Upload
dangkhuong
View
226
Download
0
Embed Size (px)
Citation preview
105
CHAPTER 4
ZERO WATERMARKING FOR MEDICAL
IMAGE AUTHENTICATION
4.1 INTRODUCTION
Zero watermarking is the best alternative to conventional
watermarking that introduces degradations to the watermarked image. The
conflicting requirements of conventional watermarking such as embedding
capacity, robustness and transparency are eliminated in zero watermarking.
Further, reversibility and blind extraction characteristics are inherent in this
technique as the host image is unaltered on watermark embedding. In this
section, two zero watermarking systems for authentication of medical images
with patient data, implemented in the SVD domain and composite CT-SVD
domain are discussed. The watermarking systems are demonstrated with
medical images and QR codes encoded with HL7 message segments
containing patient specific data. The proposed systems based on SS
encompass the phases of Secret Share creation and watermark construction.
4.2 ZERO WATERMARKING IN CONTOURLET-SVD
DOMAIN
In this section, a zero watermarking scheme is implemented in the
composite CT-SVD domain, for authentication of medical images with a 2D
QR code, which contains patient identifiable data. Further, a general
framework for patient authentication and controlled access to EHR in a
106
teleradiology environment, based on the above scheme is also proposed. The
following subsections contain elaborate descriptions of the system.
4.2.1 Background
Cloud-based medical image exchange simplifies image storing,
archiving, sharing and accessing services between radiologists, referral
hospitals, physicians and specialists as discussed by Li et al (2011). Hospitals
that deploy cloud-centric medical imaging solutions can view and share
images and reports with their referral partners in real time without relying on
physical storage media. Medical image sharing through the cloud obviously
eliminates duplication of tests and exposure to radiations and ensures patient
safety. Shini et al (2012) have determined protection against Distributed
Denial of Service (DDOS) attacks, and enforcement of access control
mechanisms, confidentiality and zero tolerance to be the major security
requirements for cloud based image sharing. Above all, authentication of a
medical image with relevant patient-specific attributes such as name,
identification number, demographic data, brief clinical history etc. is a vital
requirement to assure the identity of the patient. Transfer of patient
identifiable data and Personal Health Information (PHI) of the patients along
with radiology images to remote reading sites poses severe security risks.
With the evolution of the dayhawk and nighthawk radiology
services, radiologists examining the clinical images need to access the past
medical history of the patient for a thorough study. Benjamin et al (2010)
have elaborately discussed the means of furnishing these data to remote
radiologists through conventional telecommunication systems. Embedding
patient-specific metadata as watermark into the medical image is a
prospective solution towards imparting authentication. The embedded
watermark can be extracted to verify the identity of the patient, and the
extracted metadata can augment the medical image for a thorough diagnosis.
107
Nyeem et al (2013) explored the application of watermarking techniques in
teleradiology and advocated the deployment of the same for origin
authentication and content authentication.
Recent years have witnessed the development of zero
watermarking schemes for medical images. A scheme proposed by Dong et al
(2011) in the DCT domain combines visual feature vectors, encryption and
third party authentication to address security, confidentiality and integrity
issues. Dong et al (2012) also proposed a similar zero watermarking scheme
for medical images, in which the sign sequence of the DFT coefficients of the
host image is taken as the feature vector to achieve robustness. Of late, the
application of the QR codes has intensified in healthcare institutions for
patient verification right from admission to discharge. Further, studies on
embedding QR code into digital content also report encouraging results,
harnessing the development of zero watermarking systems to embed QR
codes containing patient data within medical images. However, zero
watermarking systems for medical image authentication with QR code have
not been reported in literature so far.
The proposed zero watermarking system is implemented in the
composite CT-SVD domain, exploiting its approximation and robustness
characteristics to embed a QR code within the medical images.. The TNG
function is employed in Secret Share creation and Watermark construction
construction, to achieve robustness against common signal processing and
geometric attacks.
108
4.2.2 Watermark Generation Process
In this system, the watermark comprises an ADT-A01 message
relevant to patient admission and the Universal Resource Locator (URL)
string of an EHR as shown in Figure 4.1. The URL of the EHR is shown in
italic. The ADT message contains the default Message Header (MSH)
segment, which contains the source of the message, purpose, destination and
certain syntax specifics. The Event type (EVN) segment carries the trigger
event information for receiver applications. The PID segment contains patient
identification attributes, the Next of Kin (NK1) segment contains information
contains patient visit-specific data and Allergy (AL1) segment contains
patient allergy information. This patient identification data is encoded into a
QR code with the ZXing QR code generator.
Figure 4.1 Watermark contents with ADT-A01 message and URL of EHR
The generated QR code is of size 120×120x3 and the binary
representation of the inner region of size 77×77 is considered for embedding.
The original and the trimmed watermarks are shown in Figure 4.2. The
bounding rectangle around the quiet zone of Figure 4.2(a) is not part of the
QR code generated; it is drawn to define the boundary of the QR code only.
MSH|^~\&|ADT1|MCM|LABADT|MCM|198808181126|SECURITY|ADT^A01|MSG00001-|P|2.3 EVN|A01|198808181123 PID|||PATID1234^5^M11||JONES^WILLIAM^A^III||19610615|M-||C|1200 N ELM STREET^^GREENSBORO^NC^27401-1020|GL|(91-9)379-1212|(919)271- 3434||S||PATID12345001^2^M10|123456789|9-87654^NC NK1|1|JONES^BARBARA^K|WIFE||||||NK PV1|1|I|2000^2012^01||||004777^LEBAUER^SIDNEY^J.|||SUR||-||ADM|A0- AL1|1||^Penicillin||Produces hives AL1|2||^Cat dander|Respiratory distress http://en.wikipedia.org/wiki/Electronic_health_record
109
Figure 4.2 (a) QR Code of ADT A01 message (b) Trimmed QR code
4.2.3 Secret Share Creation
In the proposed system, the Secret Share Creation phase generates a
Secret Share combining the Master Share, which represents the essential
features of the host image and the watermark image. To construct the Master
Share, initially the host image is subjected to contourlet decomposition and
the LF subband is divided into non-overlapping blocks. Arnold Transform is
applied to select the candidate blocks from the block space, and SVD is
al
matrices containing SVs. The sign bit sequence of the moments I1, I2 and I3 is
taken to be the Master Share for the particular block. The same procedure is
applied on all the selected blocks to construct a Master Share matrix whose
dimensions are the same as the binary QR code watermark. The TNG
function is applied on the Master Share and the scrambled watermark image
to generate the Secret Share. The steps for Secret Share construction are given
in Algorithm 8 and illustrated with Figure 4.3.
(a)
(b)
110
Algorithm 8 Secret Share creation in CT-SVD Domain
Input: Host Image H of size NxN, Watermark W of size mxm, Key
(ki,kj) for initial block Selection, size of block bxb, Number of
iterations i for Arnold Transform
Output: Secret Share Sshare of size mxm
Step1. Apply Contourlet Transform on H to generate an nxn LF subband
Step2. Perform a bxb block partitioning on the LF subband to generate
n/bxn/b non-overlapping blocks
Step3. Apply Arnold Transform on W to generate scrambled
watermark SW
Step4. Repeat steps 5-9 for each bit Wij of watermark
Step5. Apply Arnold transform on (ki,kj) to select a block for Master Share
creation; Increment ki and kj by 1 to select the next block;
Compute ki=ki+1 and kj=kj+1
Step6. Apply SVD on the selected block to generate U, S and V matrices
Step7. I1, I2 and I3 for S
Step8. Create a 3 bit Master Share Mshare out of the sign bits of I1, I2
and I3
Step9. Encode Mshare and SW with Equation (3.1) to generate Secret
Share Sshare, of size mxm; i.e. Sshare=f(Mshare,SW)
111
Figure 4.3 Secret Share creation in CT-SVD domain
4.2.4 Watermark Extraction
Watermark extraction, i.e. construction, begins with the
construction of the Master Share with the same procedure followed in the
Secret Share Creation phase. From the Secret Share, C the sum of the Master
share and the scrambled watermark is computed. The scrambled watermark is
extracted by mere subtraction of the Master Share from C. It is then restored
with Arnold Transform. The watermark extraction procedure is given in
Algorithm 9 and illustrated with Figure 4.4.
Arnold Transform
LF Band
Computation
Scrambled Watermark (SW)
Host Image Selected Blocks
Master Share (Mshare)
Watermark (W)
Non-overlapping Blocks
Block Partitioning
Singular Value Decomposition
Diagonal Matrices
Block Selection with Arnold Transform
Contourlet Transform
f(Mshare,sw)
TNG Function
Secret Share (Sshare)
112
Algorithm 9 Watermark Construction in CT-SVD Domain
Input: Host image H of size NxN, Secret Share Sshare of size mxm, Key
(ki,kj) for initial block Selection, size of block bxb, Number of
iterations i for Arnold Transform
Output: Watermark W of size mxm
Step1. Apply Contourlet Transform on H to generate an nxn LF subband
Step2. Perform a bxb block partitioning on the LF subband to generate
n/bxn/b non-overlapping blocks
Step3. Repeat steps 4-9 for each element of Sshare
Step4. Apply Arnold transform on (ki,kj) to select a block for Master Share
creation; Increment ki and kj by 1 to select the next block; Compute
ki=ki+1 and kj=kj+1
Step5. Apply SVD to selected block to generate U,S and V matrices
Step6. I1, I2 and I3 for S
Step7. Create a 3 bit Master Share Mshare out of the sign bits of I1, I2 and
I3
Step8. Compute C from Sshare with equation (3.2);
i.e., C=[sqrt(8*Sshare+1)-1]/2 where C=sum(Mshare, SW)
Step9. Subtract Mshare from C to get SW
Step10. Apply Arnold Transform to unscramble SW to get W
113
Figure 4.4 Watermark construction in CT-SVD domain
4.2.5 Authentication Framework based on Zero Watermarking
System
The EHR, an integrated collection of patient information including
demographic data, diagnostic history, clinical findings, laboratory results and
radiology reports, can support the clinicians to foster better medical care. A
framework for seamless integration of past medical history with radiology
readings, based on the zero watermarking system proposed in this section is
shown in Figure 4.5. The workflow of the proposed framework assuring
patient authentication and confidentiality is as shown below.
1. Request for reading is sent from the referral site to the remote
radiologist
2. On acceptance, the radiologist gets access to the image for
study from the PACS server
LF Band
Host Image
Contourlet Transform
Selected Blocks
Secret Share (Sshare)
Non-overlapping Blocks
Block Partitioning
Block Selection with Arnold Transform
Diagonal Matrices
Master Share (Mshare)
Computation
Watermark (W)
C=sum(MShare,SW)
Compute C
Subtract Mshare from C
Arnold Transform
Scrambled Watermark(SW)
Singular Value Decomposition
114
3. The radiologist gets access to Secret Share from EHR server
4. The radiologist generates Master Share from the host image
and combines with Secret Share to construct the QR code
watermark
5. The radiologist decodes the QR code to access the PID
segment and URL
6. The radiologist gets access to EHR of the patient with URL
String
7. The radiologist sends the report to the referral site
Figure 4.5 Framework for patient authentication
4.2.6 Experimental Results and Analysis
The proposed system is implemented and tested with MATLAB 12
software. The algorithms are tested with host images of different modalities
such as CT scan, Mammogram, MRA, PET, Ultrasound, Nuclear and X-ray
each of size 512×512 as shown in Figures 4.6(a) (g) and the trimmed
watermark of size 77×77 in Figure 4.2(b).
Referring Site Reading Site PACS Server
EHR Server
2. Get access to medical image
1. Request for reading
4. Extract watermark
5. Decode watermark to access PID and URL string
7.Send radiology report
3. Get access to Secret Share
6.Get access to EHR
115
(b)
Figure 4.6 Host Images (a) CT scan (b) Mammogram (c) MRA (d) Nuclear (e) PET (f) Ultrasound (g) X-ray
Initially, the host image is subjected to a 1 level contourlet
decomposition to generate an LF subband of size 256x256. It is divided into
128x128 non-overlapping blocks each of size 2x2. The watermark is
scrambled on applying the Arnold Transform. For Master Share creation,
initial assumptions are as ki=32 and kj=32 i.e, k=(32,32) and i=6. With these
assumptions, on applying Arnold Transform, k is mapped to (63,94); i.e., for
the watermark bit at position (1,1), the Master Share is created out of block
(63,94). Subsequently, for each bit in the watermark, ki and kj are incremented
by 1 to select the candidate blocks. The Master Share is combined with the
watermark to generate the Secret Share. Similarly, during watermark
extraction, the Master Share is created and is combined with the Secret Share
to construct the watermark. The extracted watermarks are compared with the
original watermarks with BER, NC, SSIM and UIQI metrics. These
performance metrics are shown in Figure 4.7 for the watermarks extracted
from the unattacked host images. The metrics evaluate to ideal values,
invariably for the extracted watermarks, for all modalities of host images. It
signifies the intactness of the watermarks extracted. From this it is clear that
the Watermark Construction algorithm combines the Master and Secret
Shares to reveal the original watermark exactly.
116
117
The robustness of the watermarks is tested with the Checkmark
software, posing common signal processing and geometric attacks on the host
images. From the extracted watermarks and corresponding BER and NC
values shown in Table 4.1, it is evident that the watermark is robust to all
classes of attacks.
Table 4.1 Performance measures under Checkmark attacks in CT-SVD domain
Attack Parameter BER NC Extracted Watermark
Cropping
Cropping%:20 0.0001 0.9999 Cropping%:50 0.0002 0.9999 Cropping%:75 0.0003 0.9999
Dithering Compression Factor:15 0.0001 0.9999
Denoising & Remodulation
Window Size:3x3 0.0001 0.9999 Window Size:5x5 0.0001 0.9999
Denoising & Remodulation
assuming a correlated watermark
Window Size:3x3 0.0002 0.9999
Window Size:5x5 0.0001 0.9999
Gaussian
Window Size:3x3 0.0000 1.0000 Window Size:5x5 0.0000 1.0000
Hard Thresholding Window Size:3x3 0.0002 1.0000 Window Size:5x5 0.0002 1.0000
JPEG compression
Compression Factor:10 0.0210 1.0000
Compression Factor:15 0.0046 0.9999
Compression Factor:25 0.0007 0.9999
Compression Factor:30 0.0021 1.0000
118
Table 4.1 (Continued)
Attack Parameter BER NC Extracted Watermark
Compression Factor:40 0.0011 0.9999
Compression Factor:50 0.0010 0.9999
Linear
Transformation Matrix [1.15 -0.02 -0.03 0.9] 0.0001 0.9999
Transformation Matrix [-0.85 -0.2 -0.05 1.3] 0.0001 0.9999
Median Window Size:3x3 0.0001 1.0000 Window Size:4x4 0.0003 0.9999
Midpoint Window Size:3x3 0.0001 1.0000 Window Size:5x5 0.0002 0.9999
Line Removal Row:12,Col:9 0.0001 0.9999 Row:5,Col:51 0.0001 0.9999
Projection
Angle:5o Axis:1.00
Distance Factor:2.00 Radius Factor:2.00
0.0001 0.9999
Angle:30o Axis:1.00
Distance Factor:2.00 Radius Factor:2.00
0.0001 0.9999
Aspect Ratio
Xscale:0.80 Yscale:1.00 0.0001 0.9999 Xscale:1.00 Yscale:1.10 0.0001 0.9999
Rotation Angle:15o 0.0001 0.9999 Angle:45 o 0.0001 0.9999
Rotation Scale Angle:-2o 0.0012 0.9999 Angle:45 o 0.0001 0.9999
119
Table 4.1 (Continued)
Attack Parameter BER NC Extracted Watermark
Row Column Removal
Row:17,Col:5 0.0002 0.9999 Row:5,Col:1 0.0001 0.9999
Up & Downsampling
Downsampling Factor:0.50 Upsampling Factor:2.00
0.0002 0.9999
Downsampling Factor :0.75
Upsampling Factor :1.30
0.0001
0.9999
Scale Scale factor:2 0.0001 0.9999
Scale factor:0.5 0.0001 0.9999 Sharpening Window Size:3x3 0.0002 0.9999
Shearing
xShear%:0 yShear%:5 0.0001 0.9999 xShear%:5 yShear%:5 0.0002 0.9999
Soft Thresholding Window Size:3x3 0.0002 1.0000 Window Size:5x5 0.0002 1.0000
Stirmark Compression Factor:15 0.0001 0.9999
Template Removal Compression Factor:10 0.0001 0.9999
Hard Thresholding Window Size:3x3 0.0008 0.9999 Window Size:5x5 0.0009 0.9991
Trim Median Window Size:3x3 0.0001 1.0000 Window Size:5x5 0.0003 0.9999
Warping
Warp Factor :3 0.0001 0.9999 Warp Factor :6 0.0001 0.9999
Warp Factor :12 0.0001 0.9999
120
Table 4.1 (Continued)
Attack Parameter BER NC Extracted Watermark
Wavelet Compression
Compression Factor:10 0.0019 0.9999
Compression Factor:20 0.0009 0.9999
Compression Factor:30 0.0004 0.9999
Compression Factor:40 0.0006 0.9999
Compression Factor:50 0.0005 0.9999
Weiner Filtering Window Size:3x3 0.0003 0.9999 Window Size:5x5 0.0002 0.9999
It is seen that the watermarks extracted have low error rate and their
NC values closer to unity. The readability of the watermarks has also been
ensured with the Zxing decoder. Interestingly, the extracted watermarks are
resistant to cropping attacks of up to 75% and compression attacks for
compression factors around 50. The intactness of the watermark under these
intense attacks is attributed to the exact construction of the Master Share
constructed out of the attacked images, which in turn is ascribed to the stability
of the lower order image invariants. The proposed work is compared with the
zero watermarking schemes proposed by of Hsu & Hou (2005), Wang &Chen
(2009) and Rawat & Raman (2012). For a fair comparison, attacks are run
with the parameters specified in the work of Rawat & Raman (2012) with
MATLAB software on the host images. The NC values of the watermarks
extracted from the attacked images are given in Table 4.2. It is seen that these
values are closer to unity for CT, mammogram, PET and X-ray images. For
121
nuclear and ultrasound images, these values are 1.0. Hence, it is evident that
the watermarks are reconstructed exactly and their intactness is testified with
the QR code decoder. Though the QR codes extracted from mammogram
images are readable, their NC values are comparatively lower. These schemes
are also compared under JPEG compression, median, blur, sharpening,
Gaussian noise, resizing and distortion attacks on the standard Lena, Baboon
and Boats images. The NC values of the extracted binary watermarks,
reported in the works of Hsu & Hou (2005), Wang &Chen (2009) and Rawat
& Raman (2012) are compared with that of the extracted QR codes in
Figure 4.8. It is seen that the proposed scheme has better robustness than the
other schemes, under all the attacks. The NC values of the proposed scheme
are closer to that reported by Wang &Chen (2009) and Rawat & Raman
(2012). These values are very high for the proposed scheme compared to that
reported in the work of Hsu & Hou (2005).
122
123
Figure 4.8 Comparison between proposed CT-SVD system and existing zero watermarking systems
4.2.7 Summary
The robustness characteristics demonstrated by the zero
watermarking system presented in this section signify its appropriateness for
deployment in healthcare institutions, for unmistakable patient identification
in dayhawk and nighthawk radiology practices. In addition to authentication
and controlled EHR access, it can be customized to enforce EHR sharing
based on patient consent, in which case the Secret Share must be possessed by
the patient. Further research can be carried out to tailor the framework to
provide fine-grained access to different parts of the clinical documents such
as EHR, EMR, PHI and Continuity of Care Records (CCR). Though the
system is testified to be robust with benchmarking software, it is compared
with similar systems with suitable test parameters for a fair evaluation.
Performance comparison shows that the proposed scheme offers better
robustness than other zero watermarking schemes reported in the literature.
4.3 ZERO WATERMARKING IN SVD DOMAIN
This section presents a zero watermarking scheme implemented in the SVD domain, a variant of the one presented in section 4.2. The purpose of
0.7
0.8
0.9
1
NC
Attacks
Hsu & Hou
Wang & Chen
Rawat & Raman
Proposed
124
this work is to evaluate the performance of the zero watermarking schemes in the SVD and the composite CT-SVD domains for resilience, security and robustness. A QR code watermark containing HL7 message segments with patient identification data along with onsite clinical observations is used for this investigation.
4.3.1 Background
In dayhawk and nighthawk radiology practices, necessary clinical data such as vital signs, medical history, lab test results etc. must accompany the image under study for a thorough interpretation, particularly on emergency radiology readings. PACS supports timely access to images irrespective of the geographical distance between referral and reading sites. In an Integrating Healthcare environment (IHE), both the PACS and HL7 standards are combined to provide an improved workflow. The HL7 Observation Result (ORU) message is commonly used to link clinical trials with lab results, image interpretations, pulmonary function studies, patient conditions etc.
The Observation Request (OBR) and OBX are the significant segments of ORU. The OBR is a report header which contains data such as order number, observation date/time etc. The OBX segment transfers the actual clinical observations. It contains 17 elements including the Observation Identifier, Observation Value, Responsible Observer, Observation Methods etc. Sometimes it can be followed by Order Common Information (ORC) which carries the details of orders, Notes and Comments (NTE) segments to provide notes and comments and Z segments which carry additional data. Though zero watermarking systems based on SVD exist in literature, they are implemented in the hybrid domains such that SVD is applied on the transform domains such as DWT, DFT and DCT. Only the scheme proposed by Ye (2011b) is implemented in the SVD domain. This scheme divides a host
125
image into non-overlapping blocks and subjects each block to SVD and transforms each singular matrix with DCT to generate the zero watermark.
4.3.2 Watermark Generation Process
The HL7 ORU-R01 message shown in Figure 4.9 which contains various message segments for patient identification and clinical observations is taken as the watermark.
Figure 4.9 Watermark contents - HL 7 ORU-R01 message
The entire message is encoded into a QR code of size 230x230x3 with
the ZXing software. To reduce the computational cost, only the binary
version of the inner region of size 109x109 excluding the quiet zone is taken
to be the watermark. The generated QR code and its trimmed form are shown
in Figure 4.10.(a) and Figure 4.10.(b) respectively.
MSH|^~\&|LCS|LCA|LIS|TEST9999|199807311532||ORU^R01|3630|P|2.2 PID|3|2161348473|20923085580|01572633|20923085580^TESTPAT||19730204| M|||^^^^00000-0000|||||||86427531^^^03|SSN# HERE PV1||I|^802^1||||8625^Physician^Michael|86-7468^||xxx|||||||||V1001 ORC|NW|8642753100013^LIS|20923085580^LCS||||||19980728000000|||PEED OBR|1|8642753100013^LIS|20923085580^LCS|083824^PANEL 083824^L|||19980728083600|||||| CH13380|19980728000000||||||20923085580||19980730041800|||F OBX|1|NM|150001^HIV-1 ABS-O.D. RATIO^L|||||||N|X OBX|2|CE|001719^HIV-1 ABS, SEMI-QN^L||HTN|||||N|F|19910123|| 19980729155700|BN NTE|1|L|Result: NEGATIVE by EIA screen. NTE|2|L|No antibodies to HIV-1 detected. OBX|3|CE|169999^.^L||SPRCS|||||N|F|||19980728130600|BN NTE|1|L|NOTE: Submission of serum NTE|2|L|separator tube recommended NTE|3|L|for this test. Thank you NTE|4|L|for your cooperation if you NTE|5|L|are already doing so. OBX|4|CE|169998^.^L||SPRCS|||||N|F|||19980728130600|BN ZPS|1|BN|LABCORP HOLDINGS|1447 YORK COURT^^BURLINGTON^NC^272152230|8007624344
126
(a) (b)
Figure 4.10 a) QR Code of ORU-R01 message b) Trimmed QR code
4.3.3 Secret Share Creation
Secret Share Creation procedure is the same as Algorithm 8 except
the selection of candidate subbands. In the SVD-based system, the host image
is divided into non-overlapping blocks and the candidate blocks are selected
from this block space. This procedure is given in Algorithm 10 and illustrated
with Figure 4.11.
Figure 4.11 Secret Share creation in SVD domain
Arnold Transform
Computation
Scrambled Watermark(SW)
Host Image Selected Blocks
MasterShare (Mshare)
Watermark (W)
Block Partitioning
Singular Value Decomposition
Diagonal Matrices
Block Selection with Arnold Transform
f(Mshare,sw)
TNG Function
Secret Share (Sshare)
Non-overlapping Blocks
127
4.3.4 Watermark Construction
Watermark construction is performed using the extraction procedure
of Algorithm 11 in the SVD Domain and illustrated with Figure 4.12.
Algorithm 10 Secret Share creation in SVD domain
Input: Host Image H of size NxN, Watermark W of size mxm, Key (ki,kj) for
initial block selection, size of block bxb, Number of iterations i for Arnold
Transform
Output: Secret Share Sshare of size mxm
Step1. Perform a bxb block partitioning on H to generate N/bxN/b non-
overlapping blocks
Step2. Apply Arnold Transform on W to generate the scrambled watermark
SW
Step3. Repeat steps 4-8 for each bit Wij of watermark
Step4. Apply Arnold transform on (ki,kj) to select a block for Master Share
creation; Increment ki and kj by 1 to select the next block; Compute
ki=ki+1 and kj=kj+1
Step5. Apply SVD on the selected block to generate U, S and V matrices
I1, I2 and I3 for S
Step7. Create a 3 bit Master Share Mshare from the sign bits of I1, I2 and I3
Step8. Encode Mshare and SW with equation (3.1) to generate Secret Share
Sshare, of size mxm; i.e. Sshare=f(Mshare,SW)
128
Figure 4.12 Watermark construction in SVD domain
Host Image Selected Blocks
Secret Share (Sshare)
Non-overlapping Blocks
Block Partitioning
Block Selection with Arnold Transform
Diagonal Matrices
Master Share (Mshare)
Computation
Watermark(W)
C=sum(MShare,SW)
Compute C
Subtract Mshare from C
Arnold Transform
Scrambled Watermark(SW)
Singular Value Decomposition
Algorithm 11 Watermark Construction in SVD domain
Input: Host image H of size NxN, Secret Share Sshare of size mxm, Key (ki,kj) for
initial block Selection, size of block bxb, Number of iterations i for Arnold
Transform
Output: Watermark W of size mxm
Step1. Perform a bxb block partitioning on H to generate non-overlapping N/bxN/b
blocks
Step2. Perform steps 3-8 for each element of Sshare
Step3.Apply Arnold transform on (ki,kj) to select a block for Master Share
creation; Increment ki and kj by 1 to select the next block;
Compute ki=ki+1 and kj=kj+1
Step4.Apply SVD on the selected block to generate U, S and V matrices
oments I1, I2 and I3 for S
Step6.Create a 3 bit Master Share Mshare from the sign bits of I1, I2 and I3
Step7.Compute C from Sshare with equation (3.2);
i.e., C=[sqrt(8*Sshare+1)-1]/2 where C=sum(Mshare, SW)
Step8. Subtract Mshare from C to get SW
Step9. Apply Arnold Transform to unscramble SW to get W
129
4.3.5 Experimental Results and Analysis
The proposed system is implemented and tested with MATLAB12
software. The algorithms are tested with host images of size 512x512
shown in Figure 4.6 (a)-(g) and the trimmed watermark of size109x109 in
Figure 4.11 (b). Initially, the key parameters are assumed to be bxb=4x4,
ki=64, kj=64, i.e., k=(64,64) and i=6 . Accordingly, the host image is divided
into 128x128 non-overlapping blocks each of size 4x4. By 6 iterations of
Arnold Transform, k is mapped to (127,62). For the watermark bit W11, the
block (127,62) is selected out of the 128x128 block space and SVD is
applied on it and I1,I2 and I3 are computed for the singular matrix. The sign
bit sequence of these invariants is the Master Share for W11. Similarly, the
Master Share is created for the rest of the watermark bits by incrementing
both ki and kj by1 to select subsequent candidate blocks. The Master Share is
combined with the watermark using TNG function to generate the Secret
Share. Similarly, on extraction, the Master Share is created following the
same procedure and is combined with the Secret Share to reveal the
watermark. The performance of the system is evaluated with BER, NC, SSIM
and UIQI metrics. These performance metrics illustrated in Figure 4.13 show
that the watermarks constructed are intact for all modalities.
130
131
The robustness to common signal processing and geometric attacks
is tested with the Checkmark software. The BER and NC values of the
watermarks extracted are listed in Table 4.3.
Table 4.3 Performance metrics under Checkmark attacks in SVD domain
Attack Parameter BER NC Extracted Watermark
Cropping
Cropped%:20 0.0006 0.9994
Cropped%:50 0.0006 0.9994
Cropped%:75 0.0010 0.9990
Dithering Compression Factor:15 0.0006 0.9994
Denoising &
Remodulation
Window Size:3x3 0.0005 0.9995
Window Size:5x5 0.0006 0.9994
Denoising & Remodulation
assuming a correlated watermark
Window Size:3x3 0.0005 0.9995
Window Size:5x5 0.0006 0.9994
Gaussian
Window Size:3x3 0.0001 0.9999
Window Size:5x5 0.0001 0.9999
Hard Thresholding Window Size:3x3 0.0005 0.9995
Window Size:5x5 0.0005 0.9995
JPEG compression
Compression Factor:10 0.0133 0.9867
Compression Factor:15 0.0089 0.9911
Compression Factor:25 0.0027 0.9973
132
Table 4.3 (Continued)
Attack Parameter BER NC Extracted Watermark
Compression Factor:30 0.0030 0.9970
Compression Factor:40 0.0017 0.9983
Compression Factor:50 0.0014 0.9986
Linear
Transformation Matrix [1.15 -0.02 -0.03 0.9]
0.0006 0.9994
Transformation Matrix [-0.85 -0.2 -0.05 1.3] 0.0006 0.9994
Median Window Size:3x3 0.0003 0.9997
Window Size:4x4 0.0008 0.9992
Midpoint Window Size:3x3 0.0009 0.9991
Window Size:5x5 0.0010 0.9990
Line Removal Row:12,Col:9 0.0006 0.9994
Row:5,Col:51 0.0006 0.9994
Projection
Angle:5o Axis:1o
Distance Factor:2.00 Radius Factor:2.00
0.0006 0.9994
Angle:30o Axis:1.00
Distance Factor:2.00 Radius Factor:2.00
0.0006 0.9994
Aspect Ratio
Xscale:0.80 Yscale:1.00 0.0006 0.9994
Xscale:1.00 Yscale:1.10 0.0006 0.9994
133
Table 4.3 (Continued)
Attack Parameter BER NC Extracted Watermark
Rotation Angle:15o 0.0006 0.9994
Angle:45o 0.0006 0.9994
Rotation Scale
Angle:-2o Geometric Change:1 0.0010 0.9990
Angle:45o
Geometric Change:3 0.0008 0.9992
Row Column Removal
Row:17,Col:5 0.0006 0.9994
Row:5,Col:1 0.0006 0.9994
Up & Downsampling
Downsampling Factor:0.50 Upsampling Factor:2.00
0.0003 0.9997
Downsampling Factor :0.75
Upsampling Factor :1.30 0.0006 0.9994
Scale Scale Factor:2.0 0.0006 0.9994
Scale Factor:0.5 0.0006 0.9994
Sharpening Window Size:3x3 0.0008 0.9992
Shearing
x Shear%:0 y Shear%:5 0.0006 0.9994
x Shear%:5 y Shear%:5 0.0006 0.9994
Soft Thresholding Window Size:3x3 0.0005 0.9995
Window Size:5x5 0.0005 0.9995
Stirmark Compression Factor:15 0.0006 0.9994
134
Table 4.3 (Continued)
Attack Parameter BER NC Extracted Watermark
Template Removal Compression Factor:10 0.0006 0.9994
Trim Median Window Size:3x3 0.0003 0.9997
Window Size:5x5 0.0006 0.9994
Warping
Warp Factor :3 0.0006 0.9994
Warp Factor :6 0.0006 0.9994
Warp Factor :12 0.0006 0.9994
Wavelet Compression
Compression Factor:10 0.0021 0.9979
Compression Factor:20 0.0018 0.9982
Compression Factor:30 0.0012 0.9988
Compression Factor:40 0.0018 0.9982
Compression Factor:50 0.0015 0.9985
Weiner Filtering Window Size:3x3 0.0004 0.9996
Window Size:5x5 0.0008 0.9992
It is seen that the watermarks extracted are robust to all kinds of attacks and have NC values closer to unity. It has also been ensured that the extracted watermarks are readable by the Zxing decoder. Particularly, it is seen that the watermarks are resistant to cropping attacks of up to 75%. The intactness
in watermark construction. The performance of the system is also compared with
135
the works of Hsu & Hou (2005), Wang & Chen (2009) and Rawat & Raman (2012). Attacks are run on the host images with MATLAB software with the same parameters as in the work of Rawat & Raman (2012). The NC values of the watermarks extracted from the attacked images are shown in Table 4.4. It is seen that these values are closer to unity under all attacks except for mammograms. The proposed scheme is also compared with the works of Hsu & Hou (2005), Wang & Chen (2009) and Rawat & Raman (2012) under JPEG compression, median, blur, sharpening, Gaussian noise, resizing and distortion attacks on the standard Lena, Baboon and Boats images. Figure 4.14 shows the NC values of the extracted binary watermarks, reported in the works of Hsu & Hou (2005), Wang &Chen (2009) and Rawat & Raman (2012) and that of the extracted QR codes. It is seen that the proposed scheme has better robustness than the others under all the attacks.
From the results reported in Section 4.2.6 on CT-SVD based zero watermarking system and the results reported in this section, it is evident that the CT-SVD based system has better robustness.
136
137
Figure 4.14 Comparison between proposed SVD system and existing zero watermarking systems
4.3.6 Summary
A robust watermarking system in the SVD Domain has been
proposed in this section for authentication and improved interpretation of
radiology images. The system exhibits resilience to a variety of geometric and
non-geometric attacks and is suitable for deployment in healthcare institutions
to authenticate medical images and provide supplementary clinical data to a
remote radiologist.
4.4 PERFORMANCE EVALUATION OF CT-SVD AND SVD
BASED ZERO WATERMARKING SYSTEMS
The experimental results clearly show that the proposed systems
are robust to both signal processing and geometric attacks. In addition to
robustness, the proposed systems have a stringent requirement that the
watermarks constructed from the attacked images must be recognized by a
QR code decoder. It has been verified that, all the watermarks extracted from
the attacked images have been decoded by the ZXing decoder.
0.7
0.8
0.9
1
NC
Attacks
Hsu & Hou
Wang & Chen
Rawat & Raman
Proposed
138
Further, this section presents a comparison of both the systems
with the conventional watermarking system proposed by Kim et al (2010),
which embeds a QR code in the spatial, DFT and FFT domains of the Lena
image. The proposed CT-SVD and SVD based systems are tested with the
512x512 Lena image, and the QR code in Figure 4.2(b) and Figure 4.10 (b)
respectively. The BER values of the watermarks extracted from the Lena
image under JPEG compression, Shrinkage and Rotation attacks are taken
for comparison as shown in Tables 4.5, 4.6 and 4.7 respectively; the tables
contain the best values reported by Kim et al (2010) under each attack,
irrespective of the embedding domain. From the experimental results, it is
evident that the proposed systems offer better robustness. It is also evident
that the CT-SVD-based system offers better robustness compared to the
SVD-based system.
The computational complexity analysis of the systems is
presented in Figure 4.15(a) and (b) for watermark embedding and
extraction algorithms respectively. Interestingly, the system implemented
in the CT-SVD domain exhibits lesser complexity. Though it involves the
additional step for contourlet decomposition compared to SVD-based, it
consumes less time as the block space is reduced to the size of the
watermark by the decomposition.
139
(a)
(b)
Figure 4.15 Computational time (a) Embedding (b) Extraction
88.05
8.18.15
8.28.25
8.38.35
8.48.45
8.5
CT-SVD
SVD
88.18.28.38.48.58.68.78.8
CT-SVD
SVD
140
141
142
143
4.5 SECURITY ANALYSIS
Similar to conventional watermarking systems, security is a
challenging issue in zero watermarking systems as well. In this section,
security analysis of the proposed systems is presented with the assumption
that, the algorithms for Secret Share construction and watermark extraction
are public, according to the well-
evident that the security of zero watermarking systems is based on the
confidentiality of the Secret Share. The security of the proposed schemes is
demonstrated by showing that it is unrealistic for an adversary to construct a
Secret Share from a host image. Rather, the security of a zero watermarking
system is greatly influenced by Master Share creation, the first step towards
Secret Share creation and watermark construction. From the proposed
algorithms, it is understood that Master Share creation depends on the
following parameters for candidate block selection.
P1 Number of levels of contourlet decomposition
This parameter can be selected based on the size of the watermark
W. Though this parameter does not offer too many choices within the
permissible space, running the algorithm with even a few options would be
computationally expensive.
P2 Number of non-overlapping blocks in the LF band
This parameter also depends on the size of the watermark W. Block
partitioning can be performed so that the number of blocks is the same as or
greater than that of W. Running the algorithms with different values of this
parameter also is not viable.
144
P3 Position of the initial block for Arnold Transform
In the proposed system, only the position of the first block out of the n/bxn/b space is arbitrarily selected to embed W11 initially. The subsequent blocks are selected by applying the Arnold Transform on the neighboring positions. Identifying the exact candidate block is also impracticable due to the size of the search space.
P4 Number of iterations of the Arnold Transform
This parameter also determines the selection of candidate blocks for watermarking. The larger the number of iterations, the greater will be the distance between the selected and the mapped positions. Running the algorithm with different number of iterations also is unrealistic.
The parameters P1, which is the number levels of contourlet decomposition, is exclusive for CT-SVD-based system and the other parameters are common to both the systems. The key space for each of the systems is given below as KEYSPACECT-SVD and KEYSPACESVD for the systems based on CT-SVD and SVD domains respectively .
KEYSPACECT-SVD =
{ P1 = [1,2,3], assuming a maximum of 3levels
P2 = [128x128,64x64,32x32],
P3 =
P4 = aximum of 10 iterations }
KEYSPACESVD =
{ P2 = [128x128,64x64,32x32],
P3 = P2=128x128
P4 =
145
Further, a three bit sign sequence is to be constructed out of the
infeasible for an adversary to construct a Master Share by brute force
approach with assumptions on the above parameters. This in turn makes it
difficult to construct the Secret Share to defeat the system.
4.6 DISCUSSIONS
From the experimental results, it is evident that both the systems
are robust to different types of attacks. Though BER and NC values are
comparatively better in CT-SVD-based system, the watermarks extracted
with the SVD-based system are also decodable by the ZXing software. The
degradation in these metrics in the SVD domain cannot be attributed to the
size of the watermark, as the watermarks are not physically embedded into
the host images. The improved performance in the CT-SVD domain is
attributed to the ability of the CT to capture finer details and the stability of
the SVD.
Robustness of the proposed systems is attributed to the resilience of
the Master Share against attacks. The proposed systems exploit the invariant
nature of the image moments in the composite CT-SVD transform and the
SVD domains to construct the Master Shares. Here, the Master Share is the
sign bit sequence of the lower order image moments, which are proved
with
intensive attacks such as cropping and histogram equalization. While the
former leads to loss of original host data, the latter causes changes in global
image contrast leading to noticeable modifications. The invariant nature of
st these attacks can be testified with their log-scaled
representation.
146
The log-
image in Figure 4.6 (a) and its cropped versions are given in Table 4.8. It is
seen that even with 75% of cropping, the moment magnitudes are closer to
the original image and there is no sign reversal as well. As Master Shares are
created out of the sign bits of these invariants in the stable CT-SVD and SVD
domains, there is no significant variation in them, irrespective of the level of
cropping. This in turn attributes to the intactness of the watermark
constructed. However, though NC values are similar for the watermarks
extracted from the three cropped images, the BER is slightly higher for the
one extracted from the images cropped by 75% as evidenced from Table 4.2
and Table 4.3. Similarly, the log-
original host images and corresponding histogram equalized images are given
in Table 4.9. Under histogram equalization, wide deviation in magnitude is
observed in I1, I2 and I3 for the PET image, and signs are preserved invariably
for all the images for the four lower order moments. Hence, the three lower
order moments are sufficient to achieve robustness under these attacks.
Generally, XOR function is employed in Secret Share creation and
watermark construction algorithms due to its lower computational
complexity, right from the first work on zero watermarking by Chang et al
(1999) to the latest work by Tsai et al (2013). However, these zero
watermarking systems invariably based on SVD, suffer from false positives.
Hence, it is essential to register the Secret Share with a TTP to resolve
disputes. Though the proposed systems employ the TNG function with high
computational complexity, they intrinsically possess the ability to resolve
false positives as the Secret Share can be blindly factored to the Master Share
and the scrambled watermark. This Master Share can be compared with the
one created out of the falsified image to resolve ambiguities.
147
148
149
4.7 CONCLUSION
In this section, zero watermarking systems for embedding host
images with HL7 ADT and ORU messages and an authentication framework
are proposed. They have potential applications in teleradiology environments
for unambiguous patient identification, improved radiology image
robustness and security characteristics demonstrate their reliability for
possible deployment in healthcare institutions to offer teleradiology services
with well-defined workflow. From the computational complexity and the
performance metrics, it is evident that the CT-SVD-based system is better
than the SVD-based system. Though the systems display resilience to
common image processing attacks, extensive studies are required to evaluate
their performance against intense noise attacks.