David Megías

Hamza Kheddar, Mustapha Hemis, Yassine Himeur et al.

Steganography and steganalysis are two interrelated aspects of the field of information security. Steganography seeks to conceal communications, whereas steganalysis is aimed to either find them or even, if possible, recover the data they contain. Steganography and steganalysis have attracted a great deal of interest, particularly from law enforcement. Steganography is often used by cybercriminals and even terrorists to avoid being captured while in possession of incriminating evidence, even encrypted, since cryptography is prohibited or restricted in many countries. Therefore, knowledge of cutting-edge techniques to uncover concealed information is crucial in exposing illegal acts. Over the last few years, a number of strong and reliable steganography and steganalysis techniques have been introduced in the literature. This review paper provides a comprehensive overview of deep learning-based steganalysis techniques used to detect hidden information within digital media. The paper covers all types of cover in steganalysis, including image, audio, and video, and discusses the most commonly used deep learning techniques. In addition, the paper explores the use of more advanced deep learning techniques, such as deep transfer learning (DTL) and deep reinforcement learning (DRL), to enhance the performance of steganalysis systems. The paper provides a systematic review of recent research in the field, including data sets and evaluation metrics used in recent studies. It also presents a detailed analysis of DTL-based steganalysis approaches and their performance on different data sets. The review concludes with a discussion on the current state of deep learning-based steganalysis, challenges, and future research directions.

David Megías, Daniel Lerch-Hostalot

Steganalysis is a collection of techniques used to detect whether secret information is embedded in a carrier using steganography. Most of the existing steganalytic methods are based on machine learning, which typically requires training a classifier with "laboratory" data. However, applying machine-learning classification to a new source of data is challenging, since there is typically a mismatch between the training and the testing sets. In addition, other sources of uncertainty affect the steganlytic process, including the mismatch between the targeted and the true steganographic algorithms, unknown parameters -- such as the message length -- and even having a mixture of several algorithms and parameters, which would constitute a realistic scenario. This paper presents subsequent embedding as a valuable strategy that can be incorporated into modern steganalysis. Although this solution has been applied in previous works, a theoretical basis for this strategy was missing. Here, we cover this research gap by introducing the "directionality" property of features with respect to data embedding. Once this strategy is sustained by a consistent theoretical framework, new practical applications are also described and tested against standard steganography, moving steganalysis closer to real-world conditions.

Cristina Romero-Tris, David Megías

Several applications require computing distances between different people. For example,this is required if we want to obtain the close contacts of people in case of and epidemic,or when restraining orders are imposed by a judge. However, periodically revealing location might pose a privacy threat to the involved parties. Continuous location data may be used to infer personal information about the owner, like behaviors, religious beliefs, buying habits, routines, etc. In this paper, we show that it is possible to calculate distance between two parties without disclosing their latitude and longitude data. For this purpose, we design a secure protocol based on the ElGamal cryptosystem and its homomorphic properties. The proposed protocol allows the calculation of distances while preserving location privacy. The protocol is analyzed in terms of security and performance. The security analysis shows that no involved party can learn any information about location.

Daniel Lerch-Hostalot, David Megías

In this paper, a methodology to detect inconsistencies in classification-based image steganalysis is presented. The proposed approach uses two classifiers: the usual one, trained with a set formed by cover and stego images, and a second classifier trained with the set obtained after embedding additional random messages into the original training set. When the decisions of these two classifiers are not consistent, we know that the prediction is not reliable. The number of inconsistencies in the predictions of a testing set may indicate that the classifier is not performing correctly in the testing scenario. This occurs, for example, in case of cover source mismatch, or when we are trying to detect a steganographic method that the classifier is no capable of modelling accurately. We also show how the number of inconsistencies can be used to predict the reliability of the classifier (classification errors).

Amna Qureshi, David Megías, Helena Rifà-Pous

The use of peer-to-peer (P2P) networks for multimedia distribution has spread out globally in recent years. The mass popularity is primarily driven by cost-effective distribution of content, also giving rise to piracy. An end user (buyer/peer) of a P2P content distribution system does not want to reveal his/her identity during a transaction with a content owner (merchant), whereas the merchant does not want the buyer to further distribute the content illegally. To date, different P2P distribution systems have been proposed that provide copyright and privacy protection at a cost of high computational burden at the merchants and/or at the buyer's end and thus, making these systems impractical. In this paper, we propose PSUM, a P2P content distribution system which allows efficient distribution of large-sized multimedia content while preserving the security and privacy of merchants and buyers. The security of PSUM is ensured by using an asymmetric fingerprinting protocol based on collusion-resistant codes. In addition, PSUM enables buyers to obtain digital contents anonymously, but this anonymity can be revoked as soon as he/she is found guilty of copyright violation. The paper presents a thorough performance analysis of PSUM, through different experiments and simulations, and also analyzes several security compromising attacks and countermeasures.

David Megías, Amna Qureshi

Recombined fingerprints have been suggested as a convenient approach to improve the efficiency of anonymous fingerprinting for the legal distribution of copyrighted multimedia contents in P2P systems. The recombination idea is inspired by the principles of mating, recombination and heredity of the DNA sequences of living beings, but applied to binary sequences, like in genetic algorithms. However, the existing recombination-based fingerprinting systems do not provide a convenient solution for collusion resistance, since they require double-layer fingerprinting codes, making the practical implementation of such systems a challenging task. In fact, collusion resistance is regarded as the most relevant requirement of a fingerprinting scheme, and the lack of any acceptable solution to this problem would possibly deter content merchants from deploying any practical implementation of the recombination approach. In this paper, this drawback is overcome by introducing two non-trivial improvements, paving the way for a future real-life application of recombination-based systems. First, Nuida et al.'s collusion-resistant codes are used in segment-wise fashion for the first time. Second, a novel version of the traitor-tracing algorithm is proposed in the encrypted domain, also for the first time, making it possible to provide the buyers with security against framing. In addition, the proposed method avoids the use of public-key cryptography for the multimedia content and expensive cryptographic protocols, leading to excellent performance in terms of both computational and communication burdens. The paper also analyzes the security and privacy properties of the proposed system both formally and informally, whereas the collusion resistance and the performance of the method are shown by means of experiments and simulations.

Daniel Lerch-Hostalot, David Megías

This paper presents a novel method for detection of LSB matching steganogra- phy in grayscale images. This method is based on the analysis of the differences between neighboring pixels before and after random data embedding. In natu- ral images, there is a strong correlation between adjacent pixels. This correla- tion is disturbed by LSB matching generating new types of correlations. The pre- sented method generates patterns from these correlations and analyzes their varia- tion when random data are hidden. The experiments performed for two different image databases show that the method yields better classification accuracy com- pared to prior art for both LSB matching and HUGO steganography. In addition, although the method is designed for the spatial domain, some experiments show its applicability also for detecting JPEG steganography.

Daniel Lerch-Hostalot, David Megías

In this paper, an unsupervised steganalysis method that combines artificial training setsand supervised classification is proposed. We provide a formal framework for unsupervisedclassification of stego and cover images in the typical situation of targeted steganalysis (i.e.,for a known algorithm and approximate embedding bit rate). We also present a completeset of experiments using 1) eight different image databases, 2) image features based on RichModels, and 3) three different embedding algorithms: Least Significant Bit (LSB) matching,Highly undetectable steganography (HUGO) and Wavelet Obtained Weights (WOW). Weshow that the experimental results outperform previous methods based on Rich Models inthe majority of the tested cases. At the same time, the proposed approach bypasses theproblem of Cover Source Mismatch -when the embedding algorithm and bit rate are known-, since it removes the need of a training database when we have a large enough testing set.Furthermore, we provide a generic proof of the proposed framework in the machine learningcontext. Hence, the results of this paper could be extended to other classification problemssimilar to steganalysis.

Jordi Soria-Comas, Josep Domingo-Ferrer, David Sánchez et al.

Differential privacy is a popular privacy model within the research community because of the strong privacy guarantee it offers, namely that the presence or absence of any individual in a data set does not significantly influence the results of analyses on the data set. However, enforcing this strict guarantee in practice significantly distorts data and/or limits data uses, thus diminishing the analytical utility of the differentially private results. In an attempt to address this shortcoming, several relaxations of differential privacy have been proposed that trade off privacy guarantees for improved data utility. In this work, we argue that the standard formalization of differential privacy is stricter than required by the intuitive privacy guarantee it seeks. In particular, the standard formalization requires indistinguishability of results between any pair of neighbor data sets, while indistinguishability between the actual data set and its neighbor data sets should be enough. This limits the data controller's ability to adjust the level of protection to the actual data, hence resulting in significant accuracy loss. In this respect, we propose individual differential privacy, an alternative differential privacy notion that offers em the same privacy guarantees as standard differential privacy to individuals (even though not to groups of individuals). This new notion allows the data controller to adjust the distortion to the actual data set, which results in less distortion and more analytical accuracy. We propose several mechanisms to attain individual differential privacy and we compare the new notion against standard differential privacy in terms of the accuracy of the analytical results.