1. INTRODUCTION

         This paper explores the various techniques used to authenticate the visual data recorded by the
automatic video surveillance system. Automatic video surveillance systems are used for continuous and
effective monitoring and reliable control of remote and dangerous sites. Some practical issues must be
taken in to account, in order to take full advantage of the potentiality of VS system. The validity of visual
data acquired, processed and possibly stored by the VS system, as a proof in front of a court of law is
one of such issues. But visual data can be modified using sophisticated processing tools without leaving
any visible trace of the modification. So digital or image data have no value as legal proof, since doubt
would always exist that they had been intentionally tampered with to incriminate or exculpate the
defendant. Besides, the video data can be created artificially by computerized techniques such as
morphing. Therefore the true origin of the data must be indicated to use them as legal proof. By data
authentication we mean here a procedure capable of ensuring that data have not been tampered with
and of indicating their true origin.


        Automatic Visual Surveillance system is a self monitoring system which consists of a video
camera unit, central unit and transmission networks.(figure)

         A pool of digital cameras is in charge of frame the scene of interest and sent corresponding
video sequence to central unit. The central unit is in charge of analyzing the sequence and generating an
alarm whenever a suspicious situation is detected. Central unit also transmits the video sequences to an
intervention centre such as security service provider, the police department or a security guard unit.
Somewhere in the system the video sequence or some part of it may be stored and when needed the
stored sequence can be used as a proof in front of court of law. If the stored digital video sequences
have to be legally credible, some means must be envisaged to detect content tampering and reliably
trace back to the data origin


          Authentication techniques are performed on visual data to indicate that the data is not a
forgery; they should not damage visual quality of the video data. At the same time, these techniques
must indicate the malicious modifications include removal or insertion of certain frames, change of faces
of individual, time and background etc. Only a properly authenticated video data has got the value as
legal proof. There are two major techniques for authenticating video data. They are as follows

1.   Cryptographic Data Authentication

       It is a straight forward way to provide video authentication, namely         through the joint use of
asymmetric key encryption and the digital Hash function.

          Cameras calculate a digital summary (digest) of the video by means of hash function. Then
they encrypt the digest with their private key, thus obtaining a signed digest which is transmitted to the
central unit together with acquired sequences. This digest is used to prove data integrity or to trace back
to their origin. Signed digest can only read by using public key of the camera.

2.   Watermarking- based authentication

        Watermarking data authentication is the modern approach to authenticate visual data by
imperceptibly embedding a digital watermark signal on the data.

         Digital watermarking is the art and science of embedding copyright information in the original
files. The information embedded is called ‘watermarks ‘. Digital watermarks are difficult to remove
without noticeably degrading the content and are a covert means in situation where copyright fails to
provide robustness.

         Mounting concern over the new threats to privacy and security has lead to wide spread
adoption of cryptography. Cryptography is the science of transforming documents. It has mainly two

        Encryption
        Decryption

         The purpose of encryption is to render a document unreadable by all except those who
authorize to read it. Cryptographers refer to the content of the original document as plain text. Plain text


is converted in to cipher form using an algorithm and a variable or key. The key is a randomly selected
string of numbers.

      Only after decoding the cipher text using the key the content of the document is revealed to the
common people. Encryption schemes are classified in to

1. Symmetric encryption

         In which the same key is used to both encode and decode the document.

2. Public key or asymmetric encryption

         It requires a pair of keys: one for encrypting the plain text and the other for decrypting the
cipher text. A file encrypted with one key of a pair can be decrypted with other key of the same pair.


         To authenticate visual data each video camera is assigned a different public or private key pair,
with private key hardwired within the cameras. A document encrypted with the private key of any
particular camera can be decrypted with its own public key. This property is used to provide center
authentication that is to trace back to the true origin of the data.

         Before sending the video sequence to the central unit, cameras calculate a digital summary or
digest of the video by means of a proper hash function. The digest is then encrypted with their private
key. Encryption is done by considering the digitized value of the brightness of each pixel. Digital signal is
a sequence of zeros and ones and it is encrypted with the private key using a proper algorithm. The
signed digest thus obtained is then transmitted to the central unit together with the acquired visual

          Later the signal digest is used to prove data integrity or to trace back to their origin. The signed
digest is read using the public key of the camera which produce the video and check if it corresponds to
the digest derived from the decrypted video content using the same hash function.

         Any manipulation of the data will change the calculated image digest derived from the
decrypted data. Any discrepancy between the decrypted digest and calculated image digest indicate that
the data has been tampered, with identical digest indicates that the data is genuine.

          Value of the visual data can be added by tying each frame to the particular label of the instant
the frame has been produced yet. This can be achieved by printing date and time of creation of each
frame. Any modification of either the date or time could be easily revealed since it would change the
locally calculated image digest.


          Even though cryptographic data authentication is highly resistant to content tampering, it
suffers from few drawbacks. They are as follows:

1. Knowledge of private key

         If the manipulator knows the private key of the camera, he can change the digest to involve the
modifications he had made on the actual sequence. But the possibility of such a thing is very small
because the private key is hardwired within the camera.

2. Impossible to distinguish between malicious and innocuous modification

         It is difficult to distinguish between malicious and innocuous manipulations if cryptography is
used. Innocuous modifications include compression of the video sequences. These modifications are
usually performed by the central unit whereas digest is calculated on the basis of the uncompressed data
by the camera. So on compression the correspondence between the digest and data would be lost.

3. High requirements of video camera

         To avoid the above discussed problem, the video camera should perform the compression of the
video sequences prior to digest calculation. This requires the video camera to have high computation as
storage requirements.

4. Delay in transmission


         Digest calculations and encryption introduces a delay in transmission of video documents. This
is harmful in system where the timely generation of alarm is critical.

5. Protecting privacy is difficult

          A part of the program cannot be removed for privacy reasons since it will alter the calculated


        A digital watermark is a signal that is imperceptibly embedded within digital data. This signal
can be detected or extracted by means of computations to make some assertions about the host data.

         Digital watermark is a signal which added to a document to authenticate it and to prove the
ownership. A commonly encountered digital watermark is the logo most television channels display on
the top of the television screen. Not only does it advertise the channel but also provides the legal benefit
of having a source signature persist during video recording. Watermark task consists of two main steps

1. Watermark casting:-in which the signal represented by the watermark is transmitted         over the
channel, that is in watermark casting an encoder function Є takes a host image ‘f’ and a watermark ‘w’
and generate a new image
     Fw= Є (f, w)

2. Watermark detection:-in which the signal is received and extracted from possibly corrupted image.


         The characteristics of watermarking system largely depend on its application scenario. For
instant copy write protection application require that the watermark is robust against most common data
manipulation,ie its presents can still be detected after nondestructive transformation of host document.
Two approaches for watermarking data authentication are possible

1. Fragile watermarking
2. Robust watermarking

         Fragile watermarking refers to the case where watermark inserted within the data is lost or
altered as soon as host data undergoes any modification. Watermark loss or alternation is taken as
evidence that data has been tampered with, whereas the information contained within data used to
demonstrate data origin

          In case of robust watermarking a summary of the candidate frame or video sequence is
computed and is inserted within the video sequence. Information about the data origin is also with the
summary. To prove data integrity the information conveyed by the watermark is recovered and
compared with the actual content of the sequence. Their mismatch is taken as an evidence of data
tampering. The capability to localize the manipulation will depend on the summary of which is embedded
in to the image.


          Semi fragile watermark is more mature than robust watermarking. Tamper localization is easier
in fragile watermarking but it is difficult to distinguish between malicious and innocuous manipulations.

          Image authentication by means of robust watermarking is very promising with regards to the
distinction between malicious and innocuous manipulations. The robustness of such technique depends
on the number of bits that can be hidden in to the image.


       In order to highlight the peculiarities of VS data authentication. Let us consider the most
common requirements for watermarking authentication techniques.

1.    The authentication technique must not deteriorate the visual quality of data quality.
2.    The authentication technique should be able to identify any unauthorized processing acquired to
      visual data.
3.    The authentication technique should not consider innocuous manipulation, e.g., image compression
      and zooming, as valid authentication attacks.


4.   It should be difficult for unauthorized person to forge an authenticated image.
5.   The authentication checking procedure should be easily performed by authorized persons.
6.   The authentication checking procedure should localize data tampering.

         By considering particular cases the requirement for the authentication of VS data are following.


         The requirement on the deterioration of the visual quality of authenticated data is usually
referred to us as invisibility constraint.

          The authentication technique must not deteriorate the visual quality of data. In this VS case
however this is not crucial issue since VS do not exhibit a quality comparable that of visual data used in
a media. VS data acquired by inexpensive, low quality devices. Visual analysis would possibly be carried
out in a low court will focus on the semantic content of the image, rather than on their visual quality.


         The authentication technique should be able to identify any nonauthorized or malicious
processing occurred to the visual data. Besides the authentication technique should not consider
innocuous manipulation Eg: Image compression or Zooming, as valid authentication techniques.

         When data compression is done in central unit the authentication is performed before
compression and must survive it. To satisfy privacy complaints, some processing is done on the
authenticated video, before it is stored. E.g. for obscuring the faces of persons which are unimportant
on the law point of view. This kind of processing as to be considered as innocuous. On the other side,
the same processing procedure as to be considered as malicious when information that is important for a
court law is removed.

         A solution to this problem is offered by authentication techniques capable of localizing
manipulations. Once the modification is precisely localized, it will be up to the court law to decide if it is
malicious of innocuous.


        The authentication checking procedure should be easily performed by authorized person and it
should be difficult for non authorized person to forge an authenticated image.


        Since water marking is performed inside the video camera, water mark embedding should not
have high computational demands and should be compressing resistant.

          To ensure data integrity, the video sequence is tied to the time and date it has been produced.
The easiest way to detect the removal of one or more frames although alternation of the original frame
order is to embed on each image a serial number before authenticating tools are applied. In fact such a
number can neither be removed nor modified without affecting the authentication check, this making it
impossible to remove or change the position of any frame of the sequence.

        By embedding in each frame the time and date of its creation in dissoluble link is created
between the sequence content and the time instant, so that legal value of the sequence is completely

          The embedded water mark can be made to depend on the frame number and to bear time
information. Frame exchange or substitution would thus be easily detected and acquisition time can be
reliably extracted.

        In figure below a sketch of a simple VS system in which water marking is used to authenticate
VS data in its raw form is given. Time, date and frame serial number are over written to every single
frame before authentication. The authenticated sequence is possessed by a central unit for detecting
pre-alarm situations and then is compressed for storage purposes. In this case authentication tools
should be transparent to the image possessing algorithms applied by the central unit and resistant to



         A watermarking algorithm for VS data authentication based on semi-fragile watermarking of
each frame of the video sequence is described in this section. The various steps for the watermarking
process are as follows.


        Watermark generation aims at producing a binary or ternary watermark W(X) using a digital
key K and host image f(x). The watermark key corresponds to the image owner or camera that has
captured the image. The block diagram of watermark generation and embedding is shown below.

       In the proposed method as indicating in the figure the watermark generation by using a pseudo
random number generator and appropriate thresholding.

        The watermark key used for watermarking a specific frame in the sequence is composed of the
camera id and frame number. Generating the watermark key using frame number provides the
advantage of producing frame–dependent watermarks.
        In this case, frame removal or frame substitution can be easily detected as non authentic. To
perform authenticity check, the detection should first know the frame number in the sequence which is
always zero.

         Watermark embedding is performed by altering all the pixels of the original frame according to
the following formula.
         Fw(x) = f(x)              if w(x) = 0
                   g1 (f(x), n(x)) if w(x) =-1
                    g2 (f(x), n(x)    if w(x) =1
         Where g1g2 are suitably designed function based on x.
         n(x) denotes a function that depends on neighborhood of x.

         The function g1g2 are called embedding function and are selected so as to detect the inverse
detection function. D (fw(x), n(x)). The detection function, when applied to the watermarked image
fw(x), produces the watermark w(x).
         D (fw(x), N(x)) = w(x)


        In the watermark detection procedure, the detector generates first the water mark for each
frame to be checked. To do so, the id number of camera that produce the sequence and the frame
number are needed.

       A detection function D is defined such that by applying the detection function to the
watermarked image a detection image d(x) is produced.
       d(x) = D (fw(x), n(x))

        Now we frame the false detection image given by

         Ew(x) =   1if w(x) ≠0 and w(x) ≠d(x)    0 otherwise

        The false detection image has value 1 if a watermarked pixel is falsely detected and 0
otherwise. The watermarked detection ratio is given by the ratio of the correctly detected pixel to the
sum of the watermarked pixels in the image.


       Authentication check is a two level process. A first level decision on image authenticity is taken
by comparing the watermark detection of the text image with a pre specified threshold T.

        If the first level decision test indicates that the image is somehow altered but authentic, a
second level decision test should be performed. This test indicates whether the alternations made on
the image are concentrated in certain regions (Malicious tampering) or one spread on the image
(innocuous alternations).



    1.   To protect the intellectual property right of a music publisher who distributes music scores over
         digital media.

                  Digital piracy is a serious concern to the musical industry. Customers receive music in
digital data format and such data can be pirated and redistributed very easily. By using image score
watermarking we can prevent this.

    2.   It can be used for everything from sending e-mail and storing medical records and legal
         contracts to conducting on-line transactions.

                                           9. ADVANTATGES

    1.   Robustness to high quality lossy image compression.
    2.   Automatic discrimination between malicious and innocuous manipulations.
    3.   Controllable visual deterioration of the VS sequence by varying the watermark embedding
    4.   Watermark embedding and detection can be performed in real time for digital data.

                                         10. DISADVANTAGES

1. Frame independent watermark can be easily found by comparative analysis of all image sequence
frames and then could be easily added again to fake frames.

2. The detector should know the frame number in order to perform authenticity check.

                                           11. CONCLUSION

         In these modern eras, visual surveillance system finds application in almost all fields, ranging
from commercial to defense. The video data acquired by VS system are forming vital evidence for
several legal situations. So for such situations, the importance of authenticating their content is very
high. Cryptography and watermarking based authenticating techniques are quite safe and efficient for
this purpose and they are likely to remain for quite for some while.

    1.   C. Ragazoni, G.Fabri, “Image Authentication Techniques for VS”, Proceedings of IEEE, October

    2.   M.M.Yeung and F.Mintzer “A watermark for digital image” IEEE Spectrum, April 2002.

    3.   “Digital Watermarking for protecting piracy”, Electronics for you, January 2003.

    4.   “Encryption wars”, IEEE Spectrum, April 2000.




    8.   Seminar topic Courtesy :


To top