CHAPTER 4 ZERO WATERMARKING FOR MEDICAL IMAGE AUTHENTICATIONshodhganga.inflibnet.ac.in/bitstream/10603/34258/9/09_chapter4.pdf · ZERO WATERMARKING FOR MEDICAL IMAGE AUTHENTICATION

105

CHAPTER 4

ZERO WATERMARKING FOR MEDICAL

IMAGE AUTHENTICATION

4.1 INTRODUCTION

Zero watermarking is the best alternative to conventional

watermarking that introduces degradations to the watermarked image. The

conflicting requirements of conventional watermarking such as embedding

capacity, robustness and transparency are eliminated in zero watermarking.

Further, reversibility and blind extraction characteristics are inherent in this

technique as the host image is unaltered on watermark embedding. In this

section, two zero watermarking systems for authentication of medical images

with patient data, implemented in the SVD domain and composite CT-SVD

domain are discussed. The watermarking systems are demonstrated with

medical images and QR codes encoded with HL7 message segments

containing patient specific data. The proposed systems based on SS

encompass the phases of Secret Share creation and watermark construction.

4.2 ZERO WATERMARKING IN CONTOURLET-SVD

DOMAIN

In this section, a zero watermarking scheme is implemented in the

composite CT-SVD domain, for authentication of medical images with a 2D

QR code, which contains patient identifiable data. Further, a general

framework for patient authentication and controlled access to EHR in a

106

teleradiology environment, based on the above scheme is also proposed. The

following subsections contain elaborate descriptions of the system.

4.2.1 Background

Cloud-based medical image exchange simplifies image storing,

archiving, sharing and accessing services between radiologists, referral

hospitals, physicians and specialists as discussed by Li et al (2011). Hospitals

that deploy cloud-centric medical imaging solutions can view and share

images and reports with their referral partners in real time without relying on

physical storage media. Medical image sharing through the cloud obviously

eliminates duplication of tests and exposure to radiations and ensures patient

safety. Shini et al (2012) have determined protection against Distributed

Denial of Service (DDOS) attacks, and enforcement of access control

mechanisms, confidentiality and zero tolerance to be the major security

requirements for cloud based image sharing. Above all, authentication of a

medical image with relevant patient-specific attributes such as name,

identification number, demographic data, brief clinical history etc. is a vital

requirement to assure the identity of the patient. Transfer of patient

identifiable data and Personal Health Information (PHI) of the patients along

with radiology images to remote reading sites poses severe security risks.

With the evolution of the dayhawk and nighthawk radiology

services, radiologists examining the clinical images need to access the past

medical history of the patient for a thorough study. Benjamin et al (2010)

have elaborately discussed the means of furnishing these data to remote

radiologists through conventional telecommunication systems. Embedding

patient-specific metadata as watermark into the medical image is a

prospective solution towards imparting authentication. The embedded

watermark can be extracted to verify the identity of the patient, and the

extracted metadata can augment the medical image for a thorough diagnosis.

107

Nyeem et al (2013) explored the application of watermarking techniques in

teleradiology and advocated the deployment of the same for origin

authentication and content authentication.

Recent years have witnessed the development of zero

watermarking schemes for medical images. A scheme proposed by Dong et al

(2011) in the DCT domain combines visual feature vectors, encryption and

third party authentication to address security, confidentiality and integrity

issues. Dong et al (2012) also proposed a similar zero watermarking scheme

for medical images, in which the sign sequence of the DFT coefficients of the

host image is taken as the feature vector to achieve robustness. Of late, the

application of the QR codes has intensified in healthcare institutions for

patient verification right from admission to discharge. Further, studies on

embedding QR code into digital content also report encouraging results,

harnessing the development of zero watermarking systems to embed QR

codes containing patient data within medical images. However, zero

watermarking systems for medical image authentication with QR code have

not been reported in literature so far.

The proposed zero watermarking system is implemented in the

composite CT-SVD domain, exploiting its approximation and robustness

characteristics to embed a QR code within the medical images.. The TNG

function is employed in Secret Share creation and Watermark construction

construction, to achieve robustness against common signal processing and

geometric attacks.

108

4.2.2 Watermark Generation Process

In this system, the watermark comprises an ADT-A01 message

relevant to patient admission and the Universal Resource Locator (URL)

string of an EHR as shown in Figure 4.1. The URL of the EHR is shown in

italic. The ADT message contains the default Message Header (MSH)

segment, which contains the source of the message, purpose, destination and

certain syntax specifics. The Event type (EVN) segment carries the trigger

event information for receiver applications. The PID segment contains patient

identification attributes, the Next of Kin (NK1) segment contains information

contains patient visit-specific data and Allergy (AL1) segment contains

patient allergy information. This patient identification data is encoded into a

QR code with the ZXing QR code generator.

Figure 4.1 Watermark contents with ADT-A01 message and URL of EHR

The generated QR code is of size 120×120x3 and the binary

representation of the inner region of size 77×77 is considered for embedding.

The original and the trimmed watermarks are shown in Figure 4.2. The

bounding rectangle around the quiet zone of Figure 4.2(a) is not part of the

QR code generated; it is drawn to define the boundary of the QR code only.

MSH|^~\&|ADT1|MCM|LABADT|MCM|198808181126|SECURITY|ADTÂ01|MSG00001-|P|2.3 EVN|A01|198808181123 PID|||PATID1234^5^M11||JONES^WILLIAMÂÎII||19610615|M-||C|1200 N ELM STREET^^GREENSBORO^NC^27401-1020|GL|(91-9)379-1212|(919)271- 3434||S||PATID12345001^2^M10|123456789|9-87654^NC NK1|1|JONES^BARBARA^K|WIFE||||||NK PV1|1|I|2000^2012^01||||004777^LEBAUER^SIDNEY^J.|||SUR||-||ADM|A0- AL1|1||^Penicillin||Produces hives AL1|2||^Cat dander|Respiratory distress http://en.wikipedia.org/wiki/Electronic_health_record

109

Figure 4.2 (a) QR Code of ADT A01 message (b) Trimmed QR code

4.2.3 Secret Share Creation

In the proposed system, the Secret Share Creation phase generates a

Secret Share combining the Master Share, which represents the essential

features of the host image and the watermark image. To construct the Master

Share, initially the host image is subjected to contourlet decomposition and

the LF subband is divided into non-overlapping blocks. Arnold Transform is

applied to select the candidate blocks from the block space, and SVD is

al

matrices containing SVs. The sign bit sequence of the moments I1, I2 and I3 is

taken to be the Master Share for the particular block. The same procedure is

applied on all the selected blocks to construct a Master Share matrix whose

dimensions are the same as the binary QR code watermark. The TNG

function is applied on the Master Share and the scrambled watermark image

to generate the Secret Share. The steps for Secret Share construction are given

in Algorithm 8 and illustrated with Figure 4.3.

(a)

(b)

110

Algorithm 8 Secret Share creation in CT-SVD Domain

Input: Host Image H of size NxN, Watermark W of size mxm, Key

(ki,kj) for initial block Selection, size of block bxb, Number of

iterations i for Arnold Transform

Output: Secret Share Sshare of size mxm

Step1. Apply Contourlet Transform on H to generate an nxn LF subband

Step2. Perform a bxb block partitioning on the LF subband to generate

n/bxn/b non-overlapping blocks

Step3. Apply Arnold Transform on W to generate scrambled

watermark SW

Step4. Repeat steps 5-9 for each bit Wij of watermark

Step5. Apply Arnold transform on (ki,kj) to select a block for Master Share

creation; Increment ki and kj by 1 to select the next block;

Compute ki=ki+1 and kj=kj+1

Step6. Apply SVD on the selected block to generate U, S and V matrices

Step7. I1, I2 and I3 for S

Step8. Create a 3 bit Master Share Mshare out of the sign bits of I1, I2

and I3

Step9. Encode Mshare and SW with Equation (3.1) to generate Secret

Share Sshare, of size mxm; i.e. Sshare=f(Mshare,SW)

111

Figure 4.3 Secret Share creation in CT-SVD domain

4.2.4 Watermark Extraction

Watermark extraction, i.e. construction, begins with the

construction of the Master Share with the same procedure followed in the

Secret Share Creation phase. From the Secret Share, C the sum of the Master

share and the scrambled watermark is computed. The scrambled watermark is

extracted by mere subtraction of the Master Share from C. It is then restored

with Arnold Transform. The watermark extraction procedure is given in

Algorithm 9 and illustrated with Figure 4.4.

Arnold Transform

LF Band

Computation

Scrambled Watermark (SW)

Host Image Selected Blocks

Master Share (Mshare)

Watermark (W)

Non-overlapping Blocks

Block Partitioning

Singular Value Decomposition

Diagonal Matrices

Block Selection with Arnold Transform

Contourlet Transform

f(Mshare,sw)

TNG Function

Secret Share (Sshare)

112

Algorithm 9 Watermark Construction in CT-SVD Domain

Input: Host image H of size NxN, Secret Share Sshare of size mxm, Key

(ki,kj) for initial block Selection, size of block bxb, Number of

iterations i for Arnold Transform

Output: Watermark W of size mxm

Step1. Apply Contourlet Transform on H to generate an nxn LF subband

Step2. Perform a bxb block partitioning on the LF subband to generate

n/bxn/b non-overlapping blocks

Step3. Repeat steps 4-9 for each element of Sshare


creation; Increment ki and kj by 1 to select the next block; Compute

ki=ki+1 and kj=kj+1

Step5. Apply SVD to selected block to generate U,S and V matrices

Step6. I1, I2 and I3 for S

Step7. Create a 3 bit Master Share Mshare out of the sign bits of I1, I2 and

I3

Step8. Compute C from Sshare with equation (3.2);

i.e., C=[sqrt(8*Sshare+1)-1]/2 where C=sum(Mshare, SW)

Step9. Subtract Mshare from C to get SW

Step10. Apply Arnold Transform to unscramble SW to get W

113

Figure 4.4 Watermark construction in CT-SVD domain

4.2.5 Authentication Framework based on Zero Watermarking

System

The EHR, an integrated collection of patient information including

demographic data, diagnostic history, clinical findings, laboratory results and

radiology reports, can support the clinicians to foster better medical care. A

framework for seamless integration of past medical history with radiology

readings, based on the zero watermarking system proposed in this section is

shown in Figure 4.5. The workflow of the proposed framework assuring

patient authentication and confidentiality is as shown below.

1. Request for reading is sent from the referral site to the remote

radiologist

2. On acceptance, the radiologist gets access to the image for

study from the PACS server

LF Band

Host Image

Contourlet Transform

Selected Blocks



Block Partitioning


Diagonal Matrices


Computation

Watermark (W)

C=sum(MShare,SW)

Compute C

Subtract Mshare from C

Arnold Transform

Scrambled Watermark(SW)


114

3. The radiologist gets access to Secret Share from EHR server

4. The radiologist generates Master Share from the host image

and combines with Secret Share to construct the QR code

watermark

5. The radiologist decodes the QR code to access the PID

segment and URL

6. The radiologist gets access to EHR of the patient with URL

String

7. The radiologist sends the report to the referral site

Figure 4.5 Framework for patient authentication

4.2.6 Experimental Results and Analysis

The proposed system is implemented and tested with MATLAB 12

software. The algorithms are tested with host images of different modalities

such as CT scan, Mammogram, MRA, PET, Ultrasound, Nuclear and X-ray

each of size 512×512 as shown in Figures 4.6(a) (g) and the trimmed

watermark of size 77×77 in Figure 4.2(b).

Referring Site Reading Site PACS Server

EHR Server

2. Get access to medical image

1. Request for reading

4. Extract watermark

5. Decode watermark to access PID and URL string

7.Send radiology report

3. Get access to Secret Share

6.Get access to EHR

115

(b)

Figure 4.6 Host Images (a) CT scan (b) Mammogram (c) MRA (d) Nuclear (e) PET (f) Ultrasound (g) X-ray

Initially, the host image is subjected to a 1 level contourlet

decomposition to generate an LF subband of size 256x256. It is divided into

128x128 non-overlapping blocks each of size 2x2. The watermark is

scrambled on applying the Arnold Transform. For Master Share creation,

initial assumptions are as ki=32 and kj=32 i.e, k=(32,32) and i=6. With these

assumptions, on applying Arnold Transform, k is mapped to (63,94); i.e., for

the watermark bit at position (1,1), the Master Share is created out of block

(63,94). Subsequently, for each bit in the watermark, ki and kj are incremented

by 1 to select the candidate blocks. The Master Share is combined with the

watermark to generate the Secret Share. Similarly, during watermark

extraction, the Master Share is created and is combined with the Secret Share

to construct the watermark. The extracted watermarks are compared with the

original watermarks with BER, NC, SSIM and UIQI metrics. These

performance metrics are shown in Figure 4.7 for the watermarks extracted

from the unattacked host images. The metrics evaluate to ideal values,

invariably for the extracted watermarks, for all modalities of host images. It

signifies the intactness of the watermarks extracted. From this it is clear that

the Watermark Construction algorithm combines the Master and Secret

Shares to reveal the original watermark exactly.

116

117

The robustness of the watermarks is tested with the Checkmark

software, posing common signal processing and geometric attacks on the host

images. From the extracted watermarks and corresponding BER and NC

values shown in Table 4.1, it is evident that the watermark is robust to all

classes of attacks.

Table 4.1 Performance measures under Checkmark attacks in CT-SVD domain

Attack Parameter BER NC Extracted Watermark

Cropping

Cropping%:20 0.0001 0.9999 Cropping%:50 0.0002 0.9999 Cropping%:75 0.0003 0.9999

Dithering Compression Factor:15 0.0001 0.9999

Denoising & Remodulation

Window Size:3x3 0.0001 0.9999 Window Size:5x5 0.0001 0.9999


assuming a correlated watermark

Window Size:3x3 0.0002 0.9999

Window Size:5x5 0.0001 0.9999

Gaussian

Window Size:3x3 0.0000 1.0000 Window Size:5x5 0.0000 1.0000

Hard Thresholding Window Size:3x3 0.0002 1.0000 Window Size:5x5 0.0002 1.0000

JPEG compression

Compression Factor:10 0.0210 1.0000




118

Table 4.1 (Continued)




Linear

Transformation Matrix [1.15 -0.02 -0.03 0.9] 0.0001 0.9999

Transformation Matrix [-0.85 -0.2 -0.05 1.3] 0.0001 0.9999

Median Window Size:3x3 0.0001 1.0000 Window Size:4x4 0.0003 0.9999

Midpoint Window Size:3x3 0.0001 1.0000 Window Size:5x5 0.0002 0.9999

Line Removal Row:12,Col:9 0.0001 0.9999 Row:5,Col:51 0.0001 0.9999

Projection

Angle:5o Axis:1.00

Distance Factor:2.00 Radius Factor:2.00

0.0001 0.9999

Angle:30o Axis:1.00


0.0001 0.9999

Aspect Ratio

Xscale:0.80 Yscale:1.00 0.0001 0.9999 Xscale:1.00 Yscale:1.10 0.0001 0.9999

Rotation Angle:15o 0.0001 0.9999 Angle:45 o 0.0001 0.9999

Rotation Scale Angle:-2o 0.0012 0.9999 Angle:45 o 0.0001 0.9999

119



Row Column Removal

Row:17,Col:5 0.0002 0.9999 Row:5,Col:1 0.0001 0.9999

Up & Downsampling

Downsampling Factor:0.50 Upsampling Factor:2.00

0.0002 0.9999

Downsampling Factor :0.75

Upsampling Factor :1.30

0.0001

0.9999

Scale Scale factor:2 0.0001 0.9999

Scale factor:0.5 0.0001 0.9999 Sharpening Window Size:3x3 0.0002 0.9999

Shearing

xShear%:0 yShear%:5 0.0001 0.9999 xShear%:5 yShear%:5 0.0002 0.9999

Soft Thresholding Window Size:3x3 0.0002 1.0000 Window Size:5x5 0.0002 1.0000

Stirmark Compression Factor:15 0.0001 0.9999

Template Removal Compression Factor:10 0.0001 0.9999

Hard Thresholding Window Size:3x3 0.0008 0.9999 Window Size:5x5 0.0009 0.9991

Trim Median Window Size:3x3 0.0001 1.0000 Window Size:5x5 0.0003 0.9999

Warping

Warp Factor :3 0.0001 0.9999 Warp Factor :6 0.0001 0.9999

Warp Factor :12 0.0001 0.9999

120



Wavelet Compression






Weiner Filtering Window Size:3x3 0.0003 0.9999 Window Size:5x5 0.0002 0.9999

It is seen that the watermarks extracted have low error rate and their

NC values closer to unity. The readability of the watermarks has also been

ensured with the Zxing decoder. Interestingly, the extracted watermarks are

resistant to cropping attacks of up to 75% and compression attacks for

compression factors around 50. The intactness of the watermark under these

intense attacks is attributed to the exact construction of the Master Share

constructed out of the attacked images, which in turn is ascribed to the stability

of the lower order image invariants. The proposed work is compared with the

zero watermarking schemes proposed by of Hsu & Hou (2005), Wang &Chen

(2009) and Rawat & Raman (2012). For a fair comparison, attacks are run

with the parameters specified in the work of Rawat & Raman (2012) with

MATLAB software on the host images. The NC values of the watermarks

extracted from the attacked images are given in Table 4.2. It is seen that these

values are closer to unity for CT, mammogram, PET and X-ray images. For

121

nuclear and ultrasound images, these values are 1.0. Hence, it is evident that

the watermarks are reconstructed exactly and their intactness is testified with

the QR code decoder. Though the QR codes extracted from mammogram

images are readable, their NC values are comparatively lower. These schemes

are also compared under JPEG compression, median, blur, sharpening,

Gaussian noise, resizing and distortion attacks on the standard Lena, Baboon

and Boats images. The NC values of the extracted binary watermarks,

reported in the works of Hsu & Hou (2005), Wang &Chen (2009) and Rawat

& Raman (2012) are compared with that of the extracted QR codes in

Figure 4.8. It is seen that the proposed scheme has better robustness than the

other schemes, under all the attacks. The NC values of the proposed scheme

are closer to that reported by Wang &Chen (2009) and Rawat & Raman

(2012). These values are very high for the proposed scheme compared to that

reported in the work of Hsu & Hou (2005).

122

123

Figure 4.8 Comparison between proposed CT-SVD system and existing zero watermarking systems

4.2.7 Summary

The robustness characteristics demonstrated by the zero

watermarking system presented in this section signify its appropriateness for

deployment in healthcare institutions, for unmistakable patient identification

in dayhawk and nighthawk radiology practices. In addition to authentication

and controlled EHR access, it can be customized to enforce EHR sharing

based on patient consent, in which case the Secret Share must be possessed by

the patient. Further research can be carried out to tailor the framework to

provide fine-grained access to different parts of the clinical documents such

as EHR, EMR, PHI and Continuity of Care Records (CCR). Though the

system is testified to be robust with benchmarking software, it is compared

with similar systems with suitable test parameters for a fair evaluation.

Performance comparison shows that the proposed scheme offers better

robustness than other zero watermarking schemes reported in the literature.

4.3 ZERO WATERMARKING IN SVD DOMAIN

This section presents a zero watermarking scheme implemented in the SVD domain, a variant of the one presented in section 4.2. The purpose of

0.7

0.8

0.9

1

NC

Attacks

Hsu & Hou

Wang & Chen

Rawat & Raman

Proposed

124

this work is to evaluate the performance of the zero watermarking schemes in the SVD and the composite CT-SVD domains for resilience, security and robustness. A QR code watermark containing HL7 message segments with patient identification data along with onsite clinical observations is used for this investigation.

4.3.1 Background

In dayhawk and nighthawk radiology practices, necessary clinical data such as vital signs, medical history, lab test results etc. must accompany the image under study for a thorough interpretation, particularly on emergency radiology readings. PACS supports timely access to images irrespective of the geographical distance between referral and reading sites. In an Integrating Healthcare environment (IHE), both the PACS and HL7 standards are combined to provide an improved workflow. The HL7 Observation Result (ORU) message is commonly used to link clinical trials with lab results, image interpretations, pulmonary function studies, patient conditions etc.

The Observation Request (OBR) and OBX are the significant segments of ORU. The OBR is a report header which contains data such as order number, observation date/time etc. The OBX segment transfers the actual clinical observations. It contains 17 elements including the Observation Identifier, Observation Value, Responsible Observer, Observation Methods etc. Sometimes it can be followed by Order Common Information (ORC) which carries the details of orders, Notes and Comments (NTE) segments to provide notes and comments and Z segments which carry additional data. Though zero watermarking systems based on SVD exist in literature, they are implemented in the hybrid domains such that SVD is applied on the transform domains such as DWT, DFT and DCT. Only the scheme proposed by Ye (2011b) is implemented in the SVD domain. This scheme divides a host

125

image into non-overlapping blocks and subjects each block to SVD and transforms each singular matrix with DCT to generate the zero watermark.

4.3.2 Watermark Generation Process

The HL7 ORU-R01 message shown in Figure 4.9 which contains various message segments for patient identification and clinical observations is taken as the watermark.

Figure 4.9 Watermark contents - HL 7 ORU-R01 message

The entire message is encoded into a QR code of size 230x230x3 with

the ZXing software. To reduce the computational cost, only the binary

version of the inner region of size 109x109 excluding the quiet zone is taken

to be the watermark. The generated QR code and its trimmed form are shown

in Figure 4.10.(a) and Figure 4.10.(b) respectively.

MSH|^~\&|LCS|LCA|LIS|TEST9999|199807311532||ORU^R01|3630|P|2.2 PID|3|2161348473|20923085580|01572633|20923085580^TESTPAT||19730204| M|||^^^^00000-0000|||||||86427531^^^03|SSN# HERE PV1||I|^802^1||||8625^Physician^Michael|86-7468^||xxx|||||||||V1001 ORC|NW|8642753100013^LIS|20923085580^LCS||||||19980728000000|||PEED OBR|1|8642753100013^LIS|20923085580^LCS|083824^PANEL 083824^L|||19980728083600|||||| CH13380|19980728000000||||||20923085580||19980730041800|||F OBX|1|NM|150001^HIV-1 ABS-O.D. RATIO^L|||||||N|X OBX|2|CE|001719^HIV-1 ABS, SEMI-QN^L||HTN|||||N|F|19910123|| 19980729155700|BN NTE|1|L|Result: NEGATIVE by EIA screen. NTE|2|L|No antibodies to HIV-1 detected. OBX|3|CE|169999^.^L||SPRCS|||||N|F|||19980728130600|BN NTE|1|L|NOTE: Submission of serum NTE|2|L|separator tube recommended NTE|3|L|for this test. Thank you NTE|4|L|for your cooperation if you NTE|5|L|are already doing so. OBX|4|CE|169998^.^L||SPRCS|||||N|F|||19980728130600|BN ZPS|1|BN|LABCORP HOLDINGS|1447 YORK COURT^^BURLINGTON^NC^272152230|8007624344

126

(a) (b)

Figure 4.10 a) QR Code of ORU-R01 message b) Trimmed QR code

4.3.3 Secret Share Creation

Secret Share Creation procedure is the same as Algorithm 8 except

the selection of candidate subbands. In the SVD-based system, the host image

is divided into non-overlapping blocks and the candidate blocks are selected

from this block space. This procedure is given in Algorithm 10 and illustrated

with Figure 4.11.

Figure 4.11 Secret Share creation in SVD domain

Arnold Transform

Computation



MasterShare (Mshare)

Watermark (W)

Block Partitioning


Diagonal Matrices


f(Mshare,sw)

TNG Function



127

4.3.4 Watermark Construction

Watermark construction is performed using the extraction procedure

of Algorithm 11 in the SVD Domain and illustrated with Figure 4.12.

Algorithm 10 Secret Share creation in SVD domain

Input: Host Image H of size NxN, Watermark W of size mxm, Key (ki,kj) for

initial block selection, size of block bxb, Number of iterations i for Arnold

Transform

Output: Secret Share Sshare of size mxm

Step1. Perform a bxb block partitioning on H to generate N/bxN/b non-

overlapping blocks

Step2. Apply Arnold Transform on W to generate the scrambled watermark

SW

Step3. Repeat steps 4-8 for each bit Wij of watermark


creation; Increment ki and kj by 1 to select the next block; Compute

ki=ki+1 and kj=kj+1

Step5. Apply SVD on the selected block to generate U, S and V matrices

I1, I2 and I3 for S

Step7. Create a 3 bit Master Share Mshare from the sign bits of I1, I2 and I3

Step8. Encode Mshare and SW with equation (3.1) to generate Secret Share

Sshare, of size mxm; i.e. Sshare=f(Mshare,SW)

128

Figure 4.12 Watermark construction in SVD domain




Block Partitioning


Diagonal Matrices


Computation

Watermark(W)

C=sum(MShare,SW)

Compute C

Subtract Mshare from C

Arnold Transform



Algorithm 11 Watermark Construction in SVD domain

Input: Host image H of size NxN, Secret Share Sshare of size mxm, Key (ki,kj) for

initial block Selection, size of block bxb, Number of iterations i for Arnold

Transform

Output: Watermark W of size mxm

Step1. Perform a bxb block partitioning on H to generate non-overlapping N/bxN/b

blocks

Step2. Perform steps 3-8 for each element of Sshare

Step3.Apply Arnold transform on (ki,kj) to select a block for Master Share

creation; Increment ki and kj by 1 to select the next block;

Compute ki=ki+1 and kj=kj+1

Step4.Apply SVD on the selected block to generate U, S and V matrices

oments I1, I2 and I3 for S

Step6.Create a 3 bit Master Share Mshare from the sign bits of I1, I2 and I3

Step7.Compute C from Sshare with equation (3.2);

i.e., C=[sqrt(8*Sshare+1)-1]/2 where C=sum(Mshare, SW)

Step8. Subtract Mshare from C to get SW

Step9. Apply Arnold Transform to unscramble SW to get W

129

4.3.5 Experimental Results and Analysis

The proposed system is implemented and tested with MATLAB12

software. The algorithms are tested with host images of size 512x512

shown in Figure 4.6 (a)-(g) and the trimmed watermark of size109x109 in

Figure 4.11 (b). Initially, the key parameters are assumed to be bxb=4x4,

ki=64, kj=64, i.e., k=(64,64) and i=6 . Accordingly, the host image is divided

into 128x128 non-overlapping blocks each of size 4x4. By 6 iterations of

Arnold Transform, k is mapped to (127,62). For the watermark bit W11, the

block (127,62) is selected out of the 128x128 block space and SVD is

applied on it and I1,I2 and I3 are computed for the singular matrix. The sign

bit sequence of these invariants is the Master Share for W11. Similarly, the

Master Share is created for the rest of the watermark bits by incrementing

both ki and kj by1 to select subsequent candidate blocks. The Master Share is

combined with the watermark using TNG function to generate the Secret

Share. Similarly, on extraction, the Master Share is created following the

same procedure and is combined with the Secret Share to reveal the

watermark. The performance of the system is evaluated with BER, NC, SSIM

and UIQI metrics. These performance metrics illustrated in Figure 4.13 show

that the watermarks constructed are intact for all modalities.

130

131

The robustness to common signal processing and geometric attacks

is tested with the Checkmark software. The BER and NC values of the

watermarks extracted are listed in Table 4.3.

Table 4.3 Performance metrics under Checkmark attacks in SVD domain


Cropping

Cropped%:20 0.0006 0.9994

Cropped%:50 0.0006 0.9994

Cropped%:75 0.0010 0.9990

Dithering Compression Factor:15 0.0006 0.9994

Denoising &

Remodulation

Window Size:3x3 0.0005 0.9995

Window Size:5x5 0.0006 0.9994


assuming a correlated watermark

Window Size:3x3 0.0005 0.9995

Window Size:5x5 0.0006 0.9994

Gaussian

Window Size:3x3 0.0001 0.9999

Window Size:5x5 0.0001 0.9999

Hard Thresholding Window Size:3x3 0.0005 0.9995

Window Size:5x5 0.0005 0.9995

JPEG compression




132






Linear

Transformation Matrix [1.15 -0.02 -0.03 0.9]

0.0006 0.9994

Transformation Matrix [-0.85 -0.2 -0.05 1.3] 0.0006 0.9994

Median Window Size:3x3 0.0003 0.9997

Window Size:4x4 0.0008 0.9992

Midpoint Window Size:3x3 0.0009 0.9991

Window Size:5x5 0.0010 0.9990

Line Removal Row:12,Col:9 0.0006 0.9994

Row:5,Col:51 0.0006 0.9994

Projection

Angle:5o Axis:1o


0.0006 0.9994

Angle:30o Axis:1.00


0.0006 0.9994

Aspect Ratio

Xscale:0.80 Yscale:1.00 0.0006 0.9994

Xscale:1.00 Yscale:1.10 0.0006 0.9994

133



Rotation Angle:15o 0.0006 0.9994

Angle:45o 0.0006 0.9994

Rotation Scale

Angle:-2o Geometric Change:1 0.0010 0.9990

Angle:45o

Geometric Change:3 0.0008 0.9992

Row Column Removal

Row:17,Col:5 0.0006 0.9994

Row:5,Col:1 0.0006 0.9994

Up & Downsampling

Downsampling Factor:0.50 Upsampling Factor:2.00

0.0003 0.9997

Downsampling Factor :0.75

Upsampling Factor :1.30 0.0006 0.9994

Scale Scale Factor:2.0 0.0006 0.9994

Scale Factor:0.5 0.0006 0.9994

Sharpening Window Size:3x3 0.0008 0.9992

Shearing

x Shear%:0 y Shear%:5 0.0006 0.9994

x Shear%:5 y Shear%:5 0.0006 0.9994

Soft Thresholding Window Size:3x3 0.0005 0.9995

Window Size:5x5 0.0005 0.9995

Stirmark Compression Factor:15 0.0006 0.9994

134



Template Removal Compression Factor:10 0.0006 0.9994

Trim Median Window Size:3x3 0.0003 0.9997

Window Size:5x5 0.0006 0.9994

Warping

Warp Factor :3 0.0006 0.9994

Warp Factor :6 0.0006 0.9994

Warp Factor :12 0.0006 0.9994

Wavelet Compression






Weiner Filtering Window Size:3x3 0.0004 0.9996

Window Size:5x5 0.0008 0.9992

It is seen that the watermarks extracted are robust to all kinds of attacks and have NC values closer to unity. It has also been ensured that the extracted watermarks are readable by the Zxing decoder. Particularly, it is seen that the watermarks are resistant to cropping attacks of up to 75%. The intactness

in watermark construction. The performance of the system is also compared with

135

the works of Hsu & Hou (2005), Wang & Chen (2009) and Rawat & Raman (2012). Attacks are run on the host images with MATLAB software with the same parameters as in the work of Rawat & Raman (2012). The NC values of the watermarks extracted from the attacked images are shown in Table 4.4. It is seen that these values are closer to unity under all attacks except for mammograms. The proposed scheme is also compared with the works of Hsu & Hou (2005), Wang & Chen (2009) and Rawat & Raman (2012) under JPEG compression, median, blur, sharpening, Gaussian noise, resizing and distortion attacks on the standard Lena, Baboon and Boats images. Figure 4.14 shows the NC values of the extracted binary watermarks, reported in the works of Hsu & Hou (2005), Wang &Chen (2009) and Rawat & Raman (2012) and that of the extracted QR codes. It is seen that the proposed scheme has better robustness than the others under all the attacks.

From the results reported in Section 4.2.6 on CT-SVD based zero watermarking system and the results reported in this section, it is evident that the CT-SVD based system has better robustness.

136

137

Figure 4.14 Comparison between proposed SVD system and existing zero watermarking systems

4.3.6 Summary

A robust watermarking system in the SVD Domain has been

proposed in this section for authentication and improved interpretation of

radiology images. The system exhibits resilience to a variety of geometric and

non-geometric attacks and is suitable for deployment in healthcare institutions

to authenticate medical images and provide supplementary clinical data to a

remote radiologist.

4.4 PERFORMANCE EVALUATION OF CT-SVD AND SVD

BASED ZERO WATERMARKING SYSTEMS

The experimental results clearly show that the proposed systems

are robust to both signal processing and geometric attacks. In addition to

robustness, the proposed systems have a stringent requirement that the

watermarks constructed from the attacked images must be recognized by a

QR code decoder. It has been verified that, all the watermarks extracted from

the attacked images have been decoded by the ZXing decoder.

0.7

0.8

0.9

1

NC

Attacks

Hsu & Hou

Wang & Chen

Rawat & Raman

Proposed

138

Further, this section presents a comparison of both the systems

with the conventional watermarking system proposed by Kim et al (2010),

which embeds a QR code in the spatial, DFT and FFT domains of the Lena

image. The proposed CT-SVD and SVD based systems are tested with the

512x512 Lena image, and the QR code in Figure 4.2(b) and Figure 4.10 (b)

respectively. The BER values of the watermarks extracted from the Lena

image under JPEG compression, Shrinkage and Rotation attacks are taken

for comparison as shown in Tables 4.5, 4.6 and 4.7 respectively; the tables

contain the best values reported by Kim et al (2010) under each attack,

irrespective of the embedding domain. From the experimental results, it is

evident that the proposed systems offer better robustness. It is also evident

that the CT-SVD-based system offers better robustness compared to the

SVD-based system.

The computational complexity analysis of the systems is

presented in Figure 4.15(a) and (b) for watermark embedding and

extraction algorithms respectively. Interestingly, the system implemented

in the CT-SVD domain exhibits lesser complexity. Though it involves the

additional step for contourlet decomposition compared to SVD-based, it

consumes less time as the block space is reduced to the size of the

watermark by the decomposition.

139

(a)

(b)

Figure 4.15 Computational time (a) Embedding (b) Extraction

88.05

8.18.15

8.28.25

8.38.35

8.48.45

8.5

CT-SVD

SVD

88.18.28.38.48.58.68.78.8

CT-SVD

SVD

140

141

142

143

4.5 SECURITY ANALYSIS

Similar to conventional watermarking systems, security is a

challenging issue in zero watermarking systems as well. In this section,

security analysis of the proposed systems is presented with the assumption

that, the algorithms for Secret Share construction and watermark extraction

are public, according to the well-

evident that the security of zero watermarking systems is based on the

confidentiality of the Secret Share. The security of the proposed schemes is

demonstrated by showing that it is unrealistic for an adversary to construct a

Secret Share from a host image. Rather, the security of a zero watermarking

system is greatly influenced by Master Share creation, the first step towards

Secret Share creation and watermark construction. From the proposed

algorithms, it is understood that Master Share creation depends on the

following parameters for candidate block selection.

P1 Number of levels of contourlet decomposition

This parameter can be selected based on the size of the watermark

W. Though this parameter does not offer too many choices within the

permissible space, running the algorithm with even a few options would be

computationally expensive.

P2 Number of non-overlapping blocks in the LF band

This parameter also depends on the size of the watermark W. Block

partitioning can be performed so that the number of blocks is the same as or

greater than that of W. Running the algorithms with different values of this

parameter also is not viable.

144

P3 Position of the initial block for Arnold Transform

In the proposed system, only the position of the first block out of the n/bxn/b space is arbitrarily selected to embed W11 initially. The subsequent blocks are selected by applying the Arnold Transform on the neighboring positions. Identifying the exact candidate block is also impracticable due to the size of the search space.

P4 Number of iterations of the Arnold Transform

This parameter also determines the selection of candidate blocks for watermarking. The larger the number of iterations, the greater will be the distance between the selected and the mapped positions. Running the algorithm with different number of iterations also is unrealistic.

The parameters P1, which is the number levels of contourlet decomposition, is exclusive for CT-SVD-based system and the other parameters are common to both the systems. The key space for each of the systems is given below as KEYSPACECT-SVD and KEYSPACESVD for the systems based on CT-SVD and SVD domains respectively .

KEYSPACECT-SVD =

{ P1 = [1,2,3], assuming a maximum of 3levels

P2 = [128x128,64x64,32x32],

P3 =

P4 = aximum of 10 iterations }

KEYSPACESVD =

{ P2 = [128x128,64x64,32x32],

P3 = P2=128x128

P4 =

145

Further, a three bit sign sequence is to be constructed out of the

infeasible for an adversary to construct a Master Share by brute force

approach with assumptions on the above parameters. This in turn makes it

difficult to construct the Secret Share to defeat the system.

4.6 DISCUSSIONS

From the experimental results, it is evident that both the systems

are robust to different types of attacks. Though BER and NC values are

comparatively better in CT-SVD-based system, the watermarks extracted

with the SVD-based system are also decodable by the ZXing software. The

degradation in these metrics in the SVD domain cannot be attributed to the

size of the watermark, as the watermarks are not physically embedded into

the host images. The improved performance in the CT-SVD domain is

attributed to the ability of the CT to capture finer details and the stability of

the SVD.

Robustness of the proposed systems is attributed to the resilience of

the Master Share against attacks. The proposed systems exploit the invariant

nature of the image moments in the composite CT-SVD transform and the

SVD domains to construct the Master Shares. Here, the Master Share is the

sign bit sequence of the lower order image moments, which are proved

with

intensive attacks such as cropping and histogram equalization. While the

former leads to loss of original host data, the latter causes changes in global

image contrast leading to noticeable modifications. The invariant nature of

st these attacks can be testified with their log-scaled

representation.

146

The log-

image in Figure 4.6 (a) and its cropped versions are given in Table 4.8. It is

seen that even with 75% of cropping, the moment magnitudes are closer to

the original image and there is no sign reversal as well. As Master Shares are

created out of the sign bits of these invariants in the stable CT-SVD and SVD

domains, there is no significant variation in them, irrespective of the level of

cropping. This in turn attributes to the intactness of the watermark

constructed. However, though NC values are similar for the watermarks

extracted from the three cropped images, the BER is slightly higher for the

one extracted from the images cropped by 75% as evidenced from Table 4.2

and Table 4.3. Similarly, the log-

original host images and corresponding histogram equalized images are given

in Table 4.9. Under histogram equalization, wide deviation in magnitude is

observed in I1, I2 and I3 for the PET image, and signs are preserved invariably

for all the images for the four lower order moments. Hence, the three lower

order moments are sufficient to achieve robustness under these attacks.

Generally, XOR function is employed in Secret Share creation and

watermark construction algorithms due to its lower computational

complexity, right from the first work on zero watermarking by Chang et al

(1999) to the latest work by Tsai et al (2013). However, these zero

watermarking systems invariably based on SVD, suffer from false positives.

Hence, it is essential to register the Secret Share with a TTP to resolve

disputes. Though the proposed systems employ the TNG function with high

computational complexity, they intrinsically possess the ability to resolve

false positives as the Secret Share can be blindly factored to the Master Share

and the scrambled watermark. This Master Share can be compared with the

one created out of the falsified image to resolve ambiguities.

147

148

149

4.7 CONCLUSION

In this section, zero watermarking systems for embedding host

images with HL7 ADT and ORU messages and an authentication framework

are proposed. They have potential applications in teleradiology environments

for unambiguous patient identification, improved radiology image

robustness and security characteristics demonstrate their reliability for

possible deployment in healthcare institutions to offer teleradiology services

with well-defined workflow. From the computational complexity and the

performance metrics, it is evident that the CT-SVD-based system is better

than the SVD-based system. Though the systems display resilience to

common image processing attacks, extensive studies are required to evaluate

their performance against intense noise attacks.

Documents

CHAPTER 4 ZERO WATERMARKING FOR MEDICAL IMAGE AUTHENTICATIONshodhganga.inflibnet.ac.in/bitstream/10603/34258/9/09_chapter4.pdf · ZERO WATERMARKING FOR MEDICAL IMAGE AUTHENTICATION