Abstract
Media security is a subset of information security concerned with protecting the semantic information behind multimedia assets, such as images, instead of just representing the information. Media security problems can be divided into two main clusters: creator-centric and content-centric. With the growing reliance on multimedia content in citizens’ daily lives, both professionally and in their private lives, media security is becoming an essential technology to include in many applications. Furthermore, media security is no longer a niche; many applications need media security tools and solutions in addition to more general security tools and solutions such as symmetric or asymmetric encryption. At the same time, media security tools and solutions are increasingly essential elements in many professional and private applications that have become multimedia-rich.
You have full access to this open access chapter, Download chapter PDF
1 Introduction
Technological advancements make it easy to capture, process and distribute multimedia content such as sound, picture, and video. This has been made possible through the widespread use of mobile multimedia devices, access to cloud computing infrastructure, broadband communication, and social networks. However, this paradigm also brings new security challenges, particularly in media security. Media security is a subset of information security and is concerned with protecting the semantic information behind multimedia assets, such as images, instead of just representing the information. Media security problems can be divided into two main clusters: creator-centric and content-centric. The former is about problems related to the content creator, such as copyright protection and source authentication. The latter concerns the content, such as conditional access and integrity verification. Media security solutions include labeling, monitoring, fingerprinting, forensics, and watermarking.
2 Analysis
With advances in information and communication technologies, it is now easy to capture, process (including manipulate), and widely distribute content seamlessly. The past practices where the content was produced by just a few professionals (e.g. press and media outlets) and distributed through a limited number of channels (e.g. Radio and TV) have been replaced by social media or user-generated content where not only professionals but also consumers can now generate content of all sorts in the form of sound, picture and video and to distribute them widely.
This change has been, in particular, triggered by the wide adoption of mobile multimedia (e.g. smartphones with high-performance cameras and microphones, powerful processors, and wideband networks), a growing number of Internet of Multimedia Things (e.g. security cameras, smart glasses, wearable cameras), access to affordable cloud computing infrastructure (e.g. ample capacity storage and processing power and associated software), broadband communication (e.g. high-speed Internet and 5G), social networks (e.g. Instagram, Snapchat, and TikTok) and computational imaging and computer vision based on artificial intelligence.
This new paradigm brings considerable advantages and challenges, particularly regarding security.
Media security is a subset of information security where the information exhibits several specificities, among which the most important are:
-
The information in media has a perceptual dimension, in the sense that it is destined to be perceived either by humans (in a large majority of cases today) or analyzed by machines (a growing trend).
-
The information in media exhibits a particular underlying structure that can be leveraged both to secure and attack them.
-
The information in media often represents high-value assets either from monetary (e.g. music and movies) or affective (photos of essential persons or events) viewpoints.
Many tools and solutions developed in generic information security can be directly applied to media. For example, one could digitally sign (see Chap. 15) an image to enable viewers to check its authenticity. This is of limited use to secure media because media security is about protecting information, not a specific representation of it. Consequently, to protect the integrity of information in an image, one would need a technology that is indifferent to converting the image to a different format or slight change to its resolution. It should also be able to cope with image artifacts caused by such conversions, such as compression artifacts.
One of the significant differences and the main objective of media security is to protect the semantic information representing assets in multimedia as opposed to the protection of the specific representation of such content. For example, when protecting the integrity of a picture in JPEG format, a good media security solution will not merely protect the integrity of the bits that represent that picture in that format but the semantic content behind those bits. This can be done in such a way that the integrity would still be protected if those bits change (for example, in the picture is converted to PNG format) without changing the content behind the bits (as far as the content of the picture has not changed and it is perceived the same).
In addition, several security concepts, such as integrity protection, are different in the context of media than in generic information. Others, such as watermarking, have no direct counterparts.
Media security problems can be divided into two main clusters, creator-centric and content-centric. The first one is about the problems generated by the content creator. These also can be divided into two categories: copyright protection, ensuring that the creator has the rights related to the content, and source authentication, which ensures that the content is related to its creator. The second cluster is about the content itself. It also can be divided into two categories: conditional access, which can be linked to digital right management (see Chap. 28), and integrity verification which is about verifying that the content has not been modified (Fig. 30.1).
Media security problems and related solutions
2.1 Definition
Labeling [1]: Annotation of multimedia content by taking advantage of its metadata insertion mechanism by providing information about the condition of use and ownership. The label can be put in a pre-defined location in the file format and accessed or in the form of a visible mark, logo, or label, mainly when the content is of visual form.
Monitoring [2]: Tracing the ownership changes of a digital asset (content) by keeping a record of it in a ledger (e.g. in a blockchain).
Fingerprinting [3]: Inclusion of information about interactions between users and content into a media asset.
Forensics [4]: General terminology refers to all analytical techniques to detect if a digital asset has been tampered with or is coming from the claimed source.
Watermarking [5]: Insertion of imperceptible information (e.g. an identifier) through a secret code within a digital asset.
Encryption [6]: An algorithm to convert a piece of clear information into a cipher text and vice versa through a secret key.
Hashing [7]: An algorithm that cryptographically maps a digital asset into a pre-defined number of bits in a hard-to-reverse manner to create a unique fingerprint of the content that will be changed with the slightest modifications. A perceptual hash is an algorithm like a cryptographic hash, but the signature is modified only when the semantic content of the digital asset is modified.
Data hiding [8]: Refers to all techniques which aim at obfuscating the existence of a covert message. Often the hidden message is represented in a container of the same or other modality of information as opposed to the modality of the message itself. Information hiding techniques such as steganography extensively use multimedia content for data hiding.
Provenance [9]: Refers to algorithms and procedures that produce a log of the history of a digital asset from creation to the moment it is being accessed or consumed.
Scrambling [10]: Refers to algorithms similar to encryption but targeted to media assets and preserve the nature of the content after they have been applied (e.g. a scrambled JPEG image will remain a JPEG image and can be displayed as such). The degree of modification in scrambling can often be set to make the content more or less intelligible. For example, scrambling could be applied to a specific portion of the media asset.
Deepfake detection [11]: Generally, it refers to digital assets in the form of audio, image, or video (often containing people) where artificial intelligence techniques are used to change the content. Shallowfakes and cheapfakes are variations of the latter where either the techniques could be more efficient or when they are not based on artificial intelligence. However, the objective of the manipulation is the same. Artificial intelligence can also be used to detect such manipulations through training with examples. However, these techniques only work on transformed digital assets rather than the ones generated from scratch.
2.2 Trends
With the growing reliance on multimedia content in the daily lives of citizens, both professionally and in their private lives, media security is becoming an essential technology to include in many applications. The following presents some of the immediate challenges and trends:
-
Privacy protection in pictures and video, particularly for video surveillance and social networks and especially in the context of GDPR [12].
-
Countermeasures to fight the growing use of deepfakes to spread misinformation.
-
Media security standardization to create interoperable, secure ecosystems, particularly those developed by International Standardization Organizations such as JPEG [13].
3 Consequences for Switzerland
Historically, Switzerland has been considered a country of stability, trust, and security. Several standard-setting organizations dealing with information and communication technologies, including those defining security mechanisms, are also based in Switzerland, and it is easier for Swiss actors in media security to play an essential role in the definition of media security standards that will be the backbone of information and communication technologies in the new world order. Furthermore, like any other country, Switzerland is also vulnerable to misinformation which can result in unrest and instability and hurt its so-far impeccable image.
3.1 Implementation Possibilities: Make or Buy
It is only possible to decide abstractly and by knowing the precise application and context, if media security tools should be made, tailored, or bought from third parties. However, some guidelines can provide help to find the answer on a case-by-case basis:
-
Proprietary and closed solutions in media security should be avoided. In a security context, it has been demonstrated multiple times that security tools and systems whose specifications are kept secret are weaker and more vulnerable to attacks when compared to open and publicly accessible specifications [14].
-
Media security tools and solutions based on international standards where multiple suppliers can be identified as providers of tools and solutions are mainly preferable.
-
In mission-sensitive contexts, including in applications relevant to national security, design, and validation, in particular, the security analysis of tools and solutions should be performed internally and externally by relying on trusted third parties.
3.2 Variations and Recommendation
Media security is no longer a niche; many applications need media security tools and solutions in addition to more general security tools and solutions such as symmetric or asymmetric encryption. Therefore, Switzerland needs to strengthen its skills and know-how in media security through initiatives to encourage education and public-private collaborations. In most cases, media security tools and solutions can result in successful business opportunities for those involved.
4 Conclusion
Media security refers to a large spectrum of tools and solutions that often need to be sufficiently and optimally addressed through generic information security tools and solutions. At the same time, media security tools and solutions are increasingly essential elements in many professional and private applications that have become multimedia-rich. Breach of security in applications where multimedia information is used can have devastating and irreversible consequences. This can go from impact on the privacy of citizens to manipulation of public opinion through misinformation, which is particularly dangerous in the Swiss context where direct democracy is a foundational principle, requiring well-informed citizens who need to depend on reliable information. Because of these reasons, media security must have a prominent position in the Swiss strategy in cybersecurity in the years to come.
References
Xiao Jin, Yuting Su, Liang Zou, Chengqian Zhang, Peiguang Jing, and Xuemeng Song. Video logo removal detection based on sparse representation. Multimedia Tools and Applications, 77(22):29303–29322, November 2018.
Lijun Xiao, Weihong Huang, Yong Xie, Weidong Xiao, and Kuan-Ching Li. A Blockchain-Based Traceable IP Copyright Protection Algorithm. IEEE Access, 8:49532–49542, 2020.
Xiushan Nie, Xiaoyu Li, Yane Chai, Chaoran Cui, Xiaoming Xi, and Yilong Yin. Robust Image Fingerprinting Based on Feature Point Relationship Mining. IEEE Transactions on Information Forensics and Security, 13(6):1509–1523, June 2018.
Kratika Bhagtani, Amit Kumar Singh Yadav, Emily R. Bartusiak, Ziyue Xiang, Ruiting Shao, Sriram Baireddy, and Edward J. Delp. An Overview of Recent Work in Media Forensics: Methods and Threats, May 2022. arXiv:2204.12067 [cs].
Wenbo Wan, Jun Wang, Yunming Zhang, Jing Li, Hui Yu, and Jiande Sun. A comprehensive survey on robust image watermarking. Neurocomputing, 488:226–247, June 2022.
Mandeep Kaur, Surender Singh, and Manjit Kaur. Computational Image Encryption Techniques: A Comprehensive Review. Mathematical Problems in Engineering, 2021:e5012496, July 2021. Publisher: Hindawi.
Hany Farid. An Overview of Perceptual Hashing. Journal of Online Trust and Safety, 1(1), October 2021. Number: 1.
Inas Jawad Kadhim, Prashan Premaratne, Peter Vial, and Brendan Halloran. Comprehensive survey of image steganography: Techniques, Evaluations, and trends in future research. Faculty of Engineering and Information Sciences - Papers: Part B, pages 299–326, January 2019.
Imani N. Sherman, J. W. Stokes, and Elissa M. Redmiles. Designing Media Provenance Indicators to Combat Fake Media. RAID, 2021.
Alia Madain, Abdel Abu Dalhoum, Hazem Hiary, Alfonso De la Puente, and Manuel Alfonseca. Audio scrambling technique based on cellular automata. Multimedia Tools and Applications, 71, August 2012.
Md Shohel Rana, Mohammad Nur Nobi, Beddhu Murali, and Andrew H. Sung. Deepfake Detection: A Systematic Literature Review. IEEE Access, 10:25494–25513, 2022.
General Data Protection Regulation (GDPR) Compliance Guidelines. https://gdpr.eu/, August 2022.
JPEG. https://jpeg.org/, August 2022.
Kyndall Elliott. Impact Of Using Open Source Software On Cybersecurity. https://www.cybersaint.io/blog/impact-of-using-open-source-software-on-cybersecurity, 2022.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.
Copyright information
© 2023 The Author(s)
About this chapter
Cite this chapter
Ebrahimi, T. (2023). Secure Media. In: Mulder, V., Mermoud, A., Lenders, V., Tellenbach, B. (eds) Trends in Data Protection and Encryption Technologies . Springer, Cham. https://doi.org/10.1007/978-3-031-33386-6_30
Download citation
DOI: https://doi.org/10.1007/978-3-031-33386-6_30
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-33385-9
Online ISBN: 978-3-031-33386-6
eBook Packages: Computer ScienceComputer Science (R0)