Patrick Bas
YOU?
Author Swipe
View article: Targeted Pooled Latent-Space Steganalysis Applied to Generative Steganography, with a Fix
Targeted Pooled Latent-Space Steganalysis Applied to Generative Steganography, with a Fix Open
Steganographic schemes dedicated to generated images modify the seed vector in the latent space to embed a message, whereas most steganalysis methods attempt to detect the embedding in the image space. This paper proposes to perform stegan…
View article: NEURAL WATERMARKING: LACK OF A SECRET KEY IS STILL LACK OF SECURITY
NEURAL WATERMARKING: LACK OF A SECRET KEY IS STILL LACK OF SECURITY Open
Neural watermarking has been on the rise as a simple tool for marking generated multimedia content in a robust way. This simplicity, however, comes at a cost. While it is easy to enforce robustness in a training loss through various data a…
View article: Mode: Loss Function for Deep Steganalysis at Low False Positive Rate
Mode: Loss Function for Deep Steganalysis at Low False Positive Rate Open
International audience
View article: The AI Waterfall : A Case Study in Integrating Machine Learning and Security
The AI Waterfall : A Case Study in Integrating Machine Learning and Security Open
International audience
View article: Effect of Acquisition Noise Outliers on Steganalysis
Effect of Acquisition Noise Outliers on Steganalysis Open
International audience
View article: AN ORIGINAL METHOD FOR DETECTION OF AI-GENERATED IMAGES BASED ON NOISE COVARIANCE
AN ORIGINAL METHOD FOR DETECTION OF AI-GENERATED IMAGES BASED ON NOISE COVARIANCE Open
Detection of AI-based generated or altered images has become a major issue to restore trust in digital media content. To address this important societal problem, most state-of-the-art approaches have been based on artificial intelligence r…
View article: Pick the Largest Margin for Robust Detection of Splicing
Pick the Largest Margin for Robust Detection of Splicing Open
Despite advancements in splicing detection, practitioners still struggle to fully leverage forensic tools from the literature due to a critical issue: deep learning-based detectors are extremely sensitive to their trained instances. Simple…
View article: Dual JPEG Compatibility: a Reliable and Explainable Tool for Image Forensics
Dual JPEG Compatibility: a Reliable and Explainable Tool for Image Forensics Open
Given a JPEG pipeline (compression or decompression), this paper demonstrates how to find the antecedent of an 8x8 block. If it exists, the block is considered compatible with the pipeline. For unaltered images, all blocks remain compatibl…
View article: Linking Intrinsic Difficulty and Regret to Properties of Multivariate Gaussians in Image Steganalysis
Linking Intrinsic Difficulty and Regret to Properties of Multivariate Gaussians in Image Steganalysis Open
This paper deals with the Cover-Source Mismatch (CSM) problem faced in operational steganalysis.Based on a multivariate Gaussian model of the distribution of the noise contained in natural images, it provides proxies for the two important …
View article: Statistical Correlation as a Forensic Feature to Mitigate the Cover-Source Mismatch
Statistical Correlation as a Forensic Feature to Mitigate the Cover-Source Mismatch Open
International audience
View article: Blind Data Adaptation to tackle Covariate Shift in Operational Steganalysis
Blind Data Adaptation to tackle Covariate Shift in Operational Steganalysis Open
The proliferation of image manipulation for unethical purposes poses significant challenges in social networks. One particularly concerning method is Image Steganography, allowing individuals to hide illegal information in digital images w…
View article: Size-Independent Reliable CNN for RJCA Steganalysis
Size-Independent Reliable CNN for RJCA Steganalysis Open
Detection of image steganography is principally implemented with supervised machine learning detectors.There are two main drawbacks to this approach: the detectors are overly specific to a given image source, and the performance guarantees…
View article: Finding Incompatible Blocks for Reliable JPEG Steganalysis
Finding Incompatible Blocks for Reliable JPEG Steganalysis Open
This article presents a refined notion of incompatible JPEG images for a\nquality factor of 100. It can be used to detect the presence of steganographic\nschemes embedding in DCT coefficients. We show that, within the JPEG pipeline,\nthe c…
View article: The Adobe Hidden Feature and its Impact on Sensor Attribution
The Adobe Hidden Feature and its Impact on Sensor Attribution Open
If the extraction of sensor fingerprints represents nowadays an important forensic tool for sensor attribution, it has been shown recently that images coming from several sensors were more prone to generate False Positives (FP) by presenti…
View article: Leveraging Data Geometry to Mitigate CSM in Steganalysis
Leveraging Data Geometry to Mitigate CSM in Steganalysis Open
In operational scenarios, steganographers use sets of covers from various sensors and processing pipelines that differ significantly from those used by researchers to train steganalysis models. This leads to an inevitable performance gap w…
View article: Errorless Robust JPEG Steganography Using Outputs of JPEG Coders
Errorless Robust JPEG Steganography Using Outputs of JPEG Coders Open
Robust steganography is a technique of hiding secret messages in images so that the message can be recovered after additional image processing. One of the most popular processing operations is JPEG recompression. Unfortunately, most of tod…
View article: Compatibility and Timing Attacks for JPEG Steganalysis
Compatibility and Timing Attacks for JPEG Steganalysis Open
This paper introduces a novel compatibility attack to detect a steganographic\nmessage embedded in the DCT domain of a JPEG image at high-quality factors\n(close to 100). Because the JPEG compression is not a surjective function, i.e.\nnot…
View article: Analysis and Mitigation of the False Alarms of the Reverse JPEG Compatibility Attack
Analysis and Mitigation of the False Alarms of the Reverse JPEG Compatibility Attack Open
International audience
View article: Using Set Covering to Generate Databases for Holistic Steganalysis
Using Set Covering to Generate Databases for Holistic Steganalysis Open
Within an operational framework, covers used by a steganographer are likely\nto come from different sensors and different processing pipelines than the ones\nused by researchers for training their steganalysis models. Thus, a performance\n…
View article: Toward Reliable JPEG Steganalysis (at QF100)
Toward Reliable JPEG Steganalysis (at QF100) Open
-La stéganalyse consiste à détecter des images contenant un message caché. Nous cherchons ici à développer une méthode de stéganalyse qui permette de certifier la stéganalyse en contrôlant la probabilité de faux positifs associée. Pour cel…
View article: Errorless Robust JPEG Steganography using Outputs of JPEG Coders
Errorless Robust JPEG Steganography using Outputs of JPEG Coders Open
Robust steganography is a technique of hiding secret messages in images so that the message can be recovered after additional image processing. One of the most popular processing operations is JPEG recompression. Unfortunately, most of tod…
View article: Side-Informed Steganography for JPEG Images by Modeling Decompressed Images
Side-Informed Steganography for JPEG Images by Modeling Decompressed Images Open
Side-informed steganography has always been among the most secure approaches in the field. However, a majority of existing methods for JPEG images use the side information, here the rounding error, in a heuristic way. For the first time, w…
View article: Adversarial images with downscaling
Adversarial images with downscaling Open
Most works on adversarial attacks consider small images whose size already fits the model. This paper explores attacking large images on classifiers with different input sizes. Downscaling is a necessary first step to adapt the size of the…
View article: The Cover Source Mismatch Problem in Deep-Learning Steganalysis
The Cover Source Mismatch Problem in Deep-Learning Steganalysis Open
This paper studies the problem of Cover Source Mismatch (CSM) in steganalysis, i.e. the impact of a testing set which does not originate from the same source than the training set. In this study, the trained steganalyzer uses state of the …
View article: Fighting the Reverse JPEG Compatibility Attack: Pick your Side
Fighting the Reverse JPEG Compatibility Attack: Pick your Side Open
In this work we aim to design a steganographic scheme undetectable by the Reverse JPEG Compatibility Attack (RJCA). The RJCA, while only effective for JPEG images compressed with quality factors 99 and 100, was shown to work mainly due to …
View article: Backpack: A Backpropagable Adversarial Embedding Scheme
Backpack: A Backpropagable Adversarial Embedding Scheme Open
A min max protocol offers a general method to automatically optimize steganographic algorithm against a wide class of steganalytic detectors. The quality of the resulting steganograhic algorithm depends on the ability to find an “adversari…
View article: Multivariate Side-Informed Gaussian Embedding Minimizing Statistical Detectability
Multivariate Side-Informed Gaussian Embedding Minimizing Statistical Detectability Open
Steganography schemes based on a deflection criterion for embedding posses a clear advantage against schemes based on heuristics as they provide a direct link between theoretical detectability and empirical performance. However, this advan…
View article: Backpack:a Backpropagable Adversarial Embedding Scheme
Backpack:a Backpropagable Adversarial Embedding Scheme Open
A min max protocol offers a general method to automatically optimize steganographic algorithm against a wide class of steganalytic detectors. The quality of the resulting steganograhic algorithm depends on the ability to find an "adversari…
View article: Generating Adversarial Images in Quantized Domains
Generating Adversarial Images in Quantized Domains Open
International audience
View article: Unsupervised JPEG Domain Adaptation for Practical Digital Image Forensics
Unsupervised JPEG Domain Adaptation for Practical Digital Image Forensics Open
Domain adaptation is a major issue for doing practical forensics. Since examined images are likely to come from a different development pipeline compared to the ones used for training our models, that may disturb them by a lot, degrading t…