Category Archives: Authenticate

Improved PRNU-Based Forgery Localization

In a past post, we presented several improvements we did to Amped Authenticate’s Camera Identification filter based on PRNU analysis. Those improvements propagated also to the PRNU Tampering filter so that Amped Authenticate also features an improved algorithm for forgery localization. Improvements mainly include:

Peak-to-Correlation Energy-based (PCE) analysis
During block-based analysis, the PCE is computed and the point yielding the maximum PCE value (peak) is considered. If the peak is in the expected position, the block is considered authentic; if the peak is in a different position, then the PCE value is compared with a threshold to decide the authenticity of the block.

Support for multi-core processing
If your CPU features multiple logical cores, block-based analysis will run in parallel, thus reducing the computation time.

Faster, easier training
Thanks to PCE robustness, there is no need to train a separate model for forgery detection: you can use the same .crp file created for Camera Identification.

Forgery localization for cropped images
If the image is cropped and/or rotated before or after manipulation, the PRNU Tampering filter will detect cropping, compensate for it and run the forgery localization algorithm. The same applies to resizing and/or rotation. Combination of resizing and cropping is not supported yet.

Alert for unreliable regions
PRNU-based forgery localization is not reliable in saturated areas (i.e., totally white or black regions of the image). Indeed, for those pixels, it is impossible to discriminate between the image content and the actual sensor noise. The new version of PRNU-based forgery localization enables highlighting of white and black saturated pixels (marked in yellow and blue, respectively), in order to help the analyst rule out false alarms. Continue reading

All is not as it seems

Digital images are frequently used to provide supporting evidence within papers and reports, yet are not routinely submitted to any scientific process of authentication. In a world in which the tools to digitally manipulate an image are freely available, it’s no longer acceptable to simply take these images at face value.

The past 12 months has seen the scientific community rocked by a series of scandals relating to the use of manipulated images within published scientific research.

Researchers’ ambition to gain scientific exposure, to achieve career advancement or to secure funding, can drive them to embellish their results in order to attain their goals in the increasingly competitive world of scientific discovery. Equally, the pressure to publish can see them stumbled across doctored images and incorporate them by mistake. In these cases, not only is the individual’s reputation at risk, but also their colleagues’ who are oblivious to the altered nature of the images. The impact of these images is extensive and far-reaching: they threaten to endanger the name of the organization for which the researcher is working, as well as calling into question the integrity of the scientific community at large. This is a critical issue in the current technological day and age, yet very little is being done to address it. Bearing in mind the damage that doctored images can do, scientific publishers and research institutes ought to be more rigorous when setting out the requirements for images that are used in papers.

If some basic screening were applied more extensively to scientific publications, with minimal effort we would be in a much better position to guarantee, or dispute, the authenticity of images within scientific papers for the benefit of science and its wider community.

Working to detect image manipulation in the world of science is a long-term battle, just as it is in photojournalism, forensics, and in any other field where image manipulation is a growing threat to the veracity of images.

Read the full article published in Laboratory News.

It’s time to get real about fake imagery

As technology has enabled mainstream, widespread image manipulation, it is not surprising that there has been a huge increase in the number of tampered images which find their way into a wide spectrum of industries and sectors. Incidents of doctored images frequently appear in mainstream media where they incite cries of “fake news”.

For example, a photo at the G20 summit this year featured a photoshopped president Putin, giving the impression that he was colluding with president Donald Trump.  The photo proceeded to spread like wildfire across the internet, instigating huge political ramifications from a digital fabrication which would have taken a few minutes to create on a laptop. Last August also showed our vulnerability to tampered photos, with the circulation of a photoshopped image of a shark swimming up the freeway during hurricane Harvey indicating a larger problem with major international news outlets spreading the image as genuine.

Equally there is significant evidence of doctored images being used to support fraudulent scientific research internationally. Doctored experiment results and images continue to rock the research industry with every new fraudulent revelation.   A prominent cancer research scientist in Italy has been under investigation for using a photography studio to manipulate images pivotal to the crux of the “ground breaking” research. Indeed, the journal Nature has suggested that up to 1 in 5 scientific papers contain evidence of some sort of manipulation.

It is clear therefore, that when the stakes are high enough, people will manipulate the truth, and unfortunately given our tendency to trust photographic images, it seems that it is currently worth their while to do so. When the stakes are as high as imprisonment, it is easy to see how tempting it may be to manipulate an image to support an alibi or a particular version of events.

Unfortunately, security investigations are by no means immune to this phenomenon either. In fact, given the increase in the sources of digital images, the integrity of evidence in such investigations is at its all-time most vulnerable. Body worn cameras, smart phones and increasingly sophisticated CCTV surveillance means that investigators are now dealing with a fast-growing pile of unverified evidence.

Read the full article published in The Intersec Journal of International Security.

Investigating Image Authenticity

This article, published in Evidence Technology Magazine, takes a look at two cases involving the authentication of digital images and the importance of the questions asked of the analyst during those investigations. It looks at how authentication software, such as Amped Authenticate has been designed with a structured workflow, to locate the puzzle pieces required to assist in answering those questions.

Read the full article here.

Only a matter of time until fake evidence leads to false convictions

With the rise of the digital age can experts trust that photographic evidence is legitimate?

Sophie Garrod, from Police Oracle, writes about how a growing number of forensic and counter-terrorism units are getting on board with pioneering image authentication software.

Approximately a third of UK forces have invested in Amped Software products – including Amped Authenticate, an all in one computer programme which can detect doctored images.

Forensic image departments, counter-terrorism units, and government departments say they are saving time and money by sending detectives on a short training course in the software.

Read the full article here to learn more.

The Authenticate Countdown to Christmas

It’s beginning to look a lot like Christmas!

Christmas is coming! To celebrate that Christmas is almost here we will share a daily tip and trick on how to authenticate your digital photo evidence with Amped Authenticate.

Follow us daily on our social networks in the month of December as we open the 24 doors of our Authenticate Advent Calendar. The countdown starts now!

#AuthenticateChristmas

Follow us on Twitter, Facebook, LinkedIn, Google PlusYouTube

You can also visit our website daily as we open the doors of our Advent Calendar here.

Seeing Beyond the Image

Martino Jerian, Amped CEO and Founder, examines context, content, and format of images. From the images and the context in which they are used we can obtain a lot of information that is not visible with the naked eye, and for what is visible with the naked eye, can we trust it? The process of authenticating an image is a mix of technical and investigative elements. This article looks at how to perform a complete image analysis.

Read the article published in the Digital Forensics magazine.

Proving a negative

I have a dear old friend who is a brilliant photographer and artist. Years ago, when he was teaching at the Art Center College of Design in Pasadena, CA, he would occasionally ask me to substitute for him in class as he travelled the world to take photos. He would introduce me to the class as the person at the LAPD who authenticates digital media – the guy who inspects images for evidence of Photoshopping. Then, he’d say something to the effect that I would be judging their composites, so they’d better be good enough to fool me.

Last year, I wrote a bit about my experiences authenticating files for the City / County of Los Angeles. Today, I want to address a common misconception about authentication – proving a negative.

So many requests for authentication begin with the statement, “tell me if it’s been Photoshopped.” This request for a “blind authentication” asks the analyst to prove a negative. It’s a very tough request to fulfill.

In general, this could be obtained with a certain degree of certainty if the image is verified to be an original from a certain device, with no signs of recapture and, possibly verifying the consistency on the sensor noise pattern (PRNU).

However, it is very common nowadays to work on images that are not originals but have been shared on the web or through social media, usually multiple consecutive times. This implies that metadata and other information about the format are gone, and usually the traces of tampering – if any – have been covered by multiple steps of compression and resizing. So you know easily that the picture is not an original, but it’s very difficult to rely on pixel statistics to evaluate possible tampering at the visual level.

Here’s what the US evidence codes say about authentication (there are variations in other countries, but the basic concept holds):

  • It starts with the person submitting the item. They (attorney, witness, etc.) swear / affirm that the image accurately depicts what it’s supposed to depict – that it’s a contextually accurate representation of what’s at issue.
  • This process of swearing / affirming comes with a bit of jeopardy. One swears “under penalty of perjury.” Thus, the burden is on the person submitting the item to be absolutely sure the item is contextually accurate and not “Photoshopped” to change the context. If they’re proven to have committed perjury, there’s fines / fees and potentially jail time involved.
  • The person submits the file to support a claim. They swear / affirm, under penalty of perjury, that the file is authentic and accurately depicts the context of the claim.

Then, someone else cries foul. Someone else claims that the file has been altered in a specific way – item(s) deleted / added – scene cropped – etc.

It’s this specific allegation of forgery that is needed to test the claims. If there is no specific claim, then one is engaged in a “blind” authentication (attempting to prove a negative). Continue reading

Exposing fraudulent digital images

As a predominantly visual species, we tend to believe what we see. Throughout human evolution, our primary sense of sight has allowed us to analyse primeval threats. We are genetically hardwired to process and trust what our eyes tell us.

This innate hardwiring means that the arrival of digital images has posed a problem for the fraud investigation community. There are many different reasons why someone would want to
maliciously alter a photo to ‘tell a different story’. Although photos can be manipulated with ease, many people still harbour a natural tendency to trust photos as a true and accurate representation of the scene in front of us.

The article published in Computer Fraud & Security describes how images may be altered and the techniques and processes we can use to spot photos that have been modified. With the right tools and training, exposing doctored images in fraud investigations is now not only financially and technically viable, but urgently necessary.

Read the full article here

Experimental validation of Amped Authenticate’s Camera Identification filter

We tested the latest implementation (Build 8782) of PRNU-based Camera Identification and Tampering Localization on a “base dataset” of 10.069 images, coming from 29 devices (listed in the table below). We split the dataset in two:
– Reference set: 1450 images (50 per device) were used for CRP estimation
– Test set: 8619 images were used for testing. On average, each device was tested against approximately 150 matching images and approximately 150 non-matching images.

It is important to understand that, in most cases, we could not control the image creation process. This means that images may have been captured using digital zoom or at resolutions different than the default one, which makes PRNU analysis ineffective. Making use of EXIF metadata, we could filter out these images from the Reference set. However, we chose not to filter out such images from the Test set: we prefer showing results that are closer to real-world cases, rather than tricking the dataset to obtain 100% performance.

Using the above base dataset, we carried out several experiments:
– Experiment 1) testing the system on images “as they are”
– Experiment 2) camera identification in presence or rotation, resize and JPEG re-compression
– Experiment 3) camera identification in presence of cropping, rotation and JPEG re-compression
– Experiment 4) discriminating devices of the same model
– Experiment 5) investigating the impact of the number of images used for CRP computation.

Continue reading