Forgery Detection and Localization of Modiﬁcations at the Pixel Level

: In this paper, we present a new technique of image forgery detection. The proposed technique uses digital signatures embedded in the least signiﬁcant bits of the selected pixels of each row and column. The process maintains a symmetry in the use of pixels for computing and hiding the digital signatures. Each row and column of the image symmetrically contributes to both processes, with the number of pixels per row or column used for computing the signature, and the pixels used for embedding are not equal and are asymmetric. The pixels in each row and column of an image are divided into two groups. One group contains pixels of a row or column used in the calculation of digital signatures, and the second group of pixels is used for embedding the digital signatures of the respective row or column. The digital signatures are computed using the hash algorithm, e.g., message digest ﬁve (MD5). The least signiﬁcant bits substitution technique is used for embedding the computed digital signature in the least signiﬁcant bits of the selected pixels of the corresponding row or column. The proposed technique can successfully detect the modiﬁcation made in an image. The technique detects pixel level modiﬁcation in a single or multiple pixels.


Introduction
Currently, with the growth of technology, high resolution digital cameras are available at reasonable prices. Along with standalone cameras, digital cameras are available on each smartphone. This has made the saving of important events and memory very easy. Selfie capturing has become fashionable. With all these uses, digital images can also play the role of pieces of evidence. The images of crime scenes can be presented in a court of law as proof.
Along with the high resolution cameras, various image editing tools and software have been developed to enhance the quality of images and other useful purposes. However, at the same time, these tools have raised the chances of the misuse of digital images. The image editing tools can be used to forge image contents, which can portray false information. The forged image can be used to affect the image of a person, harass a person, and as false evidence in a court of law. The modification of digital images has become of concern to people (e.g., fake and modified images of well known personalities and big names of society), societies, journalism, technical research publication, etc. [1]. This raises the question of how much the contents of images can be trusted.
Images can be modified by splicing, re-sampling, removing and adding a part, etc. The changes made may be detectable to the human visual system (HVS), and the modified contents can be identified with the naked eye. In such scenarios, the trustworthiness of the image contents can be decided by merely observing the modified images. However, the manipulations may affect human life, even more severely in the current era than in the past. Images are modified with the help of advanced tools in such a manner that the modifications are imperceptible to the HVS, and it is difficult, and almost impossible, to detect the manipulation with the naked eye [2]. Such variations give birth to severe vulnerabilities and risk the integrity of the digital images. It is important to how much the contents of an image can be trusted. The authentication of images and detection of the manipulations, if made, in digital images will help to prevent the misuse of digital images and eliminate risks. Only trusted and authentic images are presented in a court of law, especially when the digital contents are produced as legal evidence in front of judges [3].
Therefore, it is important to validate image contents and detect and locate the forged part of the image. Efficient forgery detection can successfully distinguish between the authentic and manipulated images and find the changes made. Due to a variety of applications and public interest, forgery detection is an area of great interest to forensic experts. The image authentication and forgery detection techniques have been classified into two categories, i.e., active techniques and passive techniques. Embedded watermarks or signatures are used in the active techniques, while in passive techniques, no extra information is used. The active techniques have limited applications [4], due to the non-availability of these techniques in all image acquisition devices. Active authentication techniques are further classified into two types: digital signature and digital watermarking [1]. Passive techniques have great application in image processing [5][6][7][8][9][10]. Passive techniques use the statistics of images for forgery detection and content authentication. Each image acquisition device leaves some non-modifiable, noise-like signal, which can be used to detect the forgery. The passive techniques are classified as pixel based techniques, i.e., copy-move [11,12], image splicing [13], and image retouching [14][15][16][17][18][19][20][21][22], format based techniques [23][24][25][26], camera based techniques [27,28], physical based techniques [29][30][31][32][33][34][35], and geometric based techniques [36,37]. These techniques are computationally expensive and time consuming and are not commonly used.
The proposed work is an effort toward image forgery detection at the pixel level. The technique uses a digital signature embedded in the selected pixels row-and column-wise. The digital signatures are computed using the MD5 [38] algorithm and are embedded in LSBs of selected pixels using the LSB substitution method [39,40].
The remainder of the paper is organized into four sections. Section 2 presents the implementation of the proposed framework. The experimental results and analysis based on the results are presented in Section 3. A comparison of the proposed technique with other image forgery detection techniques is given in Section 4. Section 5 concludes the discussion.

Proposed Forgery Detection Techniques
The image forgery detection was also addressed in [41,42]. The work in [41] detected image forgery at the row level; however, it failed to detect any modification when a complete row or rows were truncated from an image. While the method presented in [42] detected image forgery at the column level, the algorithm failed to detect a complete column's or columns' truncation. Moreover, the techniques in [41,42] designated a complete row or column as forged, even if a single pixel was modified in a row or column of an image, respectively. The algorithms located the forged rows or columns instead of forged pixels.
The limitations present in [41,42] are addressed in the proposed technique. The proposed framework detects image forgery at the pixel level. The algorithm is also capable of detecting rows' or columns' truncation. It marks only the manipulated pixel or group of pixels as forged. The proposed technique divides the pixels of each row and column into two parts. One group of pixels is used in the computation of the digital signature, while the second group of pixels is used for embedding the digital signatures. Hence, the number of pixels used in both processes is asymmetrical. Digital signatures are calculated for each row and column, and the signatures are embedded in the respective rows and columns. On the other side, to authenticate image contents and detect any possible modification introduced to the image, the digital signature for each row and column is computed similarly by using the selected pixels. The embedded digital signatures are retrieved from the LSBs of the selected pixels used for embedding. Both the computed and retrieved signatures of each row and columns are compared. If the signatures match each other, the row or column is declared as an authentic one. Otherwise, the row or column for which the computed and retrieved signatures do not match each other is considered unauthentic. As each pixel is a part of a row and a column, if a pixel is modified, the corresponding rows and columns will be labeled as unauthentic. Therefore, the forged pixel is located at the point of intersection of the forged row and column. Hence, the proposed framework successfully identifies and locates the forged pixels.
Let us consider the same image of size N × M, where N is the number of rows and M is the number of columns. D pixels of each row and column are used to hide the digital signature. D depends on the size of the digital signature in bits and the number of bits embedded per pixel. For example, in the case of MD5, the size of a digital signature is 128 bits, and if four bits per pixels are hidden in the LSBs of the pixels, then D must be 32, to accommodate the signature. The remaining N − D pixels of a row and M − D pixels of a column are used for digital signature computation using the hash algorithm. Hence, each of the processes maintains the symmetry in the use of the number of pixels per row and column and uses an equal number of pixels, while computing the digital signature for each row or column. Similarly, the equal number of pixels per rows or columns is used to embed the digital signature in the corresponding rows or columns.
The processes of digital signatures' computation and embedding the signatures are given in Figure 1. The image portion of size (N − D) × (M − D), as indicated by the black rectangle, shows part of the selected pixels used for row-wise and column-wise digital signature computation. Pixels highlighted by the orange rectangle show the selected pixels of rows and columns used to embed the digital signature computed for the corresponding rows and columns. The pixels neither used in digital signature computation nor signature embedding are left unaffected or used to authenticate the pixels having embedded signatures, as indicated by the blue rectangle in Figure 1. For this, the pixels having the embedded signature of the first row and first column are collectively used to compute a signature, and the signature is embedded in the first column of the small D × D size portion. Similarly, the second row and second column of the pixel with embedded signatures are processed for signature calculation, and the signature is embedded in the second column of the D × D sized portion. The process is applied to all pixels of the rows and columns having an embedded signature, and the signatures are embedded in the corresponding column of the D × D portion of the image. Figure 1 shows signature computation for each row and column and embedding of the signatures in the respective row or column. The processed image is then transmitted, saved, or shared. The parties interested in the contents of the image will need to check the authenticity of the contents of the images and will try to detect the forged pixels, if any. To detect the possible forged pixels, the receiver will process the image by dividing the image pixels into three parts. The pixels used for calculating digital signatures, the pixels used for embedding the signatures, and the part used to embed the signatures are computed from the pixels with embedded digital signatures. Digital signatures are computed for each row and column using the selected pixels of each row and column. Then, for each and column, digital signatures are retrieved from the selected pixels of the respective row and column, by reading the LSBs of the selected pixels. The computed and retrieved digital signatures are compared with each other for each row and column. The pixel for which a match in digital signatures is found for the respective row and column is declared authentic. If the signatures of the respective row and column do not match the retrieved signatures, the pixel is declared forged. Hence, forged pixels are detected and located. The process of forgery detection and localization is presented in Figure 2.
To detect a forged pixel, we have two pairs of signatures: one pair of signatures is obtained from the row, and another pair of signatures is obtained from the column. If both pairs are similar, then the pixel is said to be authentic. However, there exists a possibility that one pair of signatures may match while another pair of signatures may fail. In such a scenario, the D × D portion of pixel is used to find whether a given part with a hidden signature is affected or not. If a group of pixels with an embedded digital signature is found modified, then the pixel is declared authentic. This further strengthens the claim of the proposed algorithm and avoids any possible false forgery detection.

Experimental Results and Analysis
This section presents a detailed analysis of the proposed technique by performing different experiments. The proposed method computes the digital signature using selected pixels row-wise and column-wise, as discussed in Section 2. The digital signatures are then embedded in the LSBs of the selected pixels of the corresponding rows and columns. There exist various hash algorithms to compute digital signatures. Similarly, several embedding techniques exit in the literature that can be used to embed the signatures. Here, we use the MD5 algorithm to compute the digital signature of 128 bits, and the 4LSB substitution technique is used for embedding four bits per selected pixel. As the digital signature is 128 bits long, we need 32 pixels, i.e., D = 32, embedding the full signature using four bits per pixel. Hence, the MD5 algorithm generates a 128 bit signature for each column and row, and 32 selected pixels of each column and row are used for signature embedding. After hiding the digital signatures, we obtain a final image that is stored, transmitted, or shared with the intended user or is made public.
Investigating the authenticity of the contents of the image and detecting any possible modification introduced in the image, at the receiver side, the digital signatures, each of 128 bits, are recalculated from the selected pixels of each row and column using the MD5 algorithm. The embedded digital signatures, each of 128 bits, are retrieved by reading the four LSBs of the selected pixels of each row and column. The retrieved and recalculated digital signatures of each row and column are compared with each other. The forged pixels are identified following the procedure discussed in Section 2.
For analysis, the proposed framework is applied to the image shown in Figure 3a. The image in Figure 3a is processed accordingly for signatures' computation and embedding, as explained in Figure 1. At the end of the embedding process, we obtain a digital image with embedded digital signatures, as shown in Figure 3b.  The image with embedded digital signatures is forged by introducing different modifications, e.g., multiple pixels' modification in multiple rows and columns, a block of pixels' modification, single-pixel modification in multiple columns, single-pixel modification in multiple rows, multiple bits' modification in a single pixel, and single bit modification in a single pixel. The images obtained after introducing modification are shown in Figure 4a-f. The images in Figure 4 are then used for forgery detection using the procedure presented in Figure 2. Each modified image is processed for forgery detection using the proposed technique. It has been observed from the experiments that the proposed technique successfully detects the forged pixels in various scenarios presented in Figure 4. The detected forged pixels are converted into black color, and the forged part of each image is highlighted with the red circle in each image. The experimental results are shown in Figure 5.

Comparison
This section presents a comparison of the proposed technique with previous techniques. The comparison is made in terms of true positives (TP), true negatives (TN), and accuracy. The values calculated are listed in Table 1. The results demonstrated the comparison of the proposed techniques with the methods of Lyu and Farids [43], Shi et al. [44], Zou et al. [45], Rad and Wang [46], and Kashyap et al. [47].
The results showed that among all the previous techniques mentioned in Table 1 [42] demonstrated detection accuracy equal to 95%. The proposed technique resulted in an accuracy of 97%. Therefore, it can be concluded that the proposed methods were more powerful than other previous techniques to detect manipulations in digital images.

Conclusions
The proposed forgery detection and localization technique was a powerful framework to detect any possible modification introduced to an image. The method successfully detected a single pixel, even a single bit modification. The technique was tested against various types of modifications, and the technique resulted in high accuracy for different scenarios. The comparative analysis showed that the proposed work performed better than the previous techniques. The technique could be used for image forgery detection at any level with great confidence. The proposed algorithm could be used in many applications, e.g., authenticating the contents of images presented in a court of law, and could detect the false presented information or part of the information. It could be used to control the sharing of wrong and misleading information on social media. It could be used in other applications, e.g., assuring data integrity, copyright protection, social networking, online shopping, etc.
Along with the strength of the algorithm, it also had some limitations. For example, it would mark the complete image as forged if the part of pixels having embedded signatures was modified. This would possibly mark a lossy compressed image as a forged image, e.g., in the case of JPEG compression.