Cornell Business & Technology Park 33 Thornwood Drive, Suite 500 Ithaca, NY 14850-1250

DARPA PI MeetingJuly 17-21, 2000

SL00-0006 1

Odyssey Research Associates

Cornell Business & Technology Park33 Thornwood Drive, Suite 500

Ithaca, NY 14850-1250(607) 257-1975

David RosenthalOdyssey Research Associates

July 17-21, 2000

Semantic Data Integrity

DARPA PI Meeting


SL00-0006 2


Team Members

• Odyssey Research Associates (a subsidiary of Architecture Technology Corporation)– David Rosenthal, Matt Stillerman, David

Guaspari, Francis Fung• WetStone

– Chet Hosmer, Milica Barjaktarovic, Mike Duren• SUNY Binghamton

– Jiri Fridrich


SL00-0006 3


Technical Objectives

• Support intrusion tolerance by developing improved data integrity methods to identify and recover attacked data– localize possible alterations– provide partial recovery, where feasible– provide policy-based selection of mechanisms

• Emphasis is on imagesForgery Detected


SL00-0006 4


Technical Approach

• Develop techniques for identifying and protecting data subsets

• Develop new watermarking/self-embedding techniques

• Explore how to recover data subsets using secondary data (DSI Marks)

• Develop software to test the effectiveness of approach


SL00-0006 5


Technical ApproachSoftware

ExtractSemanticSegments

DSIMark

Generation

DSIMarkVerification

DataReconstruction

IntegrityPolicy

DSI MarkDB

SuspectData


SL00-0006 6


I-FIRE Segmentation

Original Image Segmented Image


SL00-0006 7


I-FIRE Segment Verification

Forged Image Segment LevelImage Verification


SL00-0006 8


I-Fire Segment Recovery

• Set parameters for very fast recovery

• Streak suggesting aircraft fire was repaired

• White rectangles indicate where recovery did not succeed


SL00-0006 9


I-FIRE Anomalous Pixel Detection

Impossible Data Identification


SL00-0006 10


Technical ApproachHierarchical Subsets

• Develop algorithms for automatically subsetting images based on uniformity criteria (combination of color, intensity, texture similarity)

• Split image into quadrants, test quadrants for uniformity; if a quadrant is uniform, do not subdivide it further. Otherwise, continue subdividing

• Then, merge all “adjacent” segments that share the same uniformity characteristics (or possibly some other desirable characteristics such as a common edge)


SL00-0006 11


Technical ApproachHierarchical Subsets (cont.)

• Impose different integrity mechanisms at different layers of the decomposition, to achieve policy goals more efficiently


SL00-0006 12


Intersecting Hash Methods

• Intersecting hashes– Each hash covers some set of set cells– Permit the sets of covered cells for two different

hashes to intersect– Hierarchical decomposition and hashing is a

special case of this• Intersecting hash techniques permit a tradeoff

between – strength of protection,– diagnostic ability / damage isolation


SL00-0006 13


Forgery Strategies and Strength of Protection

• Assume that Cell 2 is modified

• Compensating with Cell 2 costs |h1| * |h2 |

• Compensating with Cell 1 and then Cell 3 costs |h1| + |h2|

Hash 1 Hash 2Cell 1 Cell 2 Cell 3




SL00-0006 14


Example: Sequential Forgery Repair with Hierarchical Hashes

• Fix hashes in two stages– First Correction: Fix three hashes of left branch– Second Correction: Fix two hashes of right branch

To be forged


SL00-0006 15


Strength of Intersecting Hashes

• Strength of protection can be defined in terms of the cost of the attacker’s best strategy.

• Can be difficult to compute for arbitrary intersecting hashes

• For hierarchical hashes, we believe we have identified an effective algorithm for computing the best strategy


SL00-0006 16


Identifying Damaged Area

• Regard segment as nn grid of cells• Compare two different kinds of protection strategies• Compute 2n (weak) hash values for sets of cells

– “Linear” strategy• Hash disjoint blocks of n/2 cells• Entire block is suspicious if its hash check fails

– “Quadratic” strategy• Hash each row and each column• Cell is suspicious if both its row and its column

fail


SL00-0006 17


Quadratic vs. Linear Hashing

• On average, a quadratic hash identifies a smaller suspicious area in the following situations (with n rows and n columns)– Sparse random errors

• Where there are up to (approx.)0.96n bad cells• Note: this asymptotic result, converges rapidly

– Concentrated random errors• Errors confined to at most n/2 rows or columns

(Verified analytically for many n, conjectured for all)


SL00-0006 18


Reconstruction

• Compute strong hash for the whole image, use weaker hashes on subsets

• Brute force reconstruction – Use weak hashes to identify suspicious area– Search suspicious area for candidate

reconstructions solving all weak hashes– Check candidates against strong hash


SL00-0006 19


Feasibility of Reconstruction

• Basic questions for brute force reconstruction– Reliability: probability we are not deceived by

answer– Adequacy: probability the answer is in the search

space– Computational cost of reconstruction

• Reliability: lower bound set by strong hash• Can estimate adequacy and cost, assuming

– Random errors– Independence of row and column hashes.


SL00-0006 20


Adequacy

.9999996030200

.9996020200

.9999998030100

.9998020100

Adequacy exceeds

# hash bitsWidth of cell


SL00-0006 21


Computational Cost

• Search space constrained by– Initial identification of suspicious area– Homogeneity of the image, limiting the number of

candidate values per cell– “Crossword puzzle” style of reconstruction (only

available with quadratic hashing)• Search grows rapidly, but feasible in some limited

cases


SL00-0006 22


Estimates of reconstruction cost

• Cost: Assuming 16 candidate values (homogeneity), 32 hash bits

10342010

10131010

1081005

107105

# “check hash” ops# bad columns# bad rows


SL00-0006 23


Self-Embedding

• Self-Embedding: Save important information about an image in the picture

• Developing techniques that are unobtrusive, survive JPEG compression, and resistant to some classes of attack

• Before and after embedding


SL00-0006 24


Technical Approach Secure Fragile Authentication

Watermark

• Investigated some attacks that affect several proposed fragile watermark schemes

• Developed a secure fragile watermark that is resistant to these attacks– Uses secret key and the watermark is difficult to

forge– Resistant to collage attack

Original image Forgery using a collage attack


SL00-0006 25


Technical ApproachPolicy

• Provide simple layer at the level of mechanism• Help to bridge user needs to the mechanisms that are

available– Provide mapping from typical needs to default

assignments for how mechanisms should work• Would eventually like to have a better connection

between mechanisms and more characteristics– Importance of the data or sub-data, threats that

need to be countered, recovery time constraints, resource limitations, detectability of integrity measure, current situation


SL00-0006 26


Technical ApproachPolicy (cont.)

• A critical data policy at the mechanism layer

DigitalSignature

CRC Robustwatermark

FragileWatermark

Selfembedding

Entire image XImportant Segments X X X XNon-importantsegments -adjacent toimportant segments

X X

Important segmentwith adjacentsegments

X

Segments that containself-embeddinginformation

X

Non-important objectsegments

X

Top-level segments X


SL00-0006 27


Technical ApproachDemonstration Environment

• We have developed a tool, called I-FIRE for demonstrating and testing our methodology

• Current features include:– Split-and-merge with parameters– Damage detection– Reconstruction and pixel verification– Partial reconstruction with self-embedded data– Policy-based integrity mechanism selection


SL00-0006 28


Major Risks and Planned Mitigation

• Previous Risk– Partial recovery of subsets may not be very

practical (too resource-intensive)• Mitigation

– Have developed some other techniques that may make data useable in the case where recovery is not feasible

– Detection features can be useful even without recovery


SL00-0006 29


Accomplishments to Date

• Prototype Tool– Demonstrates hierarchical subset methods– Implements current detection and recovery

methods• Developed new watermarking methods• Linear vs. Quadratic method analysis• Some initial results on assurance with incomplete

recovery with hierarchical methods• Some initial analysis of a scenario


SL00-0006 30


Quantitative Metrics

• Metrics that may be used are– Size of DSI mark– Time to apply integrity protection– Time for partial reconstruction techniques– Area of “known” correct part of image– Cost of recovery for a given class of attacks– Strength of protection


SL00-0006 31


Expected Major Achievements

• A method and tool to facilitate the use of altered data, by– recognizing unharmed subsets– supporting partial recovery techniques


SL00-0006 32


Task schedule

• Feb 2000: – First version of I-FIRE

• July 2000: – Second version of I-FIRE– Some analysis results

• December 2000– Final version of software– Extended analysis results


SL00-0006 33


Key outstanding issues and recommended resolution

• None


SL00-0006 34


Tech Transfer -- Military

• Integrity enhancement for expensive transmissions, e.g., air-to-ground targeting data -– For Air Combat Command and Air Material

Command– Planned for small part of JFX2000 experiment

(Sept. 2000)


SL00-0006 35


JFX 2000 and I-FIRE

• I-FIRE and JFX2000

IFGRL-Band

IFGR

L-BandSecure

Message

SIPERNET

Aircraft

I-FIRE

DSI

SecureMessage

DSI

Ground


SL00-0006 36


Tech Transfer -- Commercial

• Possible commercial transitions– Injection of key technologies into WetStone’s

SMARTWatch integrity checker• Investigating some other possibilities


SL00-0006 37


What do you need from the DARPA PM?

• No pending requirements

Cornell Business & Technology Park 33 Thornwood Drive, Suite 500 Ithaca, NY 14850-1250

Documents

Transcript of Cornell Business & Technology Park 33 Thornwood Drive, Suite 500 Ithaca, NY 14850-1250