Passive Attacks

Passive attacks can have dierent objectives such as detecting the presence of a valid watermark or knowing the associated information being carried by it. As mentioned in the beginning of this section, unlike active attacks, passive attacks do not attempt to alter the watermarking resources. However, a passive attack aims at knowing or exploiting the watermarking information and can have dif- ferent level of consequences depending upon what it tries to achieve. Therefore, three dierent levels for the passive attacks are dened considering their dier- ent objectives. These levels (to classify the passive attacks in each level) are called comprehensive detection attack, incisive detection attack, and detection only attack.

In a comprehensive detection attack, an adversary wins by achieving all the three levels of target given in Denition 3.18. Similarly, to win an incisive detec- tion attack, an adversary achieves the rst two levels of target but fails to achieve target level 3. In the basic form of passive attack, a detection only attack, an adversary wins only with the target level 1.

Denition 3.18 (Passive Attacks).

Level 1. (Detection only). An adversary only detects the presence of valid wa- termark, w ∈ W in a watermarked image, ¯i ∈ ¯I.

Level 2. (Incisive detection). An adversary distinguishes the watermark, w ∈ W from that of other watermarked image(s), ¯l∈ ¯I|¯l6= ¯i.

Level 3. (Comprehensive detection). An adversary obtains information at least partially (e.g., the message, m ∈ M and other image data, j ∈ J etc.) that the valid watermark, w ∈ W carries, without modifying the watermarked image, ¯i ∈ ¯I.

3.6 Discussion

The study of digital watermarking is by no means new [11,198]. Although it has received tremendous attention in dierent applications, a formal concept in their systematic development is yet to be established. Addressing this gap, in this chapter, research contributions are presented in three main parts: (i) a formal watermarking model (Section3.3), (ii) denitions and uses of fundamental

properties (Section 3.4), and (iii) possible attacks on the watermarking security (Section 3.5).

A novel formal generic watermarking model is developed for image applica- tions. Due to the high application variant properties of watermarking, focus is re- stricted to the image applications. The complete sets of possible inputs, outputs, and component functions have been determined by studying the watermarking schemes proposed for dierent image applications. Thereby, a basic watermark- ing model has initially been developed and later extended to a key-based model for completeness. Using the novel formal model and its inputs, outputs, and func- tional properties, all possible variants of digital image watermarking schemes can be characterized and described (for example, for security analysis). Additionally, the presented watermarking model can usefully be extended to other applications later.

In addition, a set of dening properties of watermarking has been highlighted and dened with their practical interpretation in dierent image applications. Particularly, the robustness and security properties of watermarking have been dened using a set of (signal and image based) processing techniques and of pos- sible attacks, respectively. Although robustness can be interpreted as a security property, the given denition would help avoid any potential confusion between them in the signal and image processing contexts. Some other properties, such as computational complexity and cost, are important; however, in this chapter, those properties have mainly been considered, which can vary with the applica- tion. Thus, addressing some hidden assumptions and associated confusions, the necessary corrections and clarications with examples have also been presented.

Moreover, a set of possible attacks have been dened with their win condi- tions using the presented watermarking model. Knowing the inputs, outputs, and win conditions helps one to visualize the possible attack scenarios, and thus helps conduct an application-specic security analysis more eciently. Depend- ing upon the application scenario and available data (e.g., watermarked image, watermark) and tools (e.g., embedding function), the attack-scenarios can be de- ned for a stronger or weaker adversary. However, as a notion of stronger security requirements, a weaker adversary has been considered, and the adversary actions have been classied into two categories: active and passive. Some active attacks, known as system attacks, aim at the protocols of the schemes. Two prominent system attacks, ambiguity and scrambling attacks, in addition to the common

active attacks, have also been dened. The passive attacks have been dened at three dierent levels (i.e., detection only, incisive detection, and comprehensive detection attacks) to illustrate the win conditions for an adversary. With all these attack denitions, it has been shown how an adversary of dierent capabilities may win with dierent conditions.

As a nal remark, the contributions presented in this chapter are a rst step towards a unied and intuitive theory for digital image watermarking. The pre- sented formal generic model of watermarking also allows a unied treatment of all practically meaningful variants of digital image watermarking. Additionally, the given considerations, denitions, and discussions help to further understand the fundamental dening properties and attacks, while avoiding some potential confusions and taking a step forward towards the systematic development of wa- termarking schemes. The work presented in this chapter has been supported with meaningful examples, necessary explanations, and comparative studies.

However, following up the current research to analyse the security of water- marking schemes using the presented watermarking model duly requires: (i) de- veloping complete attack models and (ii) dening security levels (in terms of possible attacks), for dierent image (and other) applications, which the next chapter will aim to address. Thereby, the following chapter will demonstrate another use of the presented novel formal generic watermarking model.

3.7 Chapter Summary

This chapter has captured the theoretical aspects of watermarking with their practical interpretations for the image applications. Two main components of the systematic approach (i.e., mathematical formalism and operation determi- nation) have been considered for watermarking. Thereby, a new formal generic watermarking model and formal denitions of fundamental watermarking prop- erties and possible attacks have been presented. More specically:

• The state of the watermarking model is substantially reviewed. Despite having the fundamental need for it in systemic development of watermark- ing schemes, a formal generic watermarking model is found lacking in the literature. Some common limitations of existing models (which are mostly watermarking scheme specic) have been identied: (i) incomplete consid- eration of inputs, outputs, and functions, (ii) lack of denitions for the watermarking properties, and (iii) incomplete realization of the application

scenarios.

• With a novel formal generic model, the watermarking principle has been formally conceptualized for the image applications, in terms of neces- sary inputs, outputs, and component functions. Four functions, namely, watermark-generation, -embedding, -detection and -extraction, have been considered demonstrating the use of individual keys for security purposes. • Formal denition of a set of fundamental watermarking properties (e.g.,

blindness, robustness, perceptual similarity, etc.) have been given using the presented watermarking model, with necessary examples and explanation. The given denitions help contextualize the usual literal meaning of the properties for the image applications.

• This chapter has presented a set of watermarking attacks giving their gen- eral context for image applications. Considering dierent capabilities, win- ning scenarios of adversary actions have been illustrated. This includes a number of active attacks (e.g., masking-, distortion-, forgery-, etc., attacks) and passive attacks (i.e., detection only, incisive detection and comprehen- sive detection).

• Finally, this chapter has recapitulated the presented facts and ndings, dis- cussed their signicance and pointed out the necessary tasks to be followed up in the research presented in the next chapters of this thesis.