SLIC: Secure Learned Image Codec through Compressed Domain Watermarking to Defend Image Manipulation

• URL: http://arxiv.org/abs/2410.15075v1
• Date: Sat, 19 Oct 2024 11:42:36 GMT
• Title: SLIC: Secure Learned Image Codec through Compressed Domain Watermarking to Defend Image Manipulation
• Authors: Chen-Hsiu Huang, Ja-Ling Wu,
• Abstract summary: This paper introduces the Secure Learned Image Codec (SLIC), a novel active approach to ensuring image authenticity. SLIC embeds watermarks as adversarial perturbations in the latent space, creating images that degrade in quality upon re-compression if tampered with. Our method involves fine-tuning a neural encoder/decoder to balance watermark invisibility with robustness, ensuring minimal quality loss for non-watermarked images.
• Score: 0.9208007322096533
• License:
• Abstract: The digital image manipulation and advancements in Generative AI, such as Deepfake, has raised significant concerns regarding the authenticity of images shared on social media. Traditional image forensic techniques, while helpful, are often passive and insufficient against sophisticated tampering methods. This paper introduces the Secure Learned Image Codec (SLIC), a novel active approach to ensuring image authenticity through watermark embedding in the compressed domain. SLIC leverages neural network-based compression to embed watermarks as adversarial perturbations in the latent space, creating images that degrade in quality upon re-compression if tampered with. This degradation acts as a defense mechanism against unauthorized modifications. Our method involves fine-tuning a neural encoder/decoder to balance watermark invisibility with robustness, ensuring minimal quality loss for non-watermarked images. Experimental results demonstrate SLIC's effectiveness in generating visible artifacts in tampered images, thereby preventing their redistribution. This work represents a significant step toward developing secure image codecs that can be widely adopted to safeguard digital image integrity.

Related papers

• ESpeW: Robust Copyright Protection for LLM-based EaaS via Embedding-Specific Watermark [50.08021440235581]
  Embeds as a Service (Eding) is emerging as a crucial role in AI applications. Eding is vulnerable to model extraction attacks, highlighting the urgent need for copyright protection. We propose a novel embedding-specific watermarking (ESpeW) mechanism to offer robust copyright protection for Eding.
  arXiv  Detail & Related papers  (2024-10-23T04:34:49Z)
• Social Media Authentication and Combating Deepfakes using Semi-fragile Invisible Image Watermarking [6.246098300155482]
  We propose a semi-fragile image watermarking technique that embeds an invisible secret message into real images for media authentication. Our proposed framework is designed to be fragile to facial manipulations or tampering while being robust to benign image-processing operations and watermark removal attacks.
  arXiv  Detail & Related papers  (2024-10-02T18:05:03Z)
• Certifiably Robust Image Watermark [57.546016845801134]
  Generative AI raises many societal concerns such as boosting disinformation and propaganda campaigns. Watermarking AI-generated content is a key technology to address these concerns. We propose the first image watermarks with certified robustness guarantees against removal and forgery attacks.
  arXiv  Detail & Related papers  (2024-07-04T17:56:04Z)
• RAW: A Robust and Agile Plug-and-Play Watermark Framework for AI-Generated Images with Provable Guarantees [33.61946642460661]
  This paper introduces a robust and agile watermark detection framework, dubbed as RAW. We employ a classifier that is jointly trained with the watermark to detect the presence of the watermark. We show that the framework provides provable guarantees regarding the false positive rate for misclassifying a watermarked image.
  arXiv  Detail & Related papers  (2024-01-23T22:00:49Z)
• FT-Shield: A Watermark Against Unauthorized Fine-tuning in Text-to-Image Diffusion Models [64.89896692649589]
  We propose FT-Shield, a watermarking solution tailored for the fine-tuning of text-to-image diffusion models. FT-Shield addresses copyright protection challenges by designing new watermark generation and detection strategies.
  arXiv  Detail & Related papers  (2023-10-03T19:50:08Z)
• Robustness of AI-Image Detectors: Fundamental Limits and Practical Attacks [47.04650443491879]
  We analyze the robustness of various AI-image detectors including watermarking and deepfake detectors. We show that watermarking methods are vulnerable to spoofing attacks where the attacker aims to have real images identified as watermarked ones.
  arXiv  Detail & Related papers  (2023-09-29T18:30:29Z)
• T2IW: Joint Text to Image & Watermark Generation [74.20148555503127]
  We introduce a novel task for the joint generation of text to image and watermark (T2IW) This T2IW scheme ensures minimal damage to image quality when generating a compound image by forcing the semantic feature and the watermark signal to be compatible in pixels. We demonstrate remarkable achievements in image quality, watermark invisibility, and watermark robustness, supported by our proposed set of evaluation metrics.
  arXiv  Detail & Related papers  (2023-09-07T16:12:06Z)
• Invisible Image Watermarks Are Provably Removable Using Generative AI [47.25747266531665]
  Invisible watermarks safeguard images' copyrights by embedding hidden messages only detectable by owners. We propose a family of regeneration attacks to remove these invisible watermarks. The proposed attack method first adds random noise to an image to destroy the watermark and then reconstructs the image.
  arXiv  Detail & Related papers  (2023-06-02T23:29:28Z)
• FaceSigns: Semi-Fragile Neural Watermarks for Media Authentication and Countering Deepfakes [25.277040616599336]
  Deepfakes and manipulated media are becoming a prominent threat due to the recent advances in realistic image and video synthesis techniques. We introduce a deep learning based semi-fragile watermarking technique that allows media authentication by verifying an invisible secret message embedded in the image pixels.
  arXiv  Detail & Related papers  (2022-04-05T03:29:30Z)
• A Robust Document Image Watermarking Scheme using Deep Neural Network [10.938878993948517]
  This paper proposes an end-to-end document image watermarking scheme using the deep neural network. Specifically, an encoder and a decoder are designed to embed and extract the watermark. A text-sensitive loss function is designed to limit the embedding modification on characters.
  arXiv  Detail & Related papers  (2022-02-26T05:28:52Z)
• Robust Watermarking using Diffusion of Logo into Autoencoder Feature Maps [10.072876983072113]
  In this paper, we propose to use an end-to-end network for watermarking. We use a convolutional neural network (CNN) to control the embedding strength based on the image content. Different image processing attacks are simulated as a network layer to improve the robustness of the model.
  arXiv  Detail & Related papers  (2021-05-24T05:18:33Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.