Category Archives: Authenticate

Cowboys versus Bureaucrats: Attitude and Tools

There were a couple of interesting discussions this week which prompted me to write this blog post. One is related to the scientific methods used during the analysis of images and videos, the other relates to the tools used.

There was a pretty interesting and detailed conversation that happened on an industry specific mailing list where a few experts debated about the scientific and forensic acceptability of different methodologies. This discussion began with the reliability of speed determination from CCTV video but then evolved into a more general discussion.

There are two extreme approaches to how forensic video analysts work: let’s call one group the cowboys and the other the bureaucrats. I’ve seen both kinds of “experts” in my career, and – luckily – many different variations across this broad spectrum.

What is a cowboy? A cowboy is an analyst driven only by the immediate result, with no concern at all for the proper forensic procedure, the reliability of his methods and proper error estimation. Typical things the cowboy does:

  • To convert a proprietary video, he just does a screen capture maximizing the player on the screen, without being concerned about missing or duplicated frames.
  • Instead of analyzing the video and identify the issues to correct, he just adds filters randomly and tweaks the parameters by eye without any scientific methodology behind it.
  • He uses whatever tool may be needed for the job, recompressing images and videos multiple times, using a mix of open source, free tools, commercial tools, plugins, more or less legitimate stuff, maybe some Matlab or Python script if he has the technical knowledge.
  • He will use whatever result “looks good” without questioning its validity or reliability.
  • If asked to document and repeat his work in detail he’ll be in deep trouble.
  • If asked the reason and validity of choosing a specific algorithm or procedure, he will say “I’ve always done it like this, and nobody ever complained”.
  • When asked to improve a license plate he will spell out the digits even if they are barely recognizable on a single P frame and probably are just the result of compression artifacts amplified by postprocessing.
  • When asked to identify a person, he will be able to do so with absolute certainty even when comparing a low-quality CCTV snapshot with a mugshot sent by fax.
  • When sending around results to colleagues he just pastes processed snapshots into Word documents.
  • When asked to authenticate an image, he just checks if the Camera Make and Model is present in the metadata.

Continue reading

Can you trust what you show in Court?

If you present an object, an image, or a story to a courtroom, you must be able to trust that it is accurate.

How then, do you trust an image – a digital photograph, a snapshot in time of an object, a person or a scene? Do you trust what the photographer says? Or do you check it? Do you attempt to identify any signs of manipulation that could cast doubt on the weight of the evidence?

How many members of the public are aware of the Digital Imaging Procedure? What about the guidance surrounding computer based information, which includes digital images and video? What about the person that is receiving that file? Perhaps the investigating officer. Are they aware of the importance of image authentication?

Is the Criminal Justice System naive to believe that fake images do not end up being displayed in court and presented as truth? Even if it is a rarity now, we need to think of the future. To start with, we must ask ourselves, “Can we rely on the image we see before us? Has it been authenticated?”

Read the article published by The Barrister magazine to learn about the importance of authenticating images before submitting them as evidence.

Altered images: The challenge of identifying fake photographs

Fake photographs have been around for almost as long as the camera, but in a digital age of photography, the ability to alter images has never been easier. EU Forensic Video Expert David Spreadborough examines the current challenges surrounding authenticating images.

Thanks to the latest administration in the USA, the term ‘fake news’ has become a popular method of explanation to an event created within social media. The problem is that news agencies and websites find these invented stories and then republish, therefore causing the spread and proliferation of the fake story.

You may have seen this image recently during the G20 meeting of world leaders. Looks like a serious conversation. It may have been, but Putin was never there. Find a picture, create a story, ‘Photoshop’ the picture, then tweet it. The fake news cycle then starts. The more relevant the story, the quicker the spread.

The modification of images to tell a different story is nothing new, it’s been happening since the early days of photography. A popular myth is that it’s a problem caused by the digital age. An example is the photo of The Cottingley Fairies. Although I accept that digitisation has made things a lot easier and a lot more convincing.

Over the past few months, entwined between the ‘fake news’ stories have been several reports of manipulated images appearing in academic studies. It is easy to understand how people can be swayed to change a couple of images to validate a piece of research if it assists in the success of a financial grant. Images in documents used to prove qualifications and images proving the existence of large, wild cats in southern England have also all recently been found to be fake, or maliciously manipulated. When someone fakes an image, it is simply to present an event in a different way than the original moment in time. Continue reading

Amped Authenticate Update 9446: CameraForensics Integration, New Quantization Tables Database and Much More

We’ve just launched some pretty important additions to Amped Authenticate. Not only have we integrated it with CameraForensics, but we have also made some major improvements to the quantization tables in addition to many other internal improvements. Read below for the details.

CameraForensics Integration

The main purpose of Amped Authenticate is to verify if a picture is an original coming from a specific device or if it’s the result of manipulation using image editing software. One of the main tests to verify the file integrity is to acquire the camera that is assumed to be the one that has generated the photo (or at least the same model) and verify if the format is compatible with the file under analysis.

While this sounds easy in practice, many devices have so many different settings and because of this it can be challenging to recreate the same conditions. Furthermore, the camera is often not available.

What if we look on the web for pictures coming from a specific device? While we cannot, in general, guarantee the integrity of files downloaded from the web, we can triage them pretty easily and do a comparison with the image under analysis.

But how do you search for images on the web in an efficient manner? We have had “Search for Images from Same Camera Model…” in Authenticate for quite some time. It allows you to search on Google Images and Flickr, but the search is not always optimal, as it has to apply different workarounds to work efficiently in a forensic setting.

So, what if someone built a database of pictures on the web, optimized for investigative use, enabling you to instantly search for images coming from a specific device and with specific features such as resolution and JPEG quantization tables? Turns out the guys at CameraForensics did exactly this (and much more) and we partnered with them to provide a streamlined experience.

Let’s see how it works. Continue reading

Understanding how online services change images

During a recent workshop on image authentication, I ran a few practical sessions. One concentrated on the changes that online services and social media platforms make to the images that we upload. It turned out to be an interesting experiment that has had some structured research over the past few years.

These are excellent starting resources when developing any internal Standard Operating Procedure:

A Classification Engine for Image Ballistics of Social Data: https://arxiv.org/abs/1610.06347

A Forensic Analysis of Images on Online Social Networks: http://ieeexplore.ieee.org/abstract/document/6132891/

Why is this important?

Continue reading

Are Amped Software products validated or certified officially for forensic use?

We work in the field of forensic video analysis, which is generally intended as the analysis of the images themselves and their context in a legal setting. For this reason, our customers often ask us if our products are valid for court use and if they have been validated and certified. We have written this post as an answer to the most common questions related to this topic.

You can also download this as a PDF document here

What are the scientific foundations of Amped Software products?

All the processes implemented in our software follow the principles of scientific methodology. Any process follows these basic principles:

  1. Accuracy (Reliability): our tools and training program help users avoid processing errors caused by the implementation of an inappropriate tool or workflow and help mitigate the impact of human factors / bias.
  2. Repeatability: the same process, executed by the same user at a different time, must lead to the same result. The project format in Amped FIVE, for example, does not save any image data. Every time a project is reopened, all the processing happens again starting from the original data. In the event that a project file is lost or as a part of a validation or other test scenario, the same user can repeat the steps and settings, guided by the tool’s report, and achieve the same results.
  3. Reproducibility: another user with the proper competency, should be able to reproduce the same results. Amped FIVE generates a complete report detailing all the steps of the processing, the settings / parameters applied, a description of the algorithms employed in the processing and the scientific references for those algorithms (when applicable). In this way, another user, with a different tool set or by implementing the same algorithms, should be able to reproduce the same results. Given the huge number of implementation details and possible differences, it is not expected to produce a bit by bit copy of the results, but only to produce an image of similar informative content.

Additionally, we apply strict due diligence on the applicability of the algorithms for the forensic environment. Not every algorithm is, in fact, properly applicable in a forensic science setting. We cannot use algorithms which have a random component because they would not be reproducible and repeatable (when we do, we set a fixed seed for the random number generation) and we cannot use algorithms which “add” external data to the original, for example improving the quality of a face with information added from an average face. All information is derived from the actual evidence file.

We employ algorithms which have been validated by the scientific community through peer review, such as university textbooks, scientific publications, or conference papers. If for some specific task, there are not good enough algorithms available or we need to adapt existing algorithms, we describe the algorithm and attempt to publish them in scientific journals. Continue reading

Is that image authentic?

With digital images, people are starting to ask the question – “is it authentic?”

My first digital camera was probably around 1997/8 – that’s nearly 20 years ago! It was a Canon and stored its tiny images on a CF Card. It was pretty heavy and bulky, but a huge step up from the first Kodak prototypes of the 1970’s.

Those had to store an image onto a cassette tape!

In 1990, a few years before my first adventures into digital imaging, Adobe released Photoshop for the Mac.

Take a look at the digital photography timeline to learn more:

http://www.practicalphotographytips.com/practicalphotographytips/history-of-digital-photography.html

This little trip down memory lane has revealed that for over 25 years, people have been able to easily capture and edit digital images. We have reached a point where high-quality images can be captured quickly, edited, and then shared within a few clicks of a mouse or taps on a screen. It’s no wonder then, that during this digital generation, people have also learned how easy it is to change that picture for unlawful reasons.

You are, most likely, from within the investigative community, so you can probably think of many different reasons why someone would want to, ‘tell a different story’. A digital image can be manipulated to reinforce that story, and up until now, many people have trusted that image as being a true and accurate representation. Continue reading

New Amped Training schedule. Book your seat now!

We provide complete hands-on training courses on the use of our products at our Amped Software Training Labs in Italy and in the USA. For some countries, we can also arrange for in-house training at your organization. The purpose of the Amped Software training is to:

  • Provide students with the theory and the basics of image processing
  • Understand different issues affecting images and videos in an investigative context
  • Acquire an in-depth knowledge of all product features
  • Work effectively on real cases and be able to testify on the results

Below is a list of some of the next scheduled classes. For more details and to register for any of these classes please click here.

Upcoming Classes

Amped FIVE

January 24-26, 2017 / Henderson, NV, USA
Instructor: Jim Hoerricks

February 27-March 01, 2017 / Henderson, NV, USA
Instructor: Jim Hoerricks

March 02-03, 2017 / Henderson, NV, USA
Instructor: Jim Hoerricks

March 14-17, 2017 / Trieste, Italy
Instructor: Stefano Bianchi

March 27-29, 2017 / Garland (TX) Police Department, USA
Instructor: Jim Hoerricks Continue reading

Insurance companies look to forensics to cut fraud and abuse – and save time

When a driver wraps his car around a tree, the damage is likely rather obvious. Same again for a head-on collision at high speed. There’s not much car left to repair, so the insurance companies will likely pay out on the policy.

But in today’s app-driven world, minor dents and scratches are now being handled by the policy holder through the use of mobile device apps. Simply snap a picture or video of the damage and upload it to the insurance company. Claims are processed the same day and your money arrives quickly. Folks love this mobile claims processing functionality so much that insurance companies are featuring their time-saving apps in their advertising.

Whilst customers love this convenience, so do crooks. It turns out that fraudsters are using photo editing software to create fake photo evidence in support of bogus claims. This type of activity affects all policy holders as losses are spread out across all customers, keeping rates higher than they should be in a fraud-free world.

Enter Amped Software.

Without naming names (I don’t want to ruin the fraud-catchers’ fun), our software is being employed as both a risk management function (catching fraud), as well as to assist claims processors when folks turn in proprietary CCTV files in support of claims. Continue reading