WHIM: watermarking multicast video with a hierarchy of intermediaries
Introduction
As content distribution on the Internet becomes more pervasive and the value of the content being distributed increases, the security of this data has become a main concern of content providers. Encryption is generally used to safeguard the content while it is being transmitted so that unauthorized persons cannot read the stream from the network, but this offers no protection after the intended receiver receives the data. There is no protection against unauthorized duplication and propagation by the intended receiver. This additional protection can be obtained by watermarking the content. Watermarking is the embedding of some identifying information into the content in such a manner that it cannot be removed by the user but it can be extracted or read by the appropriate party. Watermarks can be used for copyright protection or for identification of the receiver. Copyright protection watermarks embed some information in the data to identify the copyright holder or content provider, while receiver-identifying watermarking, commonly referred to as fingerprinting [1], embeds information to identify the receiver of that copy of the content. Thus, if an unauthorized copy of the content is recovered, extracting the fingerprint will show who the initial receiver was.
Problems arise when attempting to fingerprint content in a multicast environment that do not arise in copyright protection watermarking. Copyright protection watermarks are embedded in the data at the source, then the watermarked data is multicast to the group of receivers. For fingerprinting, embedding the receiver's identification as the watermark at the source will not work since all the receivers will share the same watermark. It is necessary to watermark content with unique information for distinct receivers of the same multicast stream. A simple method to achieve unique watermarks for each receiver would be to watermark the stream differently for each receiver and to unicast the watermarked streams. Of course, the inefficiency of such a scheme calls for a better solution. We aim to maintain the security of this approach while achieving scalability.
We propose WHIM, a scalable system that allows multicast content to be securely marked with distinct information for distinct receivers. This system introduces two new concepts: (1) generating a watermark based on the receiver's location in the network and (2) inserting the watermark in the content incrementally as it traverses the network. WHIM makes use of a hierarchy of intermediaries for creating and embedding the fingerprint. This allows security and scalability. The use of a hierarchy allows a new type of security by having an User ID based on the user's location in an overlay network. Security is also maintained by using proven watermarking algorithms to embed this User ID. The hierarchy leads to scalability by capitalizing on the efficiency of multicast distribution and by distributing the watermark embedding load from the source to the different intermediaries.
This paper proceeds as follows. In Section 2 we enumerate the design objectives of WHIM. Section 3 gives an overview of the WHIM architecture. Section 4 discusses the WHIM-Backbone (WHIM-BB) component which is based on a hierarchy of intermediaries that provide an efficient distribution architecture that fingerprints the streaming content. Section 5 describes the WHIM-Last Hop (WHIM-LH) component, a secure protocol that fingerprints and distributes content between an intermediary and a group of receivers. Section 6 examines previous work in the area. Section 7 presents an analysis and simulation results of the efficiency of WHIM, and a comparison with previous solutions. Finally, Section 8 presents conclusions and discusses possible future work.
Section snippets
WHIM objectives
The design objectives of a system to fingerprint multicast content should be security and scalability. We outline the concepts involved in achieving these goals. The features and components of the system necessary to accomplish these goals should be designed into the solution.
WHIM architecture overview
The system has two components, WHIM-BB and WHIM-LH. WHIM-BB introduces a hierarchy of intermediaries into the network and forms an overlay network between them. Fig. 1 shows how the hierarchy is formed as an overlay network in the physical network. Each intermediary has a unique ID. Based on the fact that there exists a unique path between the source and each intermediary on this overlay network, we use this path to distinguish between intermediaries. Each path is identified by the IDs of the
WHIM backbone (WHIM-BB)
WHIM-BB makes use of a hierarchy of intermediaries for creating and embedding the fingerprint. The fingerprint is based on the path from the source to the intermediary. This allows security and scalability. Use of a hierarchy allows a new type of security by having the user's fingerprint based on the user's location in the network. Security is also maintained by using proven watermarking algorithms to embed this identifying information. The hierarchy leads to scalability by distributing the
WHIM last hop (WHIM-LH)
This section describes WHIM-LH, a protocol between a single intermediary and its children receivers. Whereas WHIM-BB marks the content to identify the last hop intermediary of a receiver, WHIM-LH allows a single intermediary to embed distinct User IDs for each of its children receivers. This section first explains the WHIM-LH architecture and the variations that are allowed by the different types of User IDs. Then, the different methods that are available for choosing User IDs are explained.
Related work
This section describes previously proposed solutions to the problem of efficiently delivering unique copies of content to multicast receivers. One approach to this problem is to divide the content into subunits, create unique versions of each subunit, and deliver in a fashion such that each receiver obtains a unique combination of the subunits to create a unique version of the content. There have been two works that proposed solutions based on this approach. However, these systems have security
Analysis
In this section we examine the efficiency of WHIM in terms of data transmission and encryption overhead. We look at this relative to the performance of some of the other multicast watermarking schemes reviewed in the related work section. Fig. 6 shows the definitions of variables used in this section.
In WHIM, the source transmits s+p+cku bytes and encrypts s+(n)(ku) bytes. The overhead of the scheme in [31] involves the sender transmitting nf[2(f)+2(kf)] bytes, then the group leader transmits
Conclusions
There has been a significant amount of work geared toward developing algorithms to securely embed watermarks into multimedia content. The work presented in this paper complements these efforts by providing an architecture that allows these algorithms to be used in multicast multimedia. We have presented two architectures, WHIM-BB, a hierarchy of intermediaries that provides an efficient distribution architecture that fingerprints the streaming content, and WHIM-LH, a secure client/server
Acknowledgements
This work was supported in part by grants from the National Science Foundation, DoD MURI Program, and the Georgia Tech Information Security Center.
Paul Judge is a doctoral candidate in the College of Computing at the Georgia Institute of Technology. His research interests include computer networking and information security. He received the B.S. degree in Computer Science from Morehouse College and the M.S. degree in Computer Science from the Georgia Institute of Technology. He is a member of the ACM and Phi Beta Kappa.
References (33)
- et al.
Prefix routing schemes in dynamic networks
Computer Networks and ISDN Systems
(1993) Fingerprinting
- J. Dittmann, M. Stabenau, R. Steinmetz, Robust mpeg video watermarking technologies, in: Proceedings of the ACM...
- L. Qiao, K. Nahrstedt, Watermarking method for mpeg encoded video: Towards resolving rightful ownership, in: IEEE...
- F. Hartung, B. Girod, Digital watermarking of raw and compressed video, in: European EOS/SPIE Symposium on Advanced...
- et al.
Adaptive public watermarking of dct-based compressed image
- et al.
Asymmetric fingerprinting for larger collusions
- J.C. Lin, S. Paul, RMTP: a reliable multicast transport protocol, in: IEEE Infocom, San Fransisco, CA, March...
- et al.
Reliable multicast transport protocol (RMTP)
IEEE Journal on Selected Areas in Communications
(1997) - et al.
Summary cache: A scalable wide-area web cache sharing protocol
Consistent hashing and random trees: Distributed caching protocols for relieving hot spots on the World Wide Web
Layered video multicast with retransmissions (LVMR): evaluation of hierarchical rate control
Watercasting: distributed watermarking of multicast media
Protecting mobile agents against malicious hosts
Cited by (20)
Secure multicasting of images via joint privacy-preserving fingerprinting, decryption, and authentication
2016, Journal of Visual Communication and Image RepresentationCitation Excerpt :In the threat model considered in this paper, a receiver is not ideally assumed to be reliable, an attacker may intrude to obtain decrypted data from a receiver or modify it, and data transmitted from the sender to a receiver may be intercepted or modified. We follow the general rules of the media fingerprinting framework under the application scenarios of media fingerprinting [12,28,31], where robustness (aiming to remove fingerprints via any possible attacks excluding the collusion) and blind detection of embedded fingerprints are not the major concerns. Moreover, the collusion attack pertaining to media fingerprinting at the receiver side has also been thoroughly investigated in [28,29,32].
Watermarked video delivery: Traffic reduction and CDN management
2018, Proceedings of the 9th ACM Multimedia Systems Conference, MMSys 2018Leaker Identification in Multicast Communication
2012, Communications in Computer and Information ScienceVideo scrambling and fingerprinting for digital right protection
2012, Proceedings - 2012 International Symposium on Computer, Consumer and Control, IS3C 2012Bandwidth efficient anti-collusion digital fingerprinting scheme
2011, International Review on Computers and SoftwareSome open problems in multimedia digital fingerprinting
2011, International Review on Computers and Software
Paul Judge is a doctoral candidate in the College of Computing at the Georgia Institute of Technology. His research interests include computer networking and information security. He received the B.S. degree in Computer Science from Morehouse College and the M.S. degree in Computer Science from the Georgia Institute of Technology. He is a member of the ACM and Phi Beta Kappa.
Mostafa Ammar received the S.B. and S.M. degrees from the Massachusetts Institute of Technology in 1978 and 1980, respectively and the Ph.D. in Electrical Engineering from the University of Waterloo, Ontario, Canada in 1985. For the years 1980–82 he worked at Bell-Northern Research (BNR), first as a Member of Technical Staff and then as Manager of Data Network Planning.
Dr. Ammar's research interests are in the areas of computer network architectures and protocols, distributed computing systems, and performance evaluation.
He is the co-author of the textbook “Fundamentals of Telecommunication Networks,” published by John Wiley and Sons. He is also the co-guest editor of April 1997 issue of the IEEE Journal on Selected Areas in Communications on “Network Support for Multipoint Communication.” He also was the Technical Program Co-Chair for the 1997 IEEE International Conference on Network Protocols.
He currently serves as the Editor-in-Chief of the IEEE/ACM Transactions on Networking and served on the editorial board of Computer Networks (1992–1999). He is a Fellow of the IEEE and a member of ACM and of the Association of Professional Engineers of the Province of Ontario, Canada.