A Forensic Signature Based on Spatial Distributed ... - Semantic Scholar

A Forensic Signature Based on Spatial Distributed Bag of Features for Image Alignment and Tampering Detection Sebastiano Battiato, Giovanni Maria Farinella, Enrico Messina, Giovanni Puglisi Dipartimento di Matematica e Informatica, Università degli Studi di Catania, Italy

{battiato, gfarinella, emessina, puglisi}@dmi.unict.it

ABSTRACT

1.

The distribution of digital images with the classic and newest technologies available on Internet has induced a growing interest on systems able to protect the visual content against malicious manipulations performed during their transmission. One of the main problems addressed in this context is the authentication of the image received in a communication. This task is usually performed by localizing the regions of the image which have been tampered. To this aim the received image should be first aligned with the one at the sender by exploiting the information provided by a specific component of the forensic hash associated with the image. In this paper we propose a robust alignment method which makes use of an image hash component based on the Bag of Features paradigm. In order to deal with highly textured and contrasted tampering patterns the spatial distribution of the image features has been encoded in the alignment signature. A block-wise tampering detection based on histograms of oriented gradients representation is also proposed. Specifically, a non-uniform quantization of the histogram of oriented gradient space is used to build the signature of each image block for tampering purposes. Experiments show that the proposed approach obtains good margin in terms of performances with respect to state-of-the art methods.

The growing demand of techniques useful to protect digital visual data against malicious manipulations is induced by different episodes that make questionable the use of visual content as evidence material [1, 7]. Specifically, methods useful to establish the validity and authenticity of a received image are needed in the context of Internet communications. To this aim different solutions have been recently proposed in literature [2, 3, 9, 10, 11, 13]. Most of them share the same basic scheme: i) a hash code based on the visual content is attached to the image to be sent; ii) the hash is analyzed at destination to verify the reliability of the received image. An image hash is a distinctive signature which represents the visual content of the image in a compact way. The image hash should be robust against allowed operations and at the same time it should differ from the one computed on a different/tampered image. Although the importance of the binary decision task related to the image authentication, this is not always sufficient. In the application context of Forensic Science is fundamental to provide scientific evidences through the history of the possible manipulations (e.g., geometric transformations) applied to the original image to obtain the one under analysis. In many cases, the source image is unknown, and all the information about the manipulation of the image should be recovered through the short image hash signature, making more challenging the final task. The list of manipulations provides to the end user some useful information to assess whether the image can be trusted or not. For tampering localization, the receiver should be able to filter out all the involved geometric transformations (e.g., rotation, scaling, translation) applied to the tampered image by aligning the received image to the one at the sender [2, 3, 11]. The alignment should be done in a semi-blind way: at destination one can use only the received image and the image hash to deal with the alignment problem, since the reference image is not available. The challenging task of recovering the geometric transformations occurred on a received image from its signature motivates this paper. Despite different robust alignment techniques have been proposed by computer vision researchers [14], these techniques are unsuitable in the context of forensic hashing, since a fundamental requirement is that the image signature should be as “compact” as possible to reduce the overhead of the network communications. To fit the underlying requirements, authors of [10] have proposed to exploit information extracted through Radon transform and scale space theory in order to estimate the parameters of the geometric trans-

Categories and Subject Descriptors I.4.10 [Image Processing and Computer Vision]: Image Representation; I.4.9 [Image Processing and Computer Vision]: Applications

General Terms Algorithms, Security, Verification

Keywords Image Forensics, Forensic Hash, Bag of Features, Image Registration, Tampering Localization, Image Authentication.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. MiFor’11, November 29, 2011, Scottsdale, Arizona, USA. Copyright 2011 ACM 978-1-4503-0987-5/11/11 ...$10.00.

INTRODUCTION AND MOTIVATIONS

formations. To make more robust the alignment phase with respect to manipulations such as cropping and tampering, an image hash based on robust invariant features has been proposed in [11]. The latter technique extended the idea previously proposed in [13] by employing the Bag of Features (BOF) model to represent the features to be used as image hash. The exploitation of the BOF representation is useful to reduce the space needed for the image signature, by maintaining the performances of the alignment component. In [3] a more robust approach based on a cascade of estimators has been introduced. The method in [3] is able to handle the replicated matchings in order to make a more robust estimation of the orientation parameter. Moreover, the cascade of estimators allows a higher precision in estimating the scale factor. A more robust way to deal with the problem of wrong matchings has been proposed in [2] where a filtering strategy based on the SIFT dominant directions combined in cascade with a robust estimator based on a voting strategy on the parameter space is presented. Taking into account the technique in [2], we propose to extend the method by encoding the spatial distribution of the image features to deal with highly textured and contrasted tampering patterns. As pointed out by the experimental results, the proposed approach obtains satisfactory results with a significant margin in terms of estimation accuracy with respect to [3] and [11]. Moreover, by encoding spatial distribution of feature the proposed method outperforms the original method proposed in [2] when strongly contrasted and/or texture regions are contained into the image. We also propose a block-wise tampering detection based on histograms of oriented gradients representation which makes use of a non-uniform quantization to build the signature of each image block for tampering purposes. Experimental results confirm the effectiveness of the non-uniform quantization in terms of both, compactness of the final hash signature and tampering detection accuracy. The remainder of the paper is organized as follows: Section 2 discusses the importance of embedding the spatial distribution of the features into the image hash, whereas Section 3 introduces the tampering component used by the system. Section 4 and Section 5 report experiments and discuss the registration and tampering localization results. Finally, Section 6 concludes the paper with avenues for further research.

2. DELUDING REGISTRATION IN TAMPERING DETECTION SYSTEMS Tampering detection systems often use robust invariant local features (e.g., SIFT) to deal with a large range of image manipulations [2, 3, 11]. These systems usually suppose that images are registered before tampering detection step. As described in this paper, in the context of communication a small subset of the robust features are retained to compose the image hash for the alignment component. These features are typically selected considering their contrast properties (higher stability) without taking into account their spatial distribution in the image (as done in [2, 3, 11, 13]). In this section we show with an example that it is possible to design ad-hoc attacks to SIFT-based hashing methods. More specifically, a simple tampering, obtained by adding a patch containing a highly texturized and contrasted pattern to the original image, deludes the typical

SIFT-based registration systems by concealing all the true local features useful to properly align the received image. Fig. 1 shows an example of malicious tampering which deludes the typical SIFT-based systems described in [2, 3, 11, 13]. In Fig. 1(a) the image at the source is shown, whereas the malicious pattern added during the transmission is reported in Fig. 1(b). For example let consider the method proposed in [2]. Sixty SIFT selected by the approach discussed in [2] at both, source and destination, are shown in Fig. 1(c) and Fig. 1(d). As demonstrated by the Figures, all the SIFT extracted by the sender which are used to build the alignment signature in [2] are concealed at destination, since all the sixty SIFT extracted by the receiver lie on the tampering pattern. The alignment procedure is hence invalidated, and all further processing to verify the authenticity of the image, to localize the tampered regions, and in general to recover the history of the manipulations of the image, will be unreliable. This kind of problem occurs with high textured and contrasted tampered regions for all the methods described in [2, 3, 11, 13]. In order to improve the robustness of the method proposed in [2] we modified the initial step of feature selection by considering the keypoints spatial distribution in the image. The spatial based selection process works as follows: first the SIFT are extracted, and then grouped taking into account the spatial coordinates of the obtained feature keypoints. The grouping can be done employing a clustering algorithm. For each cluster, the best SIFT in terms of contrast value is selected. This procedure allows to extract k high contrasted features (corresponding to the k clusters) well distributed in the image with respect to spatial location. The final signature is then computed as in [2] on the features selected considering the spatial distribution. As shown by Fig. 1(e), Fig. 1(f) and as pointed out by the experiments (see Section 4), this strategy allows to cope with tampering obtained by adding a high textured and contrasted patterns, outperforming [2].

3.

TAMPERING COMPONENT

Tampering localization is the process of localizing the regions of the image that have been manipulated for malicious purposes to change the semantic meaning of the visual message. The tampering manipulation typically changes the properties (e.g., edges distributions, colors, textures, etc.) of some image regions. To deal with this problem, the image is usually divided into blocks (usually not overlapped) which are represented through feature vectors computed taking into account their content. The feature vectors computed at the source are then sent at destination where are used as forensic hash for the tampering detection component of the system. The check to localize tampered blocks is performed by the receiver taking into account the received signature and the one computed (with the same procedure employed by the sender) on the received image. The comparison of the signatures is performed block-wise after the alignment. Among the different representations that can be used to describe the content of a block, the histogram of gradients has been successful used in the context of image tampering localization [11, 13]. The image is convolved with simple derivative filters along horizontal and vertical directions obtaining magnitude and orientation for each pixel. For each block a histogram is built considering a set of quantized orientations. The orientation bins can be in the range [0◦ , 180◦ ] (“unsigned” gradient) or [0◦ , 360◦ ] (“signed” gradient). Each

Table 1: Image transformations. Operations Rotation ( ) Scaling (!) Orizontal Traslation (Tx) Vertical Traslation (Ty) Cropping Tampering Malicious Tampering

(a) Original Image

Parameters 3, 5, 10, 30, 45 degrees factor = 0.5, 0.7, 0.9, 1.2, 1.5 5, 10, 20 pixels 5, 10, 20 pixels 19%, 28%, 36%, of entire image block size 50x50 block size 25x25 a = 0.90, 0.95, 1, 1.05, 1.10 Linear Photometric Transformation (a*I+b) b = -10, -5, 0, 5, 10 Compression JPEG Q=10 Seam Carving 10%, 20%, 30% Realistic Tampering [4] Various combinations of above operations

(b) Tampering Pattern

4. (c) 60 SIFT selected by (d) 60 SIFT selected by ordering contrast values ordering contrast values on the original image. on tampered image.

(e) 60 SIFT selected con- (f) 60 SIFT selected sidering spatial cluster- with spatial clustering ing and contrast values and contrast values on on the original image. tampered image. Figure 1: An example of feature selection, with and without spatial clustering, in presence of malicious tampering. block votes for a bin of the histogram through a function of the gradient magnitude of the pixel (e.g., root, square root), the magnitude itself or a clipped version representing the presence of an edge. Finally, the obtained histograms are normalized and then quantized in order to obtain a compact hash for each block (e.g., 15 bit for each block [13]). The comparison of histograms of corresponding blocks of the signatures is usually performed through a similarity measure and a thresholding procedure. Although the histograms can be simply quantized in a uniform way [13], in this paper we propose to use a nonuniform quantization by pre-computing a vocabulary of histograms of orientations. In the proposed approach, the orientation histograms related to blocks extracted on training images are partitioned taking into account their shape similarity through a clustering procedure. The prototype of each partition is retained to form the vocabulary to be used for tampering purposes. Images at sender and receiver are first splitted into blocks and then each block is associated to the closest histogram prototype (in terms of shape) belonging to the shared vocabulary. Comparison between signatures is made by simply comparing the IDs of corresponding blocks after the alignment. Experimental results confirm the effectiveness of the non-uniform quantization in terms of both, compactness of the final hash signature and tampering detection accuracy.

REGISTRATION RESULTS

This section reports a number of experiments on which the proposed approach has been tested and compared with respect to [2, 3, 11]. Tests have been performed considering a subset of the dataset used in [8] and the images of DBForgery 1.0 [4]. The first dataset is made up of 4485 images (average size of 244×272 pixels) belonging to fifteen different scene categories at basic level of description. The composition of the considered dataset allows to cope with the high scene variability needed to properly test methods in the context of application of this paper. The training set used in the experiments is built through a random selection of 150 images from the aforementioned dataset. Specifically, ten images have been randomly sampled from each scene category. In order to consider also realistic tampering 29 images have been selected from DBForgery 1.0 and added to the training dataset. The test set consists of 21330 images generated through the application of different manipulations on the training images. The following image transformations have been considered (Tab. 1): cropping, rotation, scaling, translation, seam carving, tampering, linear photometric transformation and JPEG compression. Tampering on the subset of [8] has been performed through the swapping of blocks (50 × 50) between two images randomly selected from the training set. A realistic tampering on DBForgery 1.0 images has been obtained by simply using the script provided together with the dataset [4]. Images obtained through various combinations of the basic transformations, as well as the ones obtained adding the malicious tampering shown in Fig. 1(b) have been included into the test set to make more challenging the task to be addressed. To demonstrate the effectiveness of the proposed approach, and to highlight the contribution of the encoding of spatial information in the image signature, several comparative tests have been performed by considering our method and the approaches proposed in [2, 3, 11]. The approaches proposed in [2, 3, 11] have been reimplemented. Although Lu et al. [11] claim that further refinements are performed using the points that occur more than once, actually they do not provide any implementation detail. Hence, to further refine the results obtained by Lu et al. [11] without replicated matchings, we have reconsidered all the previous discarded matchings belonging to [θb − ∆θ, θb + ∆θ] and [b σ − ∆σ, σ b + ∆σ] with θb and σ b coming from the estimation without replicates and ∆θ, ∆σ equals to 3.5 and 0.025 respectively. The parameter setting has been performed considering the values proposed in [2]. As reported in Tab. 2, by increasing the number of SIFT points there is a decreasing of the number of unmatched images (i.e., image pairs that the algorithm is not able to

Table 2: Comparison with respect to unmatched images. Unmatched Images Number of SIFT Lu et al. [11] Battiato et al. [3] Battiato et al. [2] Proposed approach

45 1.69% 0,25% 0,97% 0.25%

60 1.13% 0.09% 0.82% 0.09%

Table 3: Average rotational error. Number of SIFT Unmatched Images Lu et al. [11] Battiato et al. [3] Battiato et al. [2] Proposed approach

Mean Error 45 60 1.54% 1.06% 7.2391 7.1882 2.4371 1.9484 0.4418 0.3708 0.5060 0.3461

Table 4: Average scaling error. Number of SIFT Unmatched Images Lu et al. [11] Battiato et al. [3] Battiato et al. [2] Proposed approach

Table 5: Percentage of unmatched on images obtained through malicious manipulation.

Mean Error 45 60 1.54% 1.06% 0.0588 0.0642 0.0195 0.0181 0.0193 0.0167 0.0173 0.0143

process; see [2] for additional details) for all the approaches. In all cases the percentage of images on which our algorithm is able to work is higher than the one obtained by the approaches proposed in [2, 11]. Tab. 3 and Tab. 4 show the results obtained in terms of rotational and scale estimation through mean error. In order to properly compare the methods, the results have been computed taking into account the images on which all approaches were able to work (the number of unmatched images is reported into the tables). The proposed approach outperforms [3] and [11] obtaining a considerable gain both in terms of rotational and scaling accuracy. Moreover, the performance of our approach improves with the increasing of the extracted feature points (SIFT). On the contrary, the technique in [11] is not able to take significative advantage from the information coming from an increasing number of extracted SIFT points. To better compare the different methods, the Regression Error Characteristic Curves (REC) has been employed [5]. The REC curve is the cumulative distribution function of the error. The area over the curve is a biased estimation of the expected error of an employed estimation model. In Fig. 2 the comparison through REC curves is shown for both, rotation and scaling factor. The results have been obtained considering 60 SIFT to build the alignment signature of training and test images. REC curves confirm the effectiveness of the proposed method which outperforms [3, 11] and obtains results which closely match [2]. Additional experiments have been performed in order to examine the dependence of the average rotational and scaling error with respect to the rotation and scale transformation parameters respectively. Looking at the results obtained with the proposed approach one can observe that the rotational estimation error slightly increases with the rotation angle (Fig. 3(a)). For the scale transformation, the error has lower values in the proximity of one (no scale change)

Number of SIFT Lu et al. [11] Battiato et al. [3] Battiato et al. [2] Proposed approach

Unmatched Images 45 60 20.67% 21.79% 1.68% 1.12% 14.53% 13.97% 0.00% 0.00%

Table 6: Average rotational error on images obtained through malicious manipulation. Number of SIFT Lu et al. [11] Battiato et al. [3] Battiato et al. [2] Proposed approach

Mean Error 45 60 14.2848 13.4975 34.3832 36.8093 7.0392 9.6364 0.0000 0.0000

Table 7: Average scaling error Malicious on images obtained through malicious manipulation. Number of SIFT Lu et al. [11] Battiato et al. [3] Battiato et al. [2] Proposed approach

Mean Error 45 60 0.0538 0.0564 0.1288 0.1608 0.1141 0.1815 0.0003 0.0004

and increases considering scale factors higher or lower than one (Fig. 3(b)). It should be noted that our approach obtains the best performances in almost all cases for both, rotational and scaling estimation. Finally, we have performed comparative tests to highlight the contribution of adding spatial clustering during SIFT selection (see Section 2). To this aim the test images obtained by adding the malicious pattern (Fig. 1(b)) have been considered. Tab. 5 shows the percentage of malicious manipulated images that cannot been considered by the different approaches, whereas Tab. 6 and 7 reports the results obtained by the different approaches on the malicious manipulated images on which matchings have been found. In Tab. 8 the different approach are compared taking into account only the images on which all the approaches are able to work. The results demonstrate that robustness can be obtained embedding spatial information during the selection of the features to be used as signature for the alignment component. The embedded spatial information helps to deal with tampered images obtained by adding patches containing a highly texturized and contrasted pattern.

5.

TAMPERING RESULTS

The final step of the proposed framework is the tampering detection, i.e., the localization of the image regions that have been modified for malicious purposes. As already stated in Section 3 we adopt an image representation based on histogram of gradients to properly describe image blocks. Our technique has been implemented in Matlab making use of some useful routines already available for HOG-like feature computing [12]. More specifically, image gradients are computed by using the simple 1D filters [−1 0 1] and [−1 0 1]T . These gradients are then used to obtain magnitude and orientation for each image pixel. The image is then

REC CURVE 1

0.8

0.8

0.6

0.6

Accuracy

Accuracy

REC CURVE 1

0.4 Lu et al. [11] Battiato et al. [3] Battiato et al. [2] Proposed approach

0.2

0 0

50

100 150 Absolute Deviation

200

0.4 Lu et al. [10] Battiato et al. [3] Battiato et al. [2] Proposed approach

0.2

0 0

250

2

4 6 Absolute Deviation

8

10

Figure 2: REC curves comparison. Battiato et al. [3]

Battiato et al. [2]

Lu et al. [11]

Proposed approach

Battiato et al. [3]

Battiato et al. [2]

Proposed approach

0 24 0,24 0,22 0,20 0,18

Mean Errror M

Mean Errror M

Lu et al. [11] 3,2 30 3,0 2,8 2,6 24 2,4 2,2 2,0 18 1,8 1,6 1,4 1,2 12 1,0 0,8 06 0,6 0,4 0,2 00 0,0

0,16 0 14 0,14 0,12 0, 0,100 0,08 0,06 0,04 0,02 0 00 0,00

3

5

10

30

45

0.5

0.7

0.9

1.2

1.5

(a) Average rotation error at varying of the (b) Average scaling error at varying of the rotation angle. scale factor. Figure 3: Comparison on single transformation (60 SIFT). ROC CURVE 1

Table 8: Comparison of the different approaches on images obtained through malicious manipulation. 45 26.82%

60 27.93%

! ! 9.4716 0.0350 8.6212 0.0398 22.3903 0.0707 22.3697 0.1010 4.6260 0.0658 6.1550 0.1349 0.0000 0.0003 0.0000 0.0004

0.9 0.8 True Positive (Sensitivity)

Number of SIFT Unmatched Images Mean Error Lu et al. [11] Battiato et al. [3] Battiato et al. [2] Proposed approach

0.7 0.6 0.5 0.4 0.3 Lu et al.[11] Battiato et al. [3] Battiato et al. [2] Proposed approach

0.2

divided into non-overlapped blocks 32 × 32 and an orientation histogram is built considering four orientation in the range [-90, 90] degrees (”unsigned” gradient). Each block then votes for a bin of the histogram with its magnitude. Finally the obtained histograms are normalized and quantized. Two kinds of quantization have been considered to test the proposed framework: uniform and non-uniform. The uniform quantization ([13]) simple uses a fixed number of bits to describe a single bin of the histogram (3 in our tests). Considering four orientation, 12 bits are used to describe a single block. The proposed non-uniform quantization makes use of a pre-computed vocabulary of histograms of orientation containing 64 prototypes (6 bit for each block). This vocabulary has been obtained making use of a simple k-means clustering. All the aforementioned parameters have been derived through experimental analysis taking into account the specificity of the considered problem (e.g., the hash has to be as compact as possible). In order to validate the tampering localization step several experiments have been performed considering a subset of the dataset previously used for alignment purposed. This subset consists of 2714 images containing a tampering patch. First we tested the tampering detection performances

0.1 0 0

0.2

0.4 0.6 False Positive (1 Specificity)

0.8

1

Figure 4: Tampering detection comparison through ROC curves. Results have been obtained by using uniform quantization of histograms of gradients (12 bits per block).

considering a uniform quantization of the orientation histograms. Euclidean distance between represented blocks is used to discriminate between tampered and not tampered image regions. All the approaches already considered in the alignment tests have been compared through ROC curves (Fig. 4). These curves have been obtained at varying of the threshold (T hun ) used to localize local tampering. It is worth noting that all the image blocks are divided in three groups: tampered blocks, not tampered blocks and border blocks (i.e., blocks that after alignment contain black pixels of the border). In our tests the blocks of the border have been discarded. The overall workflow is shown in Fig 5. As shown by Fig. 4, the proposed registration approach out-

(a) Original image.

(b) Tampered image.

(d) Tampering Localization Figure 5: An example of the proposed tampering detection workflow. In (d) orange indicates the recognized tampered blocks, whereas green indicates the blocks detected as not tampered. Blue indicates image blocks falling on the border of the images after the registration. The 32 × 32 grid in (c) and (d) has been overimposed just for visual assessment. This result has been obtained employing the alignment with spatial clustering and a non-uniform quantization for tampering detection.

True

Table 9: Comparison of tampering detection results by considering uniform (12 bit per block) and nonuniform (6 bit per block) quantization of histograms of gradients space. (a) Uniform quantization with spatial clustering. Inferred Tampered Not Tampered 86.18 13.82 Tampered 50.31 49.69 Not Tampered

True

(b) Non-uniform quantization with spatial clustering. Inferred Tampered Not Tampered 86.66 13.34 Tampered 43.77 56.23 Not Tampered

performs [3, 11] and obtains results similar to [2]. Better alignment corresponds hence to better localization of manipulations. Further experiments have been conducted by considering the proposed non-uniform quantization. In order to build a compact hash, a vocabulary of 64 elements has been built through k-means. This clustering has been performed on the histogram of gradients extracted from the whole scene category dataset [8]. Since the performance of the uniform quantization depends on the selected threshold T hun , to properly compare uniform and non-uniform quantization the threshold has been fixed to obtain similar true positive values. Tampering detection results are reported in Tab. 9. Our approach with non-uniform quantization obtains better results than uniform quantization. It should be noted that the nonuniform quantization describes a single block making use of only 6 bits instead of 12 bits used by uniform quantization.

6. CONCLUSIONS AND FUTURE WORKS The assessment of the reliability of an image received through the Internet is an important issue in nowadays society. This paper addressed the image alignment and tampering detection tasks in the context of distributed forensic systems. A robust image registration component which exploits an image signature based on the Bag of Features paradigm has been discussed. The proposed hash encodes the spatial distribution of features to better deal with highly texturized and contrasted tampering patches outperforming pre-

(c) Image registration.

viously published approaches. A non-uniform quantization of histograms of oriented gradients is exploited to perform tampering localization. Future works should be devoted to test the performance of the proposed approach in presence of several ad-hoc attacks [6].

7.

REFERENCES

[1] Photo tampering throughout history. www.cs.dartmouth.edu/farid/research/digitaltampering/. [2] S. Battiato, G. M. Farinella, E. Messina, and G. Puglisi. Robust image registration and tampering localization exploiting bag of features based forensic signature. In ACM Multimedia (MM’11), 2011. [3] S. Battiato, G. M. Farinella, E. Messina, and G. Puglisi. Understanding geometric manipulations of images through BOVW-based hashing. In International Workshop on Content Protection & Forensics (CPAF 2011), 2011. [4] S. Battiato and G. Messina. Digital forgery estimation into DCT domain - a critical analysis. In ACM Multimedia 2009, Multimedia in Forensics (MiFor’09), 2009. [5] J. Bi and K. P. Bennett. Regression error characteristic curves. In International Conference on Machine Learning, pages 43–50, 2003. [6] T.-T. Do, E. Kijak, T. Furon, and L. Amsaleg. Deluding image recognition in SIFT-based CBIR systems. In ACM workshop on Multimedia in forensics, security and intelligence, pages 7–12, 2010. [7] H. Farid. Digital doctoring: how to tell the real from the fake. Significance, 3(4):162–166, 2006. [8] S. Lazebnik, C. Schmid, and J. Ponce. Beyond bags of features: Spatial pyramid matching for recognizing natural scene categories. In IEEE Conference on Computer Vision and Pattern Recognition, pages 2169–2178, 2006. [9] Y.-C. Lin, D. Varodayan, and B. Girod. Image authentication based on distributed source coding. In IEEE International Conference on Image Processing, pages 3–8, 2007. [10] W. Lu, A. L. Varna, and M. Wu. Forensic hash for multimedia information. In SPIE Electronic Imaging Symposium - Media Forensics and Security, 2010. [11] W. Lu and M. Wu. Multimedia forensic hash based on visual words. In IEEE International Conference on Image Processing, pages 989–992, 2010. [12] S. Maji, A. Berg, and J. Malik. Classification using intersection kernel support vector machines is efficient. In IEEE International Conference on Computer Vision and Pattern Recognition, pages 1–8, 2008. [13] S. Roy and Q. Sun. Robust hash for detecting and localizing image tampering. In IEEE International Conference on Image Processing, pages 117–120, 2007. [14] R. Szeliski. Image alignment and stitching: a tutorial. Foundations and Trends in Computer Graphics and Computer Vision, 2(1):1–104, 2006.