarking Ourself?
AAre Social Networks Watermarking Us orAre We (Unawarely) Watermarking Ourself ?
Flavio Bertini a , Rajesh Sharma b , Danilo Montesi a a Department of Computer Science and Engineering, University of Bologna, Bologna, Italy b Institute of Computer Science, University of Tartu, Tartu, Estonia
Abstract
In the last decade, Social Networks (SNs) have deeply changed many aspects ofsociety, and one of the most widespread behaviours is the sharing of pictures.However, malicious users often exploit shared pictures to create fake profilesleading to the growth of cybercrime. Thus, keeping in mind this scenario, au-thorship attribution and verification through image watermarking techniquesare becoming more and more important. In this paper, firstly, we investigatehow 13 most popular SNs treat the uploaded pictures, in order to identify apossible implementation of image watermarking techniques by respective SNs.Secondly, on these 13 SNs, we test the robustness of several image watermarkingalgorithms. Finally, we verify whether a method based on the Photo-ResponseNon-Uniformity (PRNU) technique can be successfully used as a watermarkingapproach for authorship attribution and verification of pictures on SNs. Theproposed method is robust enough in spite of the fact that the pictures getdowngraded during the uploading process by SNs. The results of our analy-sis on a real dataset of 8,400 pictures show that the proposed method is moreeffective than other watermarking techniques and can help to address seriousquestions about privacy and security on SNs.
Keywords:
Copyright protection, Privacy, Social network services,Watermarking.
Email addresses: [email protected] (Flavio Bertini), [email protected] (Rajesh Sharma), [email protected] (Danilo Montesi)
Preprint submitted to Elsevier June 9, 2020 a r X i v : . [ c s . MM ] J un . Introduction In recent years, various Social Networks (SNs) have been introduced in or-der to cater different needs of the users: social interactions (Facebook), profes-sional interconnections (LinkedIn), photo sharing (Instagram), instant messag-ing (WhatsApp), to name a few. An important reason for the huge popularityof social platforms among users is the increase in usage of smartphones, whichin turn has introduced changes in the user habits with respect to multimediacontent on SNs [1]. In particular, some social platforms are predominantly usedthrough mobile devices, such as Instagram and WhatsApp.On the flip side, the illicit actions across these SNs are constantly grow-ing, such as illegal copying, identity impersonation and pedopornography [2].In particular, fake profiles creation is an important problem across these SNs,which have seen a sharp increase in recent times [3]. In fake profiles which arealso known as impersonating profiles , a malicious user copies images from otherprofile and claims to be the person in that profile pictures. A natural solu-tion to hinder the process of fake profile creation is by encouraging authorshipattribution and verification through the images.Broadly, two techniques, namely watermarking and steganography, tech-niques belonging to information hiding , are used for embedding messages indigital content [4]. Watermarking is the practice of imperceptibly altering digitalcontent to embed a mark. Watermarking is the most commonly used techniquefor owner identification, proof of ownership, authorship attribution and verifi-cation [4] and it is generally used in the domain of digital copyright protection[5]. The crux of the idea is to embed an invisible payload (i.e., the mark) intothe digital content helping users in proving their ownership and, subsequently,avoiding privacy violations of the shared media. Whereas steganography is thepractice of undetectably altering digital content to embed a secret message.Since steganography techniques can be used with a mark, and not only witha secret message, we refer to watermarking approaches both for conventionalwatermarking and steganography, throughout this work.2 .1. Problem Statement
In this study, the scope of digital content is limited to the images, sinceimage sharing is the most commonly observed behaviour on SNs. In particular,this work explores the possibility of watermarking the images being uploadedon SNs, and answers to the following three questions:1.
Social Network Watermarking -
Are SNs watermarking our images?
In Section 5, we present the results of our experiments to understandwhether SNs mark the images being uploaded on the social platforms. Ourfindings revealed that in general SNs do not perform any watermarkingtechniques on images. Out of all the 13 SNs being analysed, we foundout that only Facebook changes to some extent some of the metadataassociated with images. We performed extensive tests in order to verify ifthese changes can be imputed to a watermarking function.2.
User Explicit Watermarking -
Can conventional watermarking tech-niques pass through SNs unaffected?
In Section 6, we explore various watermarking algorithms as a tool forreliable marking the images to be uploaded on SNs. From the analysis,we found out that there is not a single watermarking technique that canbe successfully used across all the selected SNs.3.
User Unaware Watermarking -
Are we unawarely watermarking ourimages?
By taking inspiration from previous works where researchers exploitedsensor imperfections to extract the fingerprint to identify a smartphone[6], [7], [8], we analysed if the camera of smartphones, through which theimages have been taken, can be used for creating a watermark. Accordingto conventional watermarking literature [4], the proposed method is invis-ible and detectable and belongs to fragile and blind categories (see Section2). In practice, the fingerprint of the smartphone camera can be extractedby the images without altering the device. In Section 7, we provide moredetails about our method. We demonstrate that the proposed method is3obust enough despite the uploading and downloading process of the SNsthat downgrades the shared images.
To the best of our knowledge, this is the first study that investigates theuse of several image watermarking approaches on 13 SNs. The results of ouranalysis showed that no profile-dependent watermark operations are performedby SNs. Our study also reveals that conventional watermarking techniques canonly pass unaffected through a subset of the SNs being considered in this study.The most important finding of this study is that even if the author of theimage does not consciously perform any user explicit watermarking technique,the smartphone camera still embeds its characteristic fingerprint in every takenpicture. Likewise to conventional watermarking approach, the method allowsto identify the rightful owner of the images and can be successfully applied inall the 13 considered SNs. Figure 1 shows users’ smartphones and two differentSNs where users shared images taken from their smartphones. We used thefingerprints left by the smartphone’s camera to deal with the following problems:1.
Profile Attribution - the task to match, through a set of shared images,a user profile to the right smartphone within a set of devices, case (a) inFigure 1.2.
Intra-layer User Profiles Linking - the task to decide if a restricted setof user profiles, within the same SN, belong to the same user, case (b) inFigure 1.3.
Inter-layer User Profiles Linking - likewise to the previous one, this tasktries to match user profiles that belong to different SNs, case (c) in Figure1.4.
Fake Profiles Detection - the task to identify unauthorized clone of userprofiles. This task is a corollary of all the previous tasks since an un-trusted/fake profile can be linked to a verified one using the shared im-ages. 4 igure 1:
User unaware watermarking ’s three main tasks: profile attribution (a), intra-layeruser profiles linking (b), and inter-layer user profiles linking (c).
It is noteworthy that the two types of user profiles linking tasks describedabove are not always possible to achieve by using conventional watermarkingtechniques since in some cases it is necessary to have original the image to ex-tract the watermark. The proposed method is robust enough in spite of the factthat the images get downgraded during the uploading and downloading pro-cess on the SNs. Moreover, it is possible to address the authorship attributionand verification in SNs without having the original images or altering the device.The remainder of the paper is organized as follows. In Section 2, we providea brief background in watermarking techniques. Section 3 presents literature onthree different domains, that is image watermarking, smartphone fingerprintingand user profiles linking in SNs. The SNs used in our work are briefly describedin Section 4. The investigation activities regarding possible built-in watermark-ing techniques adopted by SNs are presented in Section 5. In Section 6, userexplicit watermarking techniques on SNs are discussed, and our methodologyfor user unaware watermarking is presented in Section 7. Concluding remarksare made in Section 8. 5 . Background in Watermarking
Depending on the digital contents, different watermarking techniques areused: syntactic, semantic, and structural transformation for text [9]; domaintransformation for images [10] and video [11]. In accordance with the literature[4], watermarking methods can be categorized as follows: • Readable or Detectable - If the user can read the watermark it is calledreadable, while if the user can only check whether the watermark is em-bedded or not, it is called detectable. • Visible or Invisible - A visible watermarking is visually perceptible by theuser. • Blind or Non-Blind - The watermarking is blind if the extraction processdoes not need the original non-marked digital content. • Zero Watermarking - The embedding process does not modify the digitalcontent and exploits its characteristics. • Simple or Multiple - A multiple watermarking can be applied more thanone time without affecting the previous watermark embedding steps. • Fragile, Semi-Fragile, Robust - A fragile watermarking can be altered orerased and it is used for integrity authentication. A robust watermarkingcannot be easily erased and is most suitable for copyright protection, whilesemi-fragile watermarking is suited for content authentication.The following features are usually required for watermarking methods [12]: • Robustness is the ability to resist to processing operations and attacks. • Imperceptibility represents the ability to be detected through special pro-cessing of watermark detector. • Security is the capacity to not be altered or removed without having fullknowledge of the watermarking algorithm.6
Data Payload denotes the maximum number of extra information that canbe embedded in the digital content. • Computational Cost is the cost required in the embedding and extractionprocess. • Non-inevitability represents the possibility to not extract a watermarkfrom a non-marked digital content.All this categorization can also be applied to image watermarking techniques.
3. Related Works
In this section, we describe literature from three domains, all relevant for afull comprehension of our work. Firstly, we focus on conventional image water-marking techniques in SNs. Next, we present various approaches for uniquelyidentifying smartphones. Finally, we explain methods for associating user pro-files in SNs, which is the main outcome of this work.
Image watermarking techniques embed a mark in a visually imperceptibleway for authentication and copyright protection tasks [13]. According to theembedding domain [10], these techniques can be classified in spatial and trans-form domain watermarking .The methods in spatial domain watermarking class directly modify the imagepixel acting on the bit value. The simplest approach embeds the watermarkin the Least Significant Bits (LSB) [14]. Intermediate Significant Bit (ISB)[15] improves the LSB method and defines the watermarked location accord-ing to the range of each bit-plane. Patchwork [16] is another spatial domainapproach where the watermark is embedded into the image by changing thepixels’ brightness. In general, the simple implementation of the spatial domainmethods implies less robustness to affine transformations and image processingattacks [17]. 7he methods in transform domain watermarking class apply a transformationto the original image and exploit the transformed coefficients to embed thewatermark. There are four main techniques in transform domain: Discrete Co-sine Transform (DCT), Discrete Wavelet Transform (DWT), Discrete FourierTransform (DFT), and Singular Value Decomposition (SVD). Typically, DCTalgorithms segment the image into blocks and modify a set of selected coef-ficients [18]. Similarly, in DWT techniques the original image is decomposedinto three spatial directions (i.e., horizontal, vertical, and diagonal), then thewatermark is embedded in the wavelet coefficients [19]. DWT algorithms arecomputationally efficient and the visual artefacts introduced are less evidentcompared to DCT. The DFT algorithms employ the Fourier transform since itoffers robustness against geometric attacks [20]. DFT decomposes the originalimage in phase and magnitude representation. Then, the mark is embedded intothe magnitude representation. SVD is one of the most powerful numeric anal-ysis techniques [21]. In particular, SVD allows embedding of the mark into thesingular matrix of the frequency domain or spatial domain coefficients with veryless loss of information [22]. Moreover, in order to exploit the various properties,SVD is combined with the other techniques: DWT-SDV [23], DFT-SVD [24],and DWT-DFT-SVD [25]. Since the transform domain methods lead to robustwatermarking [26], in our tests we used methods that belong to the transformdomain watermarking class.Recently, researchers investigated various watermarking techniques to be used inSNs and also the potential attacks and corresponding solutions [27]. In [28], theresearchers proposed a dual watermarking scheme for Facebook and Google+by partially redesigning the SN uploading service which may not be feasible.In [29] authors considered Facebook as a closed system and tested differentsteganography methods. A watermarking method based on wavelet decompo-sition proposed in [30] was successfully tested by simulating different attacksthat can be performed on SNs. In [31] the authors proposed a method based onDWT coefficients, however, the tests were performed on images with low resolu-tion that are not compressed during the uploading process on the selected four8Ns. Similarly, in [32] a method based on DCT transformation was proposedfor Facebook using images that the SN does not resize. A method based onbackpropagation neural network was proposed in [33], however, the authors didnot perform any test on real SNs and used the images with very low resolutionin comparison to the resolution of current smartphone cameras. An orthogonalapproach was presented in [34], where the author proposed to use SN hashtags(i.e., labels containing a word starting with the “
Smartphones are becoming more and more pervasive in daily activities.Recently, researchers proposed methods for identifying and fingerprinting thesmartphone by exploiting personalized configurations [35], touchscreen interac-tion [36], and on-board camera [37]. Today the smartphones are equipped with abunch of sensors. These sensors are produced according to industrial standards,which makes them ideally identical, however, each sensor has an imperfectionthat makes it unique and identifiable [38]. Microphones and speakers, throughplayback and recording of audio samples, were exploited in [8]. In [6] the au-thors proposed a technique using the integrated accelerometers for identifyingmobile phones. An improvement compared to [6] was proposed in [7], where theauthors combined speakerphone-microphone along with the accelerometer.Among all the sensors described above, the most investigated sensor in the fieldof digital forensic is camera [39]. The reason is that the camera offers severalcomponents inside it which can be used to identify the source camera. The chro-matic aberration introduced by the lens was exploited in [40] whereas in [41] thecamera identification was achieved through the colour filter array (CFA), thatcan also be used to recognize a counterfeit image in [42]. In [43] the authorsproposed a sensor-based method exploiting the Photo-Response Non-Uniformity(PRNU) for successfully distinguishing cameras of the same model. A PRNU-9ased method able to operate with different image sizes was presented in [44].In [45], Castiglione et al. classified all the various changes made by the SNson uploaded images, that commonly causes a loss of effectiveness of the cam-era fingerprinting methods. Later in [46], they demonstrated the robustnessof the PRNU-based method on the images downloaded from 6 SNs and onlinephoto-sharing platforms. Since the effectiveness of PRNU-based approach hasbeen widely demonstrated in [47], including on large scale image dataset [48],we decided to use it for source camera fingerprinting on SNs.
Trust is a fundamental ingredient in SNs [49] and a significant increase inthe number of impersonating fake profiles has given rise to various solutions fordeciding whether a given user profile is an unauthorized clone of another one[50]. In [51], the authors proposed a three layered tool for Facebook which wasable to i ) identify suspicious users, ii ) expand basic privacy settings, iii ) warnthe user against malicious applications. Similarly, a graph-based framework fordetecting fake profile attacks was proposed in [52].The more generic user profile linking task allows matching different user pro-files belonging to the same user, which is analogous to missing data problemin multilayer networks [53]. An invasive and device-dependent solution exploitsthe log information stored on the device’s internal memory during the use ofthe SNs’ application [54]. The more effective solutions for user profile linkingexploit the information and multimedia contents that transit on SNs. A frame-work for user profile linking, based on the profile’s attributes, was proposedin [55]. While in [56] the authors combined tags and user ID to match users’profile across social tagging systems, the solutions proposed in [57] and [58]match user profiles by using information about users’ identities without com-promising their privacy. In [59], the authors presented a method that combinesprofile attributes and social linkage to outperform common attribute-based ap-proach, whereas in [60] network attributes and profile attributes were combinedto improve a traditional identity search algorithms. A weighted ontology-based10ser profile linking technique was proposed in [61]. In order to improve theperformance of the attribute-based approach proposed in [62] and [63] the au-thors proposed machine learning techniques for matching user profiles acrossmultiple SNs. Typically, these approaches fail if the malicious user falsifies theinformation stored into the fake profile, as it usually happens.
4. Experimental Settings
In this section, we describe the social networks and the images’ characteris-tics that were used in our analysis.
Thirteen most popular SNs shown in Table 1 were used for our investigation.The selection of these SNs was based on two different criteria: the number ofuser accounts and the different features offered by these social platform. Allthe selected SNs in total count more than 100 million users and cover differentneeds, like social interactions (Facebook), photo sharing (Instagram), blogging(Tumblr), instant messaging (WhatsApp) to name a few. Moreover, we decidedto include SNs developed outside the United States and European Union, likeTelegram, VK (originally VKontakte), and WeChat. Since we are interested inimage watermarking algorithms, in Table 1, we also specify the default pixelresolution accepted by each social platform.
All the SNs accept Joint Photographic Experts Group (JPEG or JPG) im-ages with standard pixel resolution, that is default image sizes (see Column IIIin Table 1), beyond which the image is automatically scaled to the default reso-lution. For this reason, we carried out tests for social network watermarking and user explicit watermarking with three different resolutions: the standard, thatmatches the images sizes of the SN; the larger than the standard (4128 × × social network able 1: Social Networks used for the investigations activities and the default pixel resolutionaccepted by each platform. ID Social Networks Image sizes
SN01 Facebook 2048 × × × × × × × × × × × × × watermarking and in user explicit watermarking , we created two different userprofiles for each of the SNs (i.e., P and P ). This had twofold advantages.Firstly, it allowed us to compare the original image with the downloaded one,that is “Original vs Shared” case. Secondly, we were able to compare the sameimage being uploaded twice on two different user profiles, that is “Shared P vs Shared P ” case. In user unaware watermarking , we used a real dataset of8,400 pictures collected using 6 different smartphones and for each smartphone,a different user profile on each SN was created (for more details see Section 7).
5. Social Networks Watermarking
The first direction of investigation is about
Are SNs watermarking our im-ages?
The context of watermarking can be broadened in terms of changesperformed by a particular SN, such as different name and metadata associatedwith the image after being uploaded on the SN. Thus, different comparisons canbe performed among uploaded and downloaded images. Firstly, we performed12ome preliminary analysis about the compression of the images. Next, we com-pared names, contents (i.e., the image without metadata), and metadata of theuploaded and downloaded images on each SN. Finally, we executed some extraanalysis on Facebook metadata, including the Content Delivery Network (CDN)that is an intermediate layer of proxy servers distributed globally. Typically, aCDN is widely used by high traffic websites, since it allows to provide digitalcontent with high availability and performance. In the following subsections,we describe all the tests about social networks watermarking . We observed that when an image is uploaded to a SN, it is compressedby the JPG compression algorithm adopted by the platform for preserving thegood quality of the image. The compression is due to an optimization of theimage made by the SN. In particular, the quantization matrix coefficients inthe JPG compression algorithm control the compression ratio. This means thatany uploaded image may incur different file sizes, compared to the original, afterdownloading. To the best of our knowledge, SNs do not publish any informa-tion about the image processing algorithms being used inside their platform andthus for us, they are like a “black box”. For this reason, we investigated the be-haviour of the selected SNs for particular compression algorithms by describingthe outcomes of our analysis. Table 2 provides information about the averagecompression results for each SNs and each resolution class, namely standard,large (4128 × × able 2: Average compression results obtained from each Social Networks and each resolutionclass. Social Networks Standard Large Small
Facebook 66.54% 91.30% 76.25%Flickr
Google+
Instagram 31.94% 94.14% 64.32%LinkedIn 68.12% 67.39% 74.94%Pinterest 46.04% 83.82% 52.96%Telegram 62.91% 95.55% 70.32%Tumblr 30.42% 82.83% 35.37%Twitter 53.27% 88.41% 57.12%Viber 59.72% 94.50% -46.50%VK 2.33% 79.17% 62.43%WeChat 65.97% 96.07% 55.97%WhatsApp 58.49% 93.60% 70.59%96 to 100, which resulted in a negative value of -46.50%. In only four cases thepixel resolution does not match the default size in Table 1 (Column III): Insta-gram, Pinterest, Tumblr and WhatsApp large images were scaled to 1350 × × × × In this section, we present results of four different kinds of comparison onimages before and after uploading of images on SNs to investigate if these SNsperform any watermarking activity on the uploaded (shared) images. • Name comparison - This test allowed us to understand if SNs change thename of the uploaded images. • Full comparison - The full comparison was performed by exploiting the
Secure Hash Algorithm version 1 (SHA-1), to find the difference betweenpair of images. SHA-1 takes an image as input and produces a unique1460-bit message digest. Any change in content and metadata of the imageimplies a different digest in output. • Content comparison - This test was performed by using a bit by bit com-parison of the image’s content excluding the image’s metadata. The testcompared two images in binary representation highlighting the differencesbetween pixels. • Metadata comparison - Metadata is defined as the data providing extrainformation about one or more aspects of the file. The images’ metadatais specified by the
Exchangeable image file format (Exif) standard thatincludes information like time, location, camera settings, descriptions, andcopyright information.Firstly, the 30 images for each resolution class described in Section 4 were up-loaded and downloaded on both P and P profiles on each SNs. Then, foreach SN, we performed two different kinds of test. In the first one, we comparedthe original images with the downloaded one, “Original vs Shared” case. In thesecond test, we compared the shared images on different profiles, “Shared P vs Shared P ” case. We wanted to examine for any SN, whether the changesreverberate in the same way across different profiles or it is unique for eachprofile. In the following subsections, we present the results for each of the fourkinds of comparison. We investigated how the SNs change the image’s name and if the sameimage receives different names if shared on different user profiles. The name ofthe uploaded images was in the following format: 20161028 085447. Out of allSNs, Google+ does not change the original name even when the same image isshared on two different profiles. All remaining SNs use a specific encoding forthe image’s name, as shown in Table 3 (the name of the Viber file is quite long,so the variable part of 65 characters is defined with the regex [a-z0-9] { } ).15 able 3: Name format of the downloaded image. The original uploaded name was same forall SNs. Social Networks Downloaded image name
Facebook 14633305 13935419006590 2203780186632661 oFlickr 30319899670 77e6fd4bed oGoogle+ unchanged
Instagram 14533468 7761667291914 4275777725718855 nLinkedIn 9f86293d-bdaf-4bce-b5ce-c5610e2cd9b8-originalPinterest 2ecd9963cac22479edbd03d65b43dd2aTelegram IMG 20171029 184428Tumblr tumblr ofswzjXl7K1vjbnv5o1 1280Twitter Cv3ahPvXEAAo6CR.jpg-largeViber image-0-02-05-[a-z0-9] { } -VVK 0ysdRR9cIVcWeChat mmexport1477761254890WhatsApp IMG-20171029-WA0019Instagram uses the same name format of Facebook, while WhatsApp usesa different one even though they both belong to Facebook. In some cases, likeTelegram and WhatsApp, the name is created by using the downloading dateand time. The Pinterest name format is the most interesting. The originalname is not preserved and the image receives the same name when shared ondifferent profiles, irrespective of the resolution class. This means that the namemight be a good candidate for watermarking the images, however, it is quiteshort and the watermark could be easily removed or changed. For this comparison, we used the SHA-1 algorithm to check if the integrityof the original image was preserved. If SHA-1 produces different digests, thenit means that the same input image has undergone a few changes during theuploading and downloading process.In Table 4, we provide collective results for all the resolution classes. Theterm “All differ” (or “All equals”) means that for a given SN and a given test16 able 4: The SHA-1 results for both the original and shared images and the shared imageson different profiles. All the resolution classes are grouped together.
Social Networks Original vs Shared Shared P vs Shared P Facebook All differ
All differ
Flickr
All equals
All equalsGoogle+
All equals
All equalsInstagram All differ All equalsLinkedIn All differ
All differ
Pinterest All differ All equalsTelegram All differ All equalsTumblr All differ All equalsTwitter All differ All equalsViber All differ All equalsVK All differ All equalsWeChat All differ All equalsWhatsApp All differ All equalscase we obtain different (or the same) results in all classes. The “Original vsShared” column is consistent with the results in Table 2. The SHA-1 algorithmproduces equal digests only for the two SNs that do not apply any compression,namely Flickr and Google+. Moreover, it means that even the metadata is notchanged during the sharing process. The compression applied by the other SNschanges the images, thus the produced digests are different among original andshared ones.The most interesting results were obtained for Facebook and LinkedIn in “Shared P vs Shared P ” case. The two SNs return different digests for all resolutionclasses when the images are shared on different profiles. With the next twocomparisons, we will go more deeply to investigate if Facebook’s and LinkedIn’sunusual results are due to content or metadata changes. In this test, we compared images through a bit by bit different operation.Only if the two images have the same content the difference produces a full-zero17 able 5: The bit by bit results for both the original and shared images and the shared imageson different profiles. All the resolution classes are grouped together.
Social Networks Original vs Shared Shared P vs Shared P Facebook All differ All equalsFlickr
All equals
All equalsGoogle+
All equals
All equalsInstagram All differ All equalsLinkedIn All differ All equalsPinterest All differ All equalsTelegram All differ All equalsTumblr All differ All equalsTwitter All differ All equalsViber All differ All equalsVK All differ All equalsWeChat All differ All equalsWhatsApp All differ All equalsmatrix. The content comparison narrows the field to the pixels’ value excludingthe metadata. Grouped results for all the resolution classes are shown in Table5. The “Original vs Shared” results are consistent with the results in Table 2.If the SN does not apply any compression, such as Flickr and Google+, thecontent of the original image matches bit by bit with the content of the sharedone, while the compression of the other SNs has its obvious effects on bit-level.Moreover, we used an open-source framework [64] to test different algorithms todetect double JPG compression. The results showed no evidence of watermarkbased on double JPG compression. In “Shared P vs Shared P ” case, we haveour first important result. Since in all SNs the image shared on P matches bitby bit with the same image shared on P , we can infer that all the selected SNsdo not apply any watermark into images’ content [13].18 .2.4. Metadata Comparison Metadata summarizes basic information about the associated file.
Exif stan-dard defines the metadata attributes for digital images [65]. The full attributeslist can be categorized in: date and time information, static and dynamic camerasettings, general descriptions, copyright information, and the thumbnail (i.e., asmaller version of the image for indexing and previewing).The metadata comparison produced exactly the same full comparison resultsas in Table 4. The analysis of each single attributes list for each SN gave riseto some interesting results.Flickr and Google+ preserve all the original attributes list, whereas, Twittererases all of them. Tumblr removes only the thumbnails related fields, while allremaining SNs (i.e., Instagram, Pinterest, Telegram, Viber, VK, WeChat, andWhatsApp) preserve only a few subsets of the original attributes list concerninggeneral descriptions and static camera settings. In most of the cases, this subsetdoes not include any GPS information. However, in all these SNs the attributeslist is the same when the same image is shared on two different profiles.We performed further investigations on LinkedIn and Facebook as the meta-data changes when the same image is shared through different user profiles.In particular, LinkedIn uses the subset of the same attributes of the previousSNs and changes some non-significant attributes, like “Exif Byte Order” andthe “Resolution Unit”. However, these changes can not be related to a water-mark since they do not produce a unique identifier, but rather a standard stringfor those attributes. In comparison to LinkedIn, Facebook, substitutes a setof attributes by using the
Information Interchange Model (IIM), that is a setof metadata attributes defined by the International Press TelecommunicationsCouncil (IPTC). Three of the new attributes, “Special Instructions”, “Cur-rent IPTC Digest” and “Original Transmission Reference” receive very unusualvalues, that is three alphanumeric-characters codes. Moreover, the “Special In-structions” does not change if the same image is shared on two different profiles,as the other two are strictly related to the user profile that shares the image.19ccording to the standard, the “Special Instructions” is a text field that caninclude special restrictions, additional permissions, and credits required whenpublishing. The “Current IPTC Digest” is the hash digest of the other IPTCdata. Finally, “Original Transmission Reference” is typically used to improvethe transmission and routing purposes of the image. Facebook does not releaseany details about these fields’ encoding. Even if the last two fields change whenthe same image is shared on different profiles, we can not claim that they areused for watermarking purposes.In order to investigate the Facebook metadata case, we performed some ad-ditional tests. In particular, we wanted to study the following three crucialaspects: • Time test - The images were uploaded and downloaded twice on the sameprofile, after a certain time. The aim was to determine whether the meta-data was time-dependent. • Sharing test - The aim was to determine whether the metadata changedwhen the image was shared across profiles. In practice, the images wereuploaded on profile P and downloaded three times: from P , from P that had visited P , and from P that had shared the images on his/herwall (i.e., the web page where others users, like friends and fans, can posttheir thoughts, images and video). The aim was to determine whether themetadata was sharing-dependent • Location test - CDN provides digital content from locations closer to theuser. Since it is unknown which node of the CDN serves our request,we used a VPN to repeat sharing test forcing one of the two profiles tobe located in the following countries: Russia, China, United States andUnited Kingdom. The aim was to determine whether the metadata waslocation-dependent.In all these three new tests, the previous name comparison , full comparison ,and content comparison produced the same results. The metadata comparison time test , the “Special Instructions” was the same even after 24 hours, as “Cur-rent IPTC Digest” and “Original Transmission Reference” received differentvalues just after few seconds. In sharing test and location test all the threeattributes preserved the same values. This means that the metadata is surelyprofile-dependent and time-dependent, but not sharing and location dependent.At the time of writing, the social network watermarking test reveals thatnone of the selected SNs applies any profile-dependent watermark visible out-side the network. Facebook introduces some suspicious values in three newattributes. However, the metadata can be easily erased or modified and can-not be considered a good solution for authorship attribution and verificationpurpose.
6. User Explicit Watermarking
In this section, we present the results of some conventional image water-marking techniques on SNs we considered in our study. The goal is to figureout if these approaches can reliably be used on SNs for marking the images tobe uploaded. In order to carry out our tests, we selected several free invisible watermarking algorithms. We performed our analysis on the set of SNs andimages described in Section 4.There are a number of watermarking tools, however, we selected open-sourceor freeware tools that work with the image file formats accepted by SNs (i.e.,jpg and png). These tools can be categorized into spatial and transform domainwatermarking algorithms. The first category includes easy to implement andlow complexity methods. On the flip side, these watermarking tools presentweaknesses like weak robustness and low security. The methods in transformdomain watermarking class are widely applied and they can reach a good balance21etween robustness and imperceptibility. For our tests we selected the followingthirteen algorithms:
A1)
BlindHide replaces the least significant bits (LSB) of each pixel with thewatermark [66].
A2)
HideSeek tries to get around the security issues in BlindHide by distribut-ing the watermark across the image with a different pixel order [66].
A3)
FilterFirst adopts an edge-detecting filter (Laplace) to check the area withvalue-homogeneous pixels [66].
A4)
BattleSteg is based on the Battleships game and identifies the best areaof the image to embed the watermark [66].
A5)
Dynamic FilterFirst improves the FilerFirst by using dynamic program-ming [66].
A6)
Dynamic BattleSteg , like the
Dynamic FilterFirst , uses dynamic program-ming to improve BattleSteg [66].
A7) F5 implements matrix encoding during the JPEG compression process[67]. A8)
OpenPuff applies multiple layers of protection and data decorrelation inorder to embed the watermark [68].
A9)
OpenStego implements Dugad’s algorithm [69], a wavelet-based method,for watermarking the image [70].
A10)
Secretbook is specifically designed for performing steganography on Face-book by exploiting the quality factor and the quantisation matrix [71].
A11)
SilentEye combines LSB and Advanced Encryption Standard (AES) tech-nique to hide the watermark [72].
A12)
SteganPEG performs data compression and decompression before water-marking the image [73]. 22
Steghide uses a graph-theoretic algorithm to find pairs of positions of theimage to be swapped in order to embed the watermark [74].Table 6 shows the results of the watermark extraction process for each resolu-tion class respectively. In particular, we denote with a grey cell if the extractionprocess successfully retrieved the original watermark from the downloaded im-ages. SilentEye and Steghide are not able to embed the watermark with largeimages and SteganPEG returns “image capacity exceeded” error with small im-ages. For these reasons, we consider these 3 algorithms as a failure. Since Flickrand Google+ do not apply any compression, the watermark is preserved for eachwatermarking algorithm and resolution class. None of the selected methods isable to create a robust watermark that can successfully pass through Instagramand LinkedIn. Experiments also revealed that spatial domain based water-marking methods, like BlindHide, HideSeek, FilterFirst, BattleSteg, DynamicFilterFirst, Dynamic BattleSteg and SteganPEG are too weak to be appliedto shared images on SNs. The other methods, like F5, OpenPuff, SecretBookand SilentEye, obtain better results with standard and small images. However,SilentEye heavily transforms the image that appears visually modified and de-graded to the user. Figure 2 shows the effects of SilentEye algorithm. The
Table 6: The watermark extraction results for each selected algorithms for all SNs. Thesuccess of the extraction process is shown with a grey cell following this sequence standard,large (4128 × × SNs A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13
FacebookFlickrGoogle+InstagramLinkedInPinterestTelegramTumblrTwitterViberVKWeChatWhatsApp igure 2: The original image portion on the left , the portion of the SilentEye outcome in themiddle , and the same SilentEye outcome with red circles highlighting artefacts on the right . watermarked image is affected by a diffuse noise if compared with the originalone. We highlighted the vertical artefacts on the right-hand side with red circles.The same artefacts can be found in the middle portion of the image.Based on findings in user explicit watermarking test, transform domain wa-termarking methods are a good candidate to apply a personal watermark to theimages to be shared on SNs. However, as shown in Table 6, there is not a singlewatermarking technique that can be successfully used across all SNs. Moreover,the user has to act consciously to embed a watermark into his/her personalphotos. However, this is less likely to happen in scenarios of instant picturesharing through mobiles on social platforms like Instagram and WhatsApp.
7. User Unaware Watermarking
Smartphones have a big contribution to a large number of images beingshared on SNs [1]. For this reason, in this section, we explore whether thenoise left by the sensor of the smartphone’s camera can be successfully used towatermark the images being uploaded on SNs.To perform our investigation, we selected six smartphones from three differ-ent brands with three pairs of identical models (Table 7). The reason of pickingthe identical models was to verify if the test can work across two different phonesof the same models, as identical models mount identical components. For each24evice, we considered both the front and rear camera that usually present differ-ent characteristics in term of sensor, quality, and resolution. The iPhone 6 and iPhone 6 Plus both have an identical front and rear camera. For each camera ofeach device, we took 700 photos. In total the dataset consists of 8,400 images .Then for each camera, we kept a subset of 50 original images and we uploadedand downloaded 50 images on each of the 13 SNs in Table 1. Table 7: The six smartphones used for the user unaware watermarking tests and the pixelresolution of the front and rear cameras.
ID Brand Model Front Camera Rear Camera ×
960 3264 × ×
960 3264 × ×
960 3264 × ×
960 3264 × × × × × profile attribution , intra-layer user profiles linking ,and inter-layer user profiles linking (see Section 1.2) on the downloaded images. The unavoidable noise that affects any image can be categorised into shotnoise and pattern noise . The first one is introduced due to external factors suchas brightness, temperature and humidity; the second component is regular andsystematic. We exploit a PRNU-based method [43] to extract the dominantpart of the pattern noise and define this noise as the user unaware watermark .In order to extract the noise, we tested several different algorithms, likeDiffusion Anisotropic [75], Diffusion Isotropic [76], Block Matching 3D (BM3D)[77], Wavelet Soft Threshold [78], Wavelet Hard Threshold [79], and Wavelet The dataset is available from http://smartdata.cs.unibo.it/datasets
F P i of the smartphone camera i was approximated as the average of residual PRNUs of n pictures captured bythat device: F P i = 1 n n (cid:88) j =1 BM D ( Y ( I j )) (1)where the function Y () extracts the Y channel and BM D () extracts the PRNU,and the resultant F P i is a matrix as big as the original image. In order toevaluate if a generic image I k had been taken by the same camera, the standardnormalized correlation was applied between the PRNU ( N k ) extracted from I k and the fingerprint F P i : corr ( N k , F P i ) = ( N k − N k )( F P i − F P i ) (cid:107) ( N k − N k ) (cid:107)(cid:107) ( F P i − F P i ) (cid:107) (2)where N k is equal to BM D ( Y ( I k )), and N k and F P i are scalars that representthe mean value of N k and F P i matrices. The correlation value can vary from 0(different source) to 1 (same source). In order to correlate images with differentsizes, large images were scaled to the small one.Figure 3 shows the results using the methodology described above on originalimages. The graphs in the first two rows represent the front cameras of eachdevice, while those in the second two rows represent the rear cameras. For eachsmartphone’s camera in Table 7, we used a training set of 33 images (two-thirds) to define F P , and a test set of 17 images (one-thirds) to compose theset of images to be correlated. In accordance with [81], using a training set of20 is enough to obtain good results. Each graph represents the values obtainedby correlating a specific
F P i with all the images in the 12 test sets. High valueswere achieved when the F P i and the test set come from the same source (greendots). All obtained correlation values were in the range from 0 to 0.1. However,a heuristic threshold of 0.011 (purple horizontal line) that maximises both thewhole positive and negative predictive values allowed to correctly classify all theimages, in line with previous evidence [46]. In the subsequent subsections, we26 a) (b) (c)(d) (e) (f)(g) (h) (i)(j) (k) (l)Figure 3: Correlation results for each of the twelve fingerprints, six for the front cameras (firstand second rows) and six for the rear cameras (third and fourth rows). X F and X R identifythe front and the rear camera of the smartphone X , respectively. discuss the results of our three experiments (e.g., profile attribution , intra-layer and inter-layer user profiles linking ) on the images downloaded from all the 13SNs. 27 a) (b) (c)(d) (e) (f)(g) (h) (i)(j) (k) (l)Figure 4: Profile attribution results. Each graph groups the results of a single source on allthirteen SNs, six for the front cameras (first and second rows) and six for the rear cameras(third and fourth rows). The number of images in each cell is identified through a white-to-bluescale, from 0 (white) to 17 (blue). task allows us to verify through which smartphone theuser has taken and uploaded the images on a SN (see case (a) in Figure 1). For28his test, for each SN in Table 1 and for each smartphone’s camera in Table 7, wealso used a training set of 33 original images and a test set of 17 downloadedimages. This means that we obtained thirteen graphs for each smartphone’scamera, one for each SN, that look like as a single graph in Figure 3. In thiscase, in order to define the threshold that allows to classify the images we useda simple generalized linear model.Figure 4 shows the profile attribution results for each smartphone’s camera,results for the front cameras are in the first two rows and for the rear camerasare in the second two rows. In particular, each row in each graph represents theclassification results for a specific SN and each white-to-blue scale cell identifiesthe 17 images of test set assigned to the source camera in that SN, from 0(white) to 17 (blue). This aggregation allows to highlight the user unawarewatermarking capability of each smartphone’s camera in each SN. If all theimages are correctly assigned, in each graph we see an intense blue columncorresponding to the right source and no other “switched on” cells out of thatcolumn. The results show that for all source cameras in each SN, the fingerprint
F P allows to correctly classify almost all the 17 downloaded images. Moreover,the erroneously assigned images do not compromise the identification of thesource since only in 5 graphs out of 12, that is (a), (b), (g), (i) and (l), we cansee very few images wrongly assigned to the right source.
In this section, we discuss results in the context of intra-layer user profileslinking that is the task to identify if a set of images from two different userprofiles within the same SN belong to the same user (see case (b) in Figure 1).For this reason, both the training set (33 downloaded images) and the testset (17 downloaded images) were taken from the same SN. Thus, we obtainedthirteen graphs (one for each SN) for each smartphone’s camera, and we usedagain a generalized linear model for the classification process.Figure 5 shows the intra-layer user profiles linking performances for eachsmartphone’s camera, front cameras are in the first two rows and rear cameras29 a) (b) (c)(d) (e) (f)(g) (h) (i)(j) (k) (l)Figure 5:
Intra-layer user profiles linking results. Each graph groups the results of a singlesource on all thirteen SNs, six for the front cameras (first and second rows) and six for therear cameras (second and third rows). The number of images in each cell is identified througha white-to-blue scale, from 0 (white) to 17 (blue). are in the second two rows. In particular, each row in each graph represents theclassification results for a specific SN and each white-to-blue scale cell identifiesthe images assigned to the source camera in that SN, from 0 (white) to 17 (blue).30he results show that for each front source camera, the fingerprint
F P allowsto correctly classify almost all the 17 downloaded images in each SN. WeChat(penultimate row from the top in each graph) returns worst results for the rearcameras. This is probably because WeChat provides a high compression levelwith large images, as shown in Table 2. However, in all the graphs we see awell-defined blue column corresponding to the right source. is the most challenging task and allows toverify if two sets of images from different user profiles on different SNs belongto the same user (see case (c) in Figure 1). Since the combination of all SNsproduces a very large set of results (i.e., 12 graphs for each SN for each cam-era), we selected a representative subset of SNs composed of Facebook (SN01),Instagram (SN04), Telegram (SN07), and WhatsApp (SN13). In this case, the training set of 33 downloaded images and the test set of 17 downloaded im-ages were selected from different SNs among the selected ones. For instance,while we used 33 images from Facebook to define the fingerprint
F P , all the17-images test sets were selected from Instagram. In this test, we also used ageneralized linear model for the classification process.The combination of all the selected SNs produced the results shown in Figure6, front cameras are in the first two rows and rear cameras are in the second tworows. Each graph represents the inter-layer user profiles linking performancesfor a given source camera. In particular, in each graph, each group of 3 rowsfrom top to bottom represents the results using the fingerprint from a specificSNs (i.e., Facebook for the first three rows, Instagram for the second three rows,Telegram for the third three rows, and WhatsApp for the last three rows). Theresults show a slight worsening in comparison to intra-layer user profiles linking ,however, the number of misclassified images is very low. The problem is par-ticularly significant when the Instagram images are involved in the comparison.In fact, the worst results occurred both when the fingerprint was defined withInstagram’s images (i.e., the second group of three rows from the top) as well as31 a) (b) (c)(d) (e) (f)(g) (h) (i)(j) (k) (l)Figure 6:
Inter-layer user profiles linking results. Each graph groups the results of a singlesource on all thirteen SNs, six for the front cameras (first and second rows) and six for therear cameras (third and fourth rows). The number of images in each cell is identified througha white-to-blue scale, from 0 (white) to 17 (blue). when we tried to classify the Instagram’s images (i.e., the first row in the firstgroup of three rows and the second row in the third and fourth group of threerows). However, all the other SNs combinations that do not involve Instagram’s32mages obtained good results, especially with front images.The results show the effectiveness of the PRNU-based method in the task ofdefining a user unaware watermarking for all the considered SNs. It is robustenough in spite of the use of the shared images degraded by SNs during theuploading and downloading process. Our results indicate that the proposedmethod can be successfully used both for the profile attribution and for the intra/inter-layer user profiles linking . Moreover, the method makes it possibleto identify those profiles that belong to the same user, for instance like fakeprofiles.
8. Conclusions
An increasingly large amount of data is loaded daily and shared on SNs andthe majority of this flow of data includes images. Thus it is important to findsolutions for authorship attribution and verification of these pictures to avoidproblems like impersonating or fake profiles.We trod multiple investigations in the domain of the image watermarking.All the experiments we conducted in the context of social networks watermarking showed no evidence of watermarks. Facebook introduces some suspicious valuesin images’ metadata that actually can not be considered a robust watermark inSNs context.Next, we conducted a detailed review of how conventional image water-marking algorithms ( user explicit watermarking ) behave on each selected SN.In particular, we examined whether they can resist the compression algorithmsapplied by social platforms. In this case, we found that none of the algorithms isable to apply a robust watermark that retains in all the 13 selected SNs. More-over, in some cases, these watermarking algorithms visually altered the originalimage.Finally, we showed that a user unaware watermark based on PRNU is ableto resist the compression algorithms of all the 13 SNs investigated in our study.33he PRNU is a regular and systematic noise component characterizing eachimage captured by off-the-shelf cameras (including the smartphone’s camera).We also proved that the method based on this unawarely trace allows to performseveral challenging tasks, that is profile attribution , intra and inter-layer userprofile linking . Moreover, we showed how the user unaware watermark can beexploited for fake profiles detection , that is a corollary of the three previoustasks. Acknowledgment
We thank all the students of
Data Base and
Data Base Complements courses(AY 2015/2016) held by the prof. Montesi at the Department of Computer Sci-ence and Engineering, University of Bologna. They put a big effort in collectingplenty of images throughout the city during the winter period. We also thankAndrea Iann`ı for his efforts in user unaware watermarking experiments.
Funding:
This work has been partially supported by H2020 project, SoBig-Data++ [grant number 871042].
References [1] M. Salehan, A. Negahban, Social networking on smartphones: When mobilephones become addictive, Computers in Human Behavior 29 (6) (2013)2632–2639.[2] S. Rathore, P. K. Sharma, V. Loia, Y.-S. Jeong, J. H. Park, Social networksecurity: Issues, challenges, threats, and solutions, Information Sciences421 (2017) 43–69.[3] Facebook Inc., Form 10-K Annual Report, Tech. Rep. 001-35551, Securitiesand Exchange Commission (December 2014).URL [4] I. Cox, M. Miller, J. Bloom, J. Fridrich, T. Kalker, Digital watermarkingand steganography, Morgan kaufmann, 2007.345] A. B. Kahng, J. Lach, W. H. Mangione-Smith, S. Mantik, I. L. Markov,M. Potkonjak, P. Tucker, H. Wang, G. Wolfe, Watermarking techniques forintellectual property protection, in: Proceedings of the 35th annual DesignAutomation Conference, ACM, 1998, pp. 776–781.[6] S. Dey, N. Roy, W. Xu, R. R. Choudhury, S. Nelakuditi, Accelprint: Imper-fections of accelerometers make smartphones trackable., in: NDSS, 2014.[7] H. Bojinov, Y. Michalevsky, G. Nakibly, D. Boneh, Mobile device identifi-cation via sensor fingerprinting, arXiv preprint arXiv:1408.1416.[8] A. Das, N. Borisov, M. Caesar, Do you hear what i hear?: Fingerprintingsmart devices through embedded acoustic components, in: Proceedings ofthe 2014 ACM SIGSAC Conference on Computer and CommunicationsSecurity, ACM, 2014, pp. 441–452.[9] M. Kaur, K. Mahajan, An existential review on text watermarking tech-niques, International Journal of Computer Applications 120 (18).[10] V. M. Potdar, S. Han, E. Chang, A survey of digital image watermark-ing techniques, in: INDIN’05. 2005 3rd IEEE International Conference onIndustrial Informatics, 2005., IEEE, 2005, pp. 709–716.[11] S. Bhattacharya, T. Chattopadhyay, A. Pal, A survey on different videowatermarking techniques and comparative analysis with reference to h.264/avc, in: 2006 IEEE International Symposium on Consumer Electronics,IEEE, 2006, pp. 1–6.[12] H. Nyeem, W. Boles, C. Boyd, Digital image watermarking: its formalmodel, fundamental properties and possible attacks, EURASIP Journal onAdvances in Signal Processing 2014 (1) (2014) 135.[13] R. Naskar, R. S. Chakraborty, Reversible digital watermarking: Theoryand practices, Synthesis Lectures on Information Security, Privacy, & Trust5 (1) (2014) 1–130. 3514] A. Bamatraf, R. Ibrahim, M. Salleh, Digital watermarking algorithm usinglsb, in: Computer Applications and Industrial Electronics (ICCAIE), 2010International Conference, 2010, pp. 155–159.[15] A. M. Zeki, A. Abdul Manaf, A novel digital watermarking technique basedon isb (intermediate significant bit), World Academy of Science, Engineer-ing and Technology 50 (2009) 989–996.[16] W. Bender, D. Gruhl, N. Morimoto, A. Lu, Techniques for data hiding,IBM systems journal 35 (3.4) (1996) 313–336.[17] A. Mishra, C. Agarwal, A. Sharma, P. Bedi, Optimized gray-scale imagewatermarking using dwt–svd and firefly algorithm, Expert Systems withApplications 41 (17) (2014) 7858–7867.[18] I. J. Cox, J. Kilian, F. T. Leighton, T. Shamoon, Secure spread spec-trum watermarking for multimedia, IEEE transactions on image processing6 (12) (1997) 1673–1687.[19] D. Kundur, D. Hatzinakos, Digital watermarking using multiresolutionwavelet decomposition, in: Acoustics, Speech and Signal Processing, 1998.Proceedings of the 1998 IEEE International Conference on, Vol. 5, IEEE,1998, pp. 2969–2972.[20] J. J. O’Ruanaidh, T. Pun, Rotation, scale and translation invariant digitalimage watermarking.[21] C.-C. Chang, P. Tsai, C.-C. Lin, Svd-based digital image watermarkingscheme, Pattern Recognition Letters 26 (10) (2005) 1577–1586.[22] P. Saravanan, M. Sreekara, K. Manikantan, Digital image watermarkingusing daubechies wavelets, in: Signal Processing and Integrated Networks(SPIN), 2016 3rd International Conference on, IEEE, 2016, pp. 57–62.[23] C.-C. Lai, C.-C. Tsai, Digital image watermarking using discrete wavelettransform and singular value decomposition, IEEE Transactions on instru-mentation and measurement 59 (11) (2010) 3060–3063.3624] X. Zhang, Y. Yang, A geometric distortion resilient image watermark al-gorithm based on dft-svd., Jisuanji Gongcheng/ Computer Engineering32 (18) (2006) 120–121.[25] R. Ansari, M. M. Devanalamath, K. Manikantan, S. Ramachandran, Ro-bust digital image watermarking algorithm in dwt-dft-svd domain for colorimages, in: Communication, Information & Computing Technology (IC-CICT), 2012 International Conference on, IEEE, 2012, pp. 1–6.[26] R. Olanrewaju, Development of intelligent digital watermarking via saferegion, PHD, Electrical and Computer Engineering, International IslamicUniversity Malaysia, Kulliyyah of Engineering.[27] P. Chomphoosang, P. Zhang, A. Durresi, L. Barolli, Survey of trust basedcommunications in social networks, in: 2011 14th International Conferenceon Network-Based Information Systems, 2011.[28] A. Zigomitros, A. Papageorgiou, C. Patsakis, Social network content man-agement through watermarking, in: 2012 IEEE 11th International Confer-ence on Trust, Security and Privacy in Computing and Communications,IEEE, 2012, pp. 1381–1386.[29] J. Hiney, T. Dakve, K. Szczypiorski, K. Gaj, Using facebook for imagesteganography, in: Availability, Reliability and Security (ARES), 2015 10thInternational Conference on, IEEE, 2015, pp. 442–447.[30] O. Banos, S. Lee, Y. Yoon, T. Le-Tien, et al., A novel watermarking schemefor image authentication in social networks, in: Proceedings of the 9th In-ternational Conference on Ubiquitous Information Management and Com-munication, ACM, 2015, p. 48.[31] K. Thongkor, N. Mettripun, T. Pramoun, T. Amornraksa, Image water-marking based on dwt coefficients modification for social networking ser-vices, in: Electrical Engineering/Electronics, Computer, Telecommunica-37ions and Information Technology (ECTI-CON), 2013 10th InternationalConference on, IEEE, 2013, pp. 1–6.[32] R. Lyu, J.-T. Zhou, W.-W. Sun, L. Dong, Reversible data hiding overfacebook, Proceedings of Engineering and Technology Innovation 7 (2017)25–30.[33] A. K. Singh, B. Kumar, S. K. Singh, S. Ghrera, A. Mohan, Multiple water-marking technique for securing online social network contents using backpropagation neural network, Future Generation Computer Systems.[34] K. Szczypiorski, Steghash: New method for information hiding in open so-cial networks, International Journal of Electronics and Telecommunications62 (4) (2016) 347–352.[35] A. Kurtz, H. Gascon, T. Becker, K. Rieck, F. Freiling, Fingerprinting mo-bile devices using personalized configurations, Proceedings on Privacy En-hancing Technologies 2016 (1) (2016) 4–19.[36] M. Velten, P. Schneider, S. Wessel, C. Eckert, User identity verificationbased on touchscreen interaction analysis in web contexts, in: InformationSecurity practice and experience, Springer, 2015, pp. 268–282.[37] Y. Huang, J. Zhang, H. Huang, Camera model identification with unknownmodels, IEEE Transactions on Information Forensics and Security 10 (12)(2015) 2692–2704.[38] G. Baldini, G. Steri, A survey of techniques for the identification of mobilephones using the physical fingerprints of the built-in components, IEEECommunications Surveys & Tutorials 19 (3) (2017) 1761–1789.[39] T. Van Lanh, K.-S. Chong, S. Emmanuel, M. S. Kankanhalli, A surveyon digital camera image forensic methods, in: 2007 IEEE internationalconference on multimedia and expo, IEEE, 2007, pp. 16–19.3840] L. T. Van, S. Emmanuel, M. S. Kankanhalli, Identifying source cell phoneusing chromatic aberration, in: Multimedia and Expo, 2007 IEEE Interna-tional Conference on, IEEE, 2007, pp. 883–886.[41] S. Bayram, H. Sencar, N. Memon, I. Avcibas, Source camera identificationbased on cfa interpolation, in: IEEE International Conference on ImageProcessing 2005, Vol. 3, IEEE, 2005, pp. III–69.[42] A. C. Popescu, H. Farid, Exposing digital forgeries in color filter array in-terpolated images, Signal Processing, IEEE Transactions on 53 (10) (2005)3948–3959.[43] J. Lukas, J. Fridrich, M. Goljan, Digital camera identification from sensorpattern noise, Information Forensics and Security, IEEE Transactions on1 (2) (2006) 205–214.[44] M. Goljan, J. Fridrich, Camera identification from cropped and scaled im-ages, in: Electronic Imaging 2008, International Society for Optics andPhotonics, 2008, pp. 68190E–68190E.[45] A. Castiglione, G. Cattaneo, A. De Santis, A forensic analysis of imageson online social networks, in: Intelligent Networking and CollaborativeSystems (INCoS), 2011 Third International Conference on, IEEE, 2011,pp. 679–684.[46] A. Castiglione, G. Cattaneo, M. Cembalo, U. F. Petrillo, Experimentationswith source camera identification and online social networks, Journal ofAmbient Intelligence and Humanized Computing 4 (2) (2013) 265–274.[47] X. Kang, Y. Li, Z. Qu, J. Huang, Enhancing source camera identificationperformance with a camera reference phase sensor pattern noise, IEEETransactions on Information Forensics and Security 7 (2) (2012) 393–402.[48] M. Goljan, J. Fridrich, T. Filler, Large scale test of sensor fingerprint cam-era identification, in: IS&T/SPIE Electronic Imaging, International Societyfor Optics and Photonics, 2009, pp. 72540I–72540I.3949] S. Agreste, P. De Meo, E. Ferrara, S. Piccolo, A. Provetti, Trust networks:topology, dynamics, and measurements, IEEE Internet Computing 19 (6)(2015) 26–35.[50] G. Kontaxis, I. Polakis, S. Ioannidis, E. P. Markatos, Detecting social net-work profile cloning, in: Pervasive Computing and Communications Work-shops (PERCOM Workshops), 2011 IEEE International Conference on,IEEE, 2011, pp. 295–300.[51] M. Fire, D. Kagan, A. Elyashar, Y. Elovici, Friend or foe? fake profileidentification in online social networks, Social Network Analysis and Mining4 (1) (2014) 1–23.[52] M. Conti, R. Poovendran, M. Secchiero, Fakebook: detecting fake profilesin on-line social networks, in: Proceedings of the 2012 International Con-ference on Advances in Social Networks Analysis and Mining (ASONAM2012), IEEE Computer Society, 2012, pp. 1071–1078.[53] R. Sharma, M. Magnani, D. Montesi, Investigating the types and ef-fects of missing data in multilayer networks, in: Proceedings of the 2015IEEE/ACM International Conference on Advances in Social NetworksAnalysis and Mining 2015, ACM, 2015, pp. 392–399.[54] N. Al Mutawa, I. Baggili, A. Marrington, Forensic analysis of social net-working applications on mobile devices, Digital Investigation 9 (2012) S24–S33.[55] E. Raad, R. Chbeir, A. Dipanda, User profile matching in social networks,in: Network-Based Information Systems (NBiS), 2010 13th InternationalConference on, IEEE, 2010, pp. 297–304.[56] T. Iofciu, P. Fankhauser, F. Abel, K. Bischoff, Identifying users acrosssocial tagging systems., in: ICWSM, 2011.4057] J. Vosecky, D. Hong, V. Y. Shen, User identification across multiple socialnetworks, in: 2009 First International Conference on Networked DigitalTechnologies, IEEE, 2009, pp. 360–365.[58] X. Liang, X. Li, K. Zhang, R. Lu, X. Lin, X. S. Shen, Fully anonymousprofile matching in mobile social networks, IEEE Journal on Selected Areasin Communications 31 (9) (2013) 641–655.[59] S. Bartunov, A. Korshunov, S.-T. Park, W. Ryu, H. Lee, Joint link-attribute user identity resolution in online social networks, in: Proceed-ings of the 6th International Conference on Knowledge Discovery and DataMining, Workshop on Social Network Mining and Analysis. ACM, 2012.[60] P. Jain, P. Kumaraguru, A. Joshi, @ i seek’fb. me’: identifying users acrossmultiple online social networks, in: Proceedings of the 22nd internationalconference on World Wide Web, ACM, 2013, pp. 1259–1268.[61] K. Cortis, S. Scerri, I. Rivera, S. Handschuh, An ontology-based techniquefor online profile resolution, in: International Conference on Social Infor-matics, Springer, 2013, pp. 284–298.[62] O. Goga, P. Loiseau, R. Sommer, R. Teixeira, K. P. Gummadi, On thereliability of profile matching across large online social networks, in: Pro-ceedings of the 21th ACM SIGKDD International Conference on KnowledgeDiscovery and Data Mining, ACM, 2015, pp. 1799–1808.[63] O. Peled, M. Fire, L. Rokach, Y. Elovici, Entity matching in online socialnetworks, in: Social Computing (SocialCom), 2013 International Confer-ence on, IEEE, 2013, pp. 339–344.[64] M. Zampoglou, S. Papadopoulos, Y. Kompatsiaris, Large-scale evaluationof splicing localization algorithms for web images, Multimedia Tools andApplications 76 (4) (2017) 4801–4834.[65] S. Committee, et al., Exchangeable image file format for digital still cam-eras: Exif version 2.3, Tech. Rep. CIPA DC-008-2012, JIETA CP-3451C,41amera & Imaging Products Association (CIPA) and Japan Electronicsand Information Technology Industries Association (JEITA) (2010).[66] K. Hempstalk, Hiding behind corners: Using edges in images for bettersteganography, in: Proc. Computing Womens Congress, Hamilton, NewZealand, Vol. 14, 2006.[67] A. Westfeld, F5–a steganographic algorithm, in: Information hiding,Springer, 2001, pp. 289–302.[68] T. Sloan, J. Hernandez-Castro, Steganalysis of openpuff through atomicconcatenation of mp4 flags, Digital Investigation 13 (2015) 15–21.[69] R. Dugad, K. Ratakonda, N. Ahuja, A new wavelet-based scheme for wa-termarking images, in: Image Processing, 1998. ICIP 98. Proceedings. 1998International Conference on, Vol. 2, 1998, pp. 419–423.[70] S. Vaidya, Openstego v0.7.0 (2014).URL [71] O. Campbell-Moore, An error-resistant steganography algorithm for com-municating secretly on facebook, Master’s thesis, Department of ComputerScience, Oxford University (2013).[72] A. Chorein, Silenteye v0.4 (2014).URL https://github.com/achorein/silenteye [73] V. L. Reddy, A. Subramanyam, P. C. Reddy, Steganpeg steganography+jpeg, in: Ubiquitous Computing and Multimedia Applications (UCMA),2011 International Conference on, IEEE, 2011, pp. 42–48.[74] S. Hetzl, Steghide v0.5.1 (2003).URL http://steghide.sourceforge.net/index.phphttp://steghide.sourceforge.net/index.php