Zhishou Zhang

A proposal of butterfly-graph based stream authentication over lossy networks

In this paper, we propose a butterfly-graph based stream authentication scheme for lossy networks where the streaming packets could be lost in both random and burst ways. Due to the nice properties of butterfly graph, the proposed scheme is quite robust and efficient. Theoretical analysis and simulation results show that the proposed scheme outperforms existing schemes in terms of overhead and authentication probability while maintaining the same levels of sender/receiver delay and robustness.

An Optimized Content-Aware Authentication Scheme for Streaming JPEG-2000 Images Over Lossy Networks

This paper proposes an optimized content-aware authentication scheme for JPEG-2000 streams over lossy networks, where a received packet is consumed only when it is both decodable and authenticated. In a JPEG-2000 codestream, some packets are more important than others in terms of coding dependency and image quality. This naturally motivates allocating more redundant authentication information for the more important packets in order to maximize their probability of authentication and thereby minimize the distortion at the receiver. Towards this goal, with the awareness of its corresponding image content, we formulate an optimization framework to compute an authentication graph to maximize the expected media quality at the receiver, given specific authentication overhead and knowledge of network loss rate. System analysis and experimental results demonstrate that the proposed scheme achieves our design goal in that the rate-distortion (R-D) curve of the authenticated image is very close to the R-D curve when no authentication is required

A unified authentication framework for JPEG2000

This paper proposes a unified authentication framework for JPEG2000 images, which consists of fragile, lossy and lossless authentication for different applications. The authentication strength can be specified using only one parameter called lowest authentication bit-rate (LABR), bringing much convenience to users. The lossy and lossless authentication could survive various incidental distortions while being able to allocate malicious attacks. In addition, with lossless authentication, the original image can be recovered after verification if no incidental distortion is introduced

A novel lossy-to-lossless watermarking scheme for JPEG2000 images

In this paper, we propose a lossy-to-lossless watermarking scheme for JPEG2000/J2K images. The watermarking is incorporated into the procedure of J2K coding in a way that the final watermark coded J2K bitstream can still maintain lossless-to-lossy scalability. To recover the original image, the J2K decoder does not need to extract the embedded watermark. This is achieved by dividing the magnitude bits of the wavelet coefficients into two portions, controlled by the watermarking survival rate (WSR). The upper portion is used to embed watermarks, while the lower portion is modified to compensate for the distortion introduced by the watermarks in the upper portion. Watermark detection can be done either from the upper portion or from the lower portion, based on a presetting threshold. Experimental results show that the J2K coded watermarked images still nearly follow the rate-distortion curve optimized for their original J2K images.

Flexible Layered Authentication Graph for Multimedia Streaming

In this paper, a new flexible layered authentication graph (FLAG) algorithm is proposed for multimedia streaming authentication. While maximizing the verification probability by avoiding authentication path overlapping, this algorithm allows flexible communication overhead in terms of the number of hash links, as well as flexible authentication group size. These flexibilities make FLAG an excellent candidate for multimedia streaming authentication, in that (i) in the sender buffering mode, it allows elastic sending delay required by multimedia streaming congestion control; (ii) in the receiver buffering mode, it facilitates adaptation to effective network bandwidth; (iii) it also has the potential to provide unequal authentication protection (UAP), which is a natural solution for multimedia code stream. Our analysis and experiment results further confirm the validity of our algorithm.

The emerging JPEG-2000 security (JPSEC) standard

The emergence of digital imaging applications is accelerating the need for security of digital imagery. The emerging international standard ISO/IEC JPEG-2000 security (JPSEC) is designed to provide security for digital imagery, and in particular digital imagery coded with the JPEG-2000 image coding standard. This paper provides an overview of the JPSEC standard, including a description of its basic architecture and examples of its use

A joint ECC based media error and authentication protection scheme

This paper presents a novel content-aware joint media error and authentication protection scheme based on error correcting coding (ECC). The innovation of the proposed scheme lies in the true joint design of error protection and authentication verification. This is fundamentally different from many existing schemes in which they consider media authentication separately from other media processing components such as error protection in media communication systems. By making use of the channel information and integrating the authentication with error protection necessary in contemporary media communication systems, we are able to achieve 100% complete verification with low authentication overhead. With such integration, the end-to-end media quality and media security guarantee can be obtained. Based on this joint error and authentication protection framework, an optimal rate allocation algorithm under certain source and channel models is also developed. Simulations based on JPEG 2000 images have been carried out to validate the proposed scheme and the simulation results show that the proposed approach is indeed able to achieve simultaneous error and authentication protection for JPEG 2000 images.

Rate-Distortion-Authentication optimized streaming with Generalized Butterfly Graph authentication

This paper shows how Rate-Distortion-Authentication (R-D-A) optimized streaming may be performed with the Generalized Butterfly Graph (GBG) stream authentication method. R-D-A streaming is designed to compute an optimized transmission policy by accounting for both coding and authentication dependencies, and GBG is designed to protect the authenticity of a media stream. The GBG graph is better suited for streaming than the original Butterfly graph since it is highly flexible and can support an arbitrary number of packets and arbitrary overhead. However, the dependency chains within the GBG graph are much longer and are tangled with each other-making it very difficult to quantify the dependencies necessary to perform R-D-A streaming. We propose a method to estimate the authentication dependencies, which is then used by the R- D-A technique to compute the optimized transmission policy.

A Content-Aware Stream Authentication Scheme Optimized for Distortion and Overhead

This paper proposes a content-aware authentication scheme optimized to account for distortion and overhead for media streaming. When authenticated media is streamed over a lossy network, a received packet is consumed only when it is both decodable and authenticated. In most media formats, some packets are more important than others. This naturally motivates allocating more redundant authentication information for the more important packets in order to maximize their probability of authentication and thereby minimize distortion at the receiver. Toward this goal, with awareness of the media content, we formulate an optimization framework to compute an authentication graph to maximize the expected media quality at the receiver, given specific authentication overhead and knowledge of network loss rates. Experimental results with JPEG-2000 coded images demonstrate that the proposed method achieves our design goal in that the R-D curve of the authenticated image is very close to the R-D curve when no authentication is required

Stream Authentication Based on Generlized Butterfly Graph

This paper proposes a stream authentication method based on the generalized butterfly graph (GBG) framework. Compared with the original Butterfly graph, the proposed GBG graph supports an arbitrary overhead budget and number of packets. Within the GBG framework, the problem of constructing an authentication graph is considered as a design problem: Given total number of packets, packet loss rate, and overhead budget, we show how to design the graph (number of rows and columns and edge allocation among nodes) to maximize the expected number of verified packets. In addition, we also propose a new evaluation metric called loss-amplification-factor (LAF), which measures the extent to which the authentication method exacerbates the effective packet loss rate. Experimental results demonstrate significant performance improvements over existing authentication methods like EMSS, augmented chain, and the original Butterfly.