Self-Embedding Authentication Watermarking with Effective Tampered Location Detection and High-Quality Image Recovery

Recently, sensor networks have emerged as a high-impact research area, and a number of high profile applications have been proposed. Although significant progress has already been made on securing basic network protocols, additional research is needed to produce techniques and methods for protecting canonical tasks in wireless sensor networks. In this paper, we propose an effective self-embedding authentication watermarking method for tampered location detection and image recovery. The proposed detection method is classified into block-wise and pixel-wise. In block-wise detection, if the size of the block is small, the false positive rate (FPR) will be low. In pixel-wise detection, when the tampered pixels are detected, only the corresponding pixel area is marked. Therefore, the FPR will be lower than that of the block-wise detection. The experimental results demonstrate that the proposed method was effective, and accurate tamper detection and high-quality recovery can be realized even in highly tampered images.


Introduction
Recently, sensor networks have emerged as a high-impact research area and a number of high profile applications have been proposed. Sensors are usually distributed in a sensory field and are used for applications, such as smart home, environmental monitoring, battlefield surveillance, information collection, etc. [1]. Wireless sensor networks (WSN) are distributed embedded systems where each unit is equipped with a defined amount of computation, communication, storage, and sensing resources. Such sensor networks have the capacity to store information not only about one or more users but they also contain a great deal of information about their past and even future actions. Moreover, once the sensors have been equipped with actuators, both the sensors and the environment can be impacted in a number of ways. However, WSNs are highly prone to security attacks intrinsically due to their deployment, their hardware, and their resource constraints. They are often deployed in uncontrolled and sometimes even hostile settings. The wireless communication networks on a large scale can be easily observed and interfered with. It is possible to manipulate the sensor networks even without interfering with the electronic subsystem of the node and actuators which can pose strong safety and hazard concerns. In addition, they have constraints in terms of energy and, therefore, extensive on-line security checking is not feasible. Therefore, wireless sensor network (WSN) nodes are complex component systems with numerous weak points from a security point of view. The role of security in type of data is the information the user of the network expects from the network. The distinction of these two types of data [35] gives us a hint on where watermarking can take place: (i) during the process of sensing data (original data capturing); (ii) during the process of processing the original data. Since most image tampering detection methods are based on image blocks and ignore characteristics of the image blocks, it results in poor image quality after hiding the watermark. Therefore, in 2011 Lee et al. [16] proposed a semi-blind watermark scheme exploiting a self-reference image by using just noticeable distortion (JND) approach for digital image protection and authenticity. Hsu and Tu [23] in 2016 proposed adaptive embedding rules for the detection and recovery of image tampering that apply different hiding, detection, and recovery methods according to the block's level of smoothness. The method mentioned above is implemented in the image's spatial domain during the watermark generation process. If the recovery information is generated in the frequency domain, the quality of the recovered image will be much higher. In 2014, Lo and Hu [27] proposed a new reversible image authentication method which uses pseudo-random numbers to generate authentication data to serve as watermarks and uses a prediction-based histogram shifting scheme to embed the watermark into the original image. The complete watermark can be retrieved if the watermarked image has not been tampered with, and the watermarked image can be restored to the original image. In 2016, Singh and Singh [29] proposed an effective self-embedding watermarking method for image tamper and recovery capability positioning. This method uses Discrete Cosine Transformation (DCT) to generate authentication and recovery data from the image. During the embedding process, authentication data will be embedded in the block itself, and recovery bits will be embedded in mapping blocks, which increases the performance of image tamper detection. Because DCT is used to generate recovery data, the image quality will be better than the previous methods used in the past. Moreover, some studies have found that original images were unrecoverable if irreversible data hiding methods were used to embed watermarks. Therefore, reversible data hiding methods are used mostly to embed watermarks. The function of this method is that the original image can be recovered if the watermarked image has not been tampered with. However, it can only locate the tampered area and cannot recover the image.
In 2016, Yin et al. [30] proposed a method to improve Lo and Hu's approach [27]. It uses a Hilbert Curve to scan the entire image and allows neighbor pixel values to group together. Pixel value ordering (PVO) is then used to embed the watermark. This method enables better control of the changes in pixel value and watermark can be embedded according to the block's complexity as well.
In 2017, Qin et al. [31] proposed a fragile image watermarking method with pixel-wise recovery based on overlapping embedding strategy. First, the original image I O (with a size of w × h) is divided into overlapping blocks B with a size of 3 × 3. Every block B m,n (m = 1, 2, . . . , h/2, n = 1, 2, . . . , w/2) should consist of three pixels that overlap with neighboring blocks. Then the embedding rule is applied which requires that every center pixel of each block should contain the authentication data A, and either one or two bits of the recovery data needs to be embedded in the pixel. The complexity level of the block is calculated, and two thresholds levels are used to determine whether the block is complex, general or smooth. Two to four bits of authentication data have different authentication data A according to their degree of complexity. The authentication data A is then generated by using the Hash function of the pixel value, block number, as well as the image's name or ID. Its length is set according to the degree of complexity of the block. The generation of the recovery data R is then calculated by averaging the pixel value of M and its six most significant bits as M , and further combined with the entire M image as U with a length of 6 × (h × w/4). Thereafter, U is then scrambled and divided into k sub-sets by using the SK secret key. Each set contains four bits of recovery data R for each block. Authenticated and recovery data are then embedded in each block.
In 2018, Tai and Liao [33] proposed an efficient block-based fragile watermarking scheme for image tamper detection and self-recovery. In their method, the authentication and the recovery information were both generated by using the wavelet transform rather than the common block average method. The 4-bit authentication code was generated by using the low-frequency sub band of Haar wavelet transform of each block, and the 28-bit recovery code was produced by the low-frequency sub band and two high-frequency sub bands. To break the independency of each block the method used block mapping technique called Arnold's cat map transform to scramble the image blocks. The authentication code and recovery code were then embedded from other blocks into each block.
Each of the five fragile watermarking techniques discussed above has their own advantages and disadvantages. The two methods of Lo and Hu [27] and Yin et al. [30] made use of reversible data hiding techniques to embed a watermark into the image so that the watermarked image can be restored to original image when no tampering occurs in the image. However, these two methods do not provide any recovery scheme to restore the tampered images, which means that they do not have the ability to recover the original image after the image has been tampered. The method proposed in this paper has designed a recovery scheme using mean value and block enlarger techniques to resolve this issue. In another method proposed by Singh and Singh [29], they used DCT (Discrete Cosine Transformation) to generate authentication and recovery information. The advantage of using DCT is that the recovered image quality will better as compared to other methods which just use the mean value to restore the original image. The methods proposed by Hsu and Tu [23] also have the advantage of better image quality of the recovered image as their methods use different procedures to recover information based on the level of smoothness of the block in the image. However, the experimental results of our proposed method have shown better performance in terms of image quality of the recovered image when compared to Singh and Singh's [29] and Hsu and Tu's [23] methods. The method of Qin et al. [31] can only detect the tamper when the tamper ratio is below 45%, and the proposed method not only enhances the recover image quality than the previous studies but also resolve the tamper detection issue of the Qin et al. [31] method. The method proposed by Tai and Liao have better recovery performance compared to other methods. However, when dealing with highly complex images their peak signal to noise ratio (PSNR) of recovered image is not quite good. Our proposed method overcomes this limitation.

Proposed Method
The image authentication technology proposed by our method can detect and locate tampered area as well as recover the tampered area. To detect tampered areas more accurately and improve their recovery effectively, our method proposes image authentication technology based on block-wise and pixel-wise detection methods. According to the experimental results, the error rate of the pixel-wise method is lower than the block-wise method. The quality of images recovered from using either pixel-wise or block-wise image authentication method is higher compared to other methods using fragile authentication method.

Description of Symbol Definitions
This section defines and describes all the symbols used in this paper.

1.
W: the weight of the original image 2.
H: the height of the original image 3.
I O : the original image 4.
I W : the watermarked image 5.
I T : the tampered image 6. 13. BM i : the mapping block 14. M i : the mean value of each block 15. R i : the recovery data of each block 16. A i : the authentication data of each block 17. R i : the recovery data that is generated from I T 18. A i : the authentication data that is generated from I T 19. k: the size of the authentication data 20. q: the number of bits that will be embedded into each pixel 21. T i : the table that is marked whether it has been tampered with 22. TM i : the mapping table of T i 23. L: the enlarged image

Block-Wise Detection
First, the original image I O with a size of H × W is divided into N number of non-overlapping blocks B i (i = 1, 2, . . . , N) of m × n sizes. Recovery data, M i , is the mean value of each block B i , and the authentication data is created by encrypting the block information. The embedding process uses the least significant bit (LSB) replacement method to embed every q number of LSB pixel values in each block, which combines the k-bits authentication data A i and recovery data for mapping block BM i . The flowchart of watermark embedding process is shown in Figure 1. The following steps provide a detailed description on watermark generation and embedding process.
Step 1. The original image I O is divided into N non-overlapping blocks B i (i = 1, 2, . . . , N). The size of each block B i is m × n.
Step 2. Using Equation (1) calculate the 8-bit mean value M i of each block as this block's recovery data.
Step 3. The N pseudo-random numbers rm i {1, 2, . . . , N}, i = 1, 2, . . . , N are generated using the secret key SK. According to rm i , the mapping block BM i , that corresponds to block B i , is created. The relationship between the original block B i and the mapping block BM i is shown in Equation (2). And the recovery data R i of the block B i is the mean value M rm i of the mapping block BM i , as shown in Equation (3). Table 1 shows the relationship between the original block and the mapping block.
Step 4. The k-bit authentication data A i of each block B i is generated by Equations (4) and (5).
Step 5. The watermark W i that will be embedded into each block B i is generated using Equation (6).
Step 6. Finally, the watermark W i is embedded into the q-LSB of each block using the least significant bit (LSB) replacement method.
In the image tamper detection process, steps of generating authentication data are similar to the steps mentioned in the section above. These steps are used to obtain -bit authentication data ' for block . The authentication data that was embedded in block is then extracted from the tampered image . Comparing the similarity of the authentication data that was embedded in Block , to the re-calculated authentication data ' , if ' = , indicates that the image was not tampered. On the other hand, if the extracted authentication data differs from the re-calculated authentication ' ( '  ), it indicates that the image block may have been tampered. We mark these image blocks as tampered areas. The flowchart of the tamper detection process is shown in Figure 2. The following steps provide a detailed description on tamper detection and image recovery methods.
Step 1. The tampered image is divided into non-overlapping block . Each block's size is × .
The re-calculated authentication data ' of the block is generated by Equations (4) and (5) from .
Step 3. The watermark is extracted from the -LSB of the block 's pixel in . And using the function RightSubBit( , ), the extracted authentication data is extracted from the right bits of .
The re-calculated authentication data ' is compared with the extracted authentication data . According to Equation (7), if the result is not the same, then = 1, and it represents this block as a tampered block'. Otherwise, if the result is the same, then = 0, and it represents this block as not a tampered block'.
In the image tamper detection process, steps of generating authentication data are similar to the steps mentioned in the section above. These steps are used to obtain k-bit authentication data A i for block B i . The authentication data A i that was embedded in block B i is then extracted from the tampered image I T . Comparing the similarity of the authentication data A i that was embedded in Block B i , to the re-calculated authentication data A i , if A i = A i , indicates that the image was not tampered. On the other hand, if the extracted authentication data A i differs from the re-calculated authentication A i (A i A i ), it indicates that the image block may have been tampered. We mark these image blocks as tampered areas. The flowchart of the tamper detection process is shown in Figure 2. The following steps provide a detailed description on tamper detection and image recovery methods.
Step 1. The tampered image I T is divided into non-overlapping block B i . Each block's size is m × n.
Step 2. The re-calculated authentication data A i of the block B i is generated by Equations (4) and (5) from I T .
Step 3. The watermark W i is extracted from the q-LSB of the block B i 's pixel P i j in I T . And using the function RightSubBit(W i , k), the extracted authentication data A i is extracted from the right k bits of W i .
Step 4. The re-calculated authentication data A i is compared with the extracted authentication data A i . According to Equation (7), if the result is not the same, then T i = 1, and it represents this block as 'a tampered block'. Otherwise, if the result is the same, then T i = 0, and it represents this block as 'not a tampered block'.
Step 5. The block B i and the tamper mark table T i generate the mapping block BM i and the mapping tamper mark table TM i using the secret key SK, respectively.
Step 6. For the mapping block BM i that is TM i = 0, the recovery data R i is extracted from the 8-MSB of the watermark W i .
Step 7. If the tampered image I T is not tampered, then the extracted recovery data R i is the 1/(m × n) multiple images of the original image I O . But if the image is tampered, then the extracted recovery data image will have lost pixels. Because the image texture is coherent, we can use the surrounding pixel values to fill in the lost pixels value by interpolation method.
Step 8. The enlarged image L is generated by Bicubic Interpolation function [36].
Step 9. The lost block (T i = 1) is filled by the corresponding block of the enlarged image L, and then the recovery image I R is generated.
Step 5. The block and the tamper mark table generate the mapping block and the mapping tamper mark table using the secret key , respectively. Step 6.
For the mapping block that is = 0, the recovery data is extracted from the 8-MSB of the watermark .
If the tampered image is not tampered, then the extracted recovery data is the 1/(m × n) multiple images of the original image . But if the image is tampered, then the extracted recovery data image will have lost pixels. Because the image texture is coherent, we can use the surrounding pixel values to fill in the lost pixels value by interpolation method.
The enlarged image is generated by Bicubic Interpolation function [36].
The lost block ( = 1) is filled by the corresponding block of the enlarged image , and then the recovery image is generated.

Pixel-Wise Detection
The block-wise detection method was introduced in the previous section. As the authentication data is based on blocks, when tampered pixels are detected, the entire block to which the pixel belongs will be marked as tampered. However, if authentication data is embedded based on pixels, then only the tampered pixels will be marked as tampered when detected. Therefore, when embedding authentication data, the pixel-wise image authentication method is much more accurate than those based on the block-wise image authentication method. This section describes a data hiding technique based on the pixel-wise image authentication method.
The process of generating a watermark is similar to the method based on block detection. The flow chart is shown in Figure 3 and the following steps provide a detailed description of the watermark generation and the embedding process: Step 1. The original image is divided into 4 × 4 non-overlapping blocks .
According to Equation (1), the mean value of each block is calculated. The mean value of each block has two copies, as in Equation (8). The non-repeating pseudo-random

Pixel-Wise Detection
The block-wise detection method was introduced in the previous section. As the authentication data is based on blocks, when tampered pixels are detected, the entire block to which the pixel belongs will be marked as tampered. However, if authentication data is embedded based on pixels, then only the tampered pixels will be marked as tampered when detected. Therefore, when embedding authentication data, the pixel-wise image authentication method is much more accurate than those based on the block-wise image authentication method. This section describes a data hiding technique based on the pixel-wise image authentication method.
The process of generating a watermark is similar to the method based on block detection. The flow chart is shown in Figure 3 and the following steps provide a detailed description of the watermark generation and the embedding process: Step 1. The original image I O is divided into 4 × 4 non-overlapping blocks B i .
Step 2. According to Equation (1), the mean value M i of each block B i is calculated. The mean value of each block has two copies, as in Equation (8). The non-repeating pseudo-random sequence RM = {rm 1 , rm 2 , . . . , rm N×2 } is generated by the secret key SK. And two copies of the mean value are scrambled by Equation (9) as the recovery data R. The recovery data R i which will be embedded into each block B i is M rm i M rm i+N . The reason for embedding two copies of the block mean value in the image is that the survival chances of the recovery data may increase after the image has been maliciously tampered.
Step 3. According to Equation (10), the 8-bit encryption code H i j is generated by hash function after extracting 5 most significant bits (MSBs) of each pixel value P i j . Then the 8th least significant bit (LSB), the 7th LSB, the 2nd LSB, the 1st LSB, and the 6th LSB, the 5th LSB, the 4th LSB, the 3rd LSB of the encryption code H i j are calculated by exclusive or (XOR) operation, respectively. Thereafter, the authentication data A i j = {a 1 , a 2 } is generated.
Step 4. Finally, the recovery data R is embedded into 1st LSB of each pixel value in each block, and the authentication data {a 1 , a 2 } is embedded into the 2nd LSB and the 3rd LSB of the pixel, respectively.
In the tamper detection process, since authentication data is embedded based on pixels, the tampered pixels will be marked when any tamper is detected. Therefore, the result of tamper detection is much more accurate for the pixel-wise method compared to the block-wise method. The following steps provide a detailed description of tamper detection and self-recovery.
Step 1. Similar to the tamper detection and image recovery process described in Section 3.2, the re-calculation of authentication data A i j is done from each pixel of the tampered image I T with reference to Equation (10) and Figure 4.
Step 2. The authentication data A i j is extracted from the 2nd and the 3rd LSBs of each pixel P i j , and is compared with the re-calculated authentication data A i j .
Step 3. If the extracted authentication data A i j is the same as the re-calculated authentication data A i j , then the pixel is not tampered and T i = 0. In other cases, the pixel is tampered and T i = 1.
Step 4. First, the entire image is divided into non-overlapping blocks. For T i = 0, the 1st LSB of each pixel in the block is extracted from the block of the non-tampered pixel, and combined as the recovery data R i of that block. Step 5. Since the recovery data R i are the two copies of the block mean value that were disrupted, the recovery data is sorted using the secret key SK.
Step 6. If the number of the extracted mean value is less than half of the number of the original mean value, then skip to Step 8; otherwise, the tampered pixel is recovered from Step 7.
Step 7. The recovery data R i is combined as a smaller image, and the lost pixel value is filled by the interpolation method. The tampered pixel is corrected to the pixel of the smaller image.
Step 8. If the recovery data is incomplete, the tampered pixel cannot be recovered. So the mean value of the surrounding eight pixel values is calculated, and the tampered pixel is corrected to this value.
Sensors 2019, 19, x; www.mdpi.com/journal/sensors Step 3. According to Equation (10), the 8-bit encryption code is generated by hash function after extracting 5 most significant bits (MSBs) of each pixel value . Then the 8th least significant bit (LSB), the 7th LSB, the 2nd LSB, the 1st LSB, and the 6th LSB, the 5th LSB, the 4th LSB, the 3rd LSB of the encryption code are calculated by exclusive or (XOR) operation, respectively. Thereafter, the authentication data A = , is generated.
Step 4. Finally, the recovery data is embedded into 1st LSB of each pixel value in each block, and the authentication data , is embedded into the 2nd LSB and the 3rd LSB of the pixel, respectively.   In the tamper detection process, since authentication data is embedded based on pixels, the tampered pixels will be marked when any tamper is detected. Therefore, the result of tamper detection is much more accurate for the pixel-wise method compared to the block-wise method. The following steps provide a detailed description of tamper detection and self-recovery.
Similar to the tamper detection and image recovery process described in Section 3.2, the re-calculation of authentication data ' is done from each pixel of the tampered image with reference to Equation (10) and Figure 4.
The authentication data is extracted from the 2nd and the 3rd LSBs of each pixel , and is compared with the re-calculated authentication data ' .
If the extracted authentication data is the same as the re-calculated authentication data ′ , then the pixel is not tampered and = 0 . In other cases, the pixel is tampered and = 1.

Experimental Results and Comparison
The experimental results of this paper are performed using MATLAB 2017a in a Windows 10, Intel Core i7 3.60 GHz system with 4 GB of memory. We used six grayscale images of size 512 × 512 (Lena, Baboon, Peppers, Airplane, Tiffany, Lake) as shown in the Figure 6. For the measurement results of tampered detection, we evaluated the error rate of tampered detection by False Negative Rate (FNR) and False Positive Rate (FPR). The algorithm is shown in Equations (12) and (13). The error of tampered detection is divided into False Negative (FN) and False

Experimental Results and Comparison
The experimental results of this paper are performed using MATLAB 2017a in a Windows 10, Intel Core i7 3.60 GHz system with 4 GB of memory. We used six grayscale images of size 512 × 512 (Lena, Baboon, Peppers, Airplane, Tiffany, Lake) as shown in the Figure 6.

Experimental Results and Comparison
The experimental results of this paper are performed using MATLAB 2017a in a Windows 10, Intel Core i7 3.60 GHz system with 4 GB of memory. We used six grayscale images of size 512 × 512 (Lena, Baboon, Peppers, Airplane, Tiffany, Lake) as shown in the Figure 6. For the measurement results of tampered detection, we evaluated the error rate of tampered detection by False Negative Rate (FNR) and False Positive Rate (FPR). The algorithm is shown in Equations (12) and (13). The error of tampered detection is divided into False Negative (FN) and False For the measurement results of tampered detection, we evaluated the error rate of tampered detection by False Negative Rate (FNR) and False Positive Rate (FPR). The algorithm is shown in Equations (12) and (13). The error of tampered detection is divided into False Negative (FN) and False Positive (FP). The False Positive is the number of the pixel that is a non-tampered pixel but is detected as tampered; the False Negative is the number of pixels that are tampered but are detected as a non-tampered pixel. And TP (True Positive) denotes the number that are correctly detected for the tampered pixel, and TN (True Negative) denotes the number that are correctly detected for the untampered pixel [35].
The image quality measurement of the watermarked image and the recovered image uses peak signal to noise ratio (PSNR). As a result, if the image has a higher PSNR, the image quality is better. Their equations are represented as Equations (14) and (15), where H and W are the height and width of the image, and I O (i) and I T (i) are the ith pixel of the original image and the measured image.
In addition, we also use the Structural Similarity Index (SSIM) to measure the similarity between the original image and the watermarked image. The higher SSIM value indicates that the similarity between the original image and the watermark image is higher. The calculation method is shown in Equation (16), where µ x and µ y are the average values of the original image and the watermarked image, σ xy is the co-variation of the original image and the watermarked image, and σ x and σ y are the variation of the original image and the watermarked image, respectively. C 1 and C 2 are constants.

Digital Image Tamper Detection
This section analyzes and explores embedding methods utilizing different block sizes. For the block-wise detection method, we used three different block sizes of 2 × 4, 3 × 3, and 4 × 4, to examine and compare error rates as well as image quality. The results obtained are as shown in Table 2. The tamper rate is set at 10%. The condition of q = 3, k = 16 is set for the 2 × 4 block size, which indicates that the watermark is embedded in the 3 LSBs of each pixel and the authentication data length is 16-bit. The false positive rate (FPR) is 0.17335% and the image quality of the watermarked and recovered images are PSNR (w) = 41.28 dB and PSNR (r) = 44.48 dB, respectively. Under the condition of q = 3, k = 16, the FPR is 0.13257% for 3 × 3 block size, which is lower than the FPR for 2 × 4 block size. The difference in the block size will affect FPR, as the entire block will be marked as a tampered block when a tampered pixel is detected using this method. The watermark image quality PSNR (w) and recovered image quality PSNR (r) for images divided into 3 × 3 blocks are slightly better than that of images divided into 2 × 4 blocks. Lastly, when the block size is 4 × 4 and the condition is set to q = 2, k = 24, the PSNR (w) = 47.32 dB, which is much higher than the other two block sizes; and PSNR (r) = 44.68 dB, which is slightly higher when compared to the other two block sizes. This may be because the watermark is only embedded in the 2 LSBs of a pixel. Overall, the quality of the recovered images PSNR (r) are similar to each other, which is about 44 dB. Figure 7 shows the results of tamper detection and recovery from salt and pepper noise attack. Figure 7c is the tamper detection result, which shows no error in detection. Figure 7d is the result of the recovered image, which shows that its image quality, PSNR (r) , is 40.68 dB. In Figure 8, a flower is added on top of Lena's hat, and the block-wise detection method was used. Figure 8a-c shows tampered images with a tamper rate of 4.4%. Figure 8d-f shows the detection results, and Figure 8g-i shows recovered images. The quality of recovered images is all above 45 dB. Figure 9 indicates the tamper detection results using 4 × 4 blocks. Figure 9a-d are tampered images of Lena, Baboon, Airplane, and Lake, with a tamper rate of 3.7%. Figure 9e-h are the results of image recovery, and the image quality PSNR (r) are all above 45 dB. It is evident that our proposed image authentication method could resist diverse tampering attacks.  Figure 7 shows the results of tamper detection and recovery from salt and pepper noise attack. Figure 7c is the tamper detection result, which shows no error in detection. Figure 7d is the result of the recovered image, which shows that its image quality, PSNR (r) , is 40.68 dB. In Figure 8, a flower is added on top of Lena's hat, and the block-wise detection method was used. Figure 8a-c shows tampered images with a tamper rate of 4.4%. Figure 8d-f shows the detection results, and Figure 8g-i shows recovered images. The quality of recovered images is all above 45 dB. Figure 9 indicates the tamper detection results using 4 × 4 blocks. Figure 9a-d are tampered images of Lena, Baboon, Airplane, and Lake, with a tamper rate of 3.7%. Figure 9e-h are the results of image recovery, and the image quality PSNR (r) are all above 45 dB. It is evident that our proposed image authentication method could resist diverse tampering attacks.    Figure 7 shows the results of tamper detection and recovery from salt and pepper noise attack. Figure 7c is the tamper detection result, which shows no error in detection. Figure 7d is the result of the recovered image, which shows that its image quality, PSNR (r) , is 40.68 dB. In Figure 8, a flower is added on top of Lena's hat, and the block-wise detection method was used. Figure 8a-c shows tampered images with a tamper rate of 4.4%. Figure 8d-f shows the detection results, and Figure 8g-i shows recovered images. The quality of recovered images is all above 45 dB. Figure 9 indicates the tamper detection results using 4 × 4 blocks. Figure 9a-d are tampered images of Lena, Baboon, Airplane, and Lake, with a tamper rate of 3.7%. Figure 9e-h are the results of image recovery, and the image quality PSNR (r) are all above 45 dB. It is evident that our proposed image authentication method could resist diverse tampering attacks.    The block-wise detection method that we proposed uses a 4 × 4 block size. Each image's PSNR and error rate for different tamper rates are shown in Table 3. Since watermark authentication data are embedded in the 2 LSBs of a pixel, the PSNR (w) of every image is higher than 47 dB. When the tamper rate is 10%, the PSNR (r) of the recovered image is close to 50 dB for Lena's image. At a high tamper rate of 50%, the recovered image PSNR (r) of each image is still above 32 dB. Airplane and Tiffany images are the best performing images with a PSNR (r) = 36.79 dB. With respect to error rate, since our method uses blocks to detect tampered blocks, the error rate is lesser subjected to the effects of higher tamper rates when clipping attacks occur.   The block-wise detection method that we proposed uses a 4 × 4 block size. Each image's PSNR and error rate for different tamper rates are shown in Table 3. Since watermark authentication data are embedded in the 2 LSBs of a pixel, the PSNR (w) of every image is higher than 47 dB. When the tamper rate is 10%, the PSNR (r) of the recovered image is close to 50 dB for Lena's image. At a high tamper rate of 50%, the recovered image PSNR (r) of each image is still above 32 dB. Airplane and Tiffany images are the best performing images with a PSNR (r) = 36.79 dB. With respect to error rate, since our method uses blocks to detect tampered blocks, the error rate is lesser subjected to the effects of higher tamper rates when clipping attacks occur.  Table 4 shows a comparison of efficiency between our method and [21,22,24,31,32] for maximum tampering rate using the Lena image. For the methods proposed by Yang and Shen [21], Yang et al. [22], and Kim et al. [32], the maximum tolerable tamper rate is less than 50%, which is the same as our methods. But the PSNR (r) values for block-wise method and pixel-wise method of our methods are 36.62 dB and 37.26 dB, which is higher than those of Yang and Shen's [21], Yang et al.'s [22] and Kim et al.'s [32] methods. In addition, the PSNR (r) of Qin et al. [31] is higher than 3.74 dB compared to our method based on pixel-wise detection method, but their maximum tolerable tamper rate is less than 45%. Table 5 shows the SSIM performance of the proposed method using six standard testing images. The results show that the block-wise method has better structure similarity for image Baboon and least similarity for image Tiffany. As for the pixel-wise method, image Baboon still has better similarity, and image Peppers has the least similarity when using the pixel-wise method. Overall, the 4 × 4 block-wise method has the best SSIM performance at 0.986461 and the worst SSIM at 0.955061. Table 6 shows a comparison of the false positive rate (FPR) and the false negative rate (FNR) of the proposed methods and the pervious methods [25,26,28,34] using several test images. Table 4. Performance comparisons of proposed methods and [21,22,24,31,32].

FPR(%) FNR(%)
Tong et al. [25] 0.22 0 Chen et al. [26] 0.25 0 Ansari et al. [28] 0.5 0.01 Wang et al. [34] 0.30 0 Proposed method (4 × 4 block-wise detection) 0.173 0 Proposed method (4 × 4 pixel-wise detection) 0 0 The comparison of recovered image quality are shown in Figure 10 under different tamper rates among our proposed methods and other fragile watermarking methods such as Lee et al. [20], Yang and Shen [21], Yang et al. [22], Qin et al. [31]. From this, it is evident that for our method, the PSNR of recovered images is about 2 dB higher than that of other methods at any tamper rate. Therefore, in terms of image recovery, the performance of our method is excellent. of recovered images is about 2 dB higher than that of other methods at any tamper rate. Therefore, in terms of image recovery, the performance of our method is excellent. Figure 10. Peak signal to noise ratio (PSNR (r) ) comparison of the recovered image between the proposed methods and methods in [20,21,22,31]. Table 7 shows the performance of the proposed method in terms of FPR, FNR, and recovered image quality when dealing with complex images. Baboon was used to represent these kinds of image attacks. According to Table 7, even if 14.35% of Baboon was tampered its recovered PSNR is still above 38 dB, and with 4 × 4 block size the PSNR by pixel-wise approach gets even higher to 39.21 dB. Furthermore, after examining several complex images, the FNR was always found to be 0, which means that the area which has been tampered will always be detected.  Table 8 shows the results of 500 test images of the size 512 × 512 using the proposed block-wise method. It can be seen that the FPR and FNR values become lower or even approached to zero when the block size reduces. The highest values of FNR and FPR were always below 0.000082 and 0.038, respectively. In addition, the recovered value was always above 36 dB. Figure 10. Peak signal to noise ratio (PSNR (r) ) comparison of the recovered image between the proposed methods and methods in [20][21][22]31]. Table 7 shows the performance of the proposed method in terms of FPR, FNR, and recovered image quality when dealing with complex images. Baboon was used to represent these kinds of image attacks. According to Table 7, even if 14.35% of Baboon was tampered its recovered PSNR is still above 38 dB, and with 4 × 4 block size the PSNR by pixel-wise approach gets even higher to 39.21 dB. Furthermore, after examining several complex images, the FNR was always found to be 0, which means that the area which has been tampered will always be detected.  Table 8 shows the results of 500 test images of the size 512 × 512 using the proposed block-wise method. It can be seen that the FPR and FNR values become lower or even approached to zero when the block size reduces. The highest values of FNR and FPR were always below 0.000082 and 0.038, respectively. In addition, the recovered PSNR R value was always above 36 dB.  Table 9 shows the comparison of the processing complexity of each method. Images of size 256 × 256 were used to examine each method. These watermarking schemes contain block types, authentication information, and recovery information. Each method's processing steps are displayed in terms of block division, discrete wavelet transform (DWT), DWT embedding, discrete cosine transform (DCT), mean calculation, watermark hashing, Hilbert curve transformation, exclusive or (XOR), least significant bit (LSB) embedding, and histogram shifting and modification. The total number of steps in the watermarking procedure are also presented for each method. In Table 9, there will be higher operation counts for pixel-wise methods, such as Lo and Hu [27], Qin et al. [31] and the proposed pixel-wise method. The methods of Hsu and Tu [23], Yin et al. [30], Singh and Singh [29], Tai and Liao [33] are block-wise. Among them, the proposed block-wise method has the least operation count.

Conclusions
In this paper, we proposed a self-recovery fragile watermarking image authentication technology for wireless sensor networks. The authentication methods are classified into two types: block-wise and pixel-wise methods. In the block-wise detection method, authentication data is generated from each block, and the average block value is used to generate recovery data. Further, the length of authentication data and recovery data are adjusted according to the size of each block. From the experimental results, it can be seen that when a tampered pixel is detected, the block to which it belongs, will be marked as a tampered block. Therefore, if the block division is small, the false positive rate (FPR) will be small as well. In the pixel-wise detection method, the authentication data is generated from each pixel, and the recovery data is generated from the mean value of the 4 × 4 block. When the tamper rate is 50%, the PSNR of the recovered image of all tested images is above 32 dB. Compared with other methods, our method has a better performance for tamper detection and image recovery.
Using our proposed method, future research should attempt to use different extraction techniques that demonstrate characteristics of the block during the process of generating recovery data, such as the absolute moment block truncation coding (AMBTC) method. In addition to the common clipping and peppered salt attacks, we did not conduct relevant vector quantization attack experiments with respect to tamper experiments. Future research can consider them for in-depth studies. In addition, our method belongs to the fragile watermarking method. After using common image processes, such as JPEG compression, the recovery and authentication data embedded in the image get destroyed, and tampered areas cannot be detected accurately. But JPEG compression can reduce the need of transmitting bandwidth effectivity in WSNs. Therefore, authentication robustness in image compression is also a topic of concern which can be explored in further studies.