Watermarks expose deep fakes and increase cyber security
"A picture is worth a thousand words", the saying goes, but is that really true? As early as the American Civil War, elements of different photographs were combined to enhance the heroics. A retouching brush was used to erase the disgraced from images of various world events. In 2014, the German weekly Der Spiegel compiled a photo series on early image manipulation and nowadays authentic photos can easily be faked using artificial intelligence. The pope in a white down jacket or AI generated images of former German Chancellor Angela Merkel and U.S. President Barack Obama running along a beach are just some of the surreal examples. Professor Volker Skwarek, Head of the CyberSec Research and Transfer Centre (FTZ) at HAW Hamburg, stressed: "Deep fakes, i.e., deceptively real-looking images, audio or video recordings generated by AI, are a problem when people do not know what to believe."
Securing video images
More than half of EU citizens doubt the truthfulness of the information they find online and wonder whether it has been deliberately manipulated, according to a survey by the Bertelsmann Foundation. The "Robust Signature of Audiovisual Media against (deep) Fakes (SaM-fake)" project at HAW Hamburg aims to expose manipulated images using a watermark of sorts. Based on the Trusted Cam software, audio files or videos are labelled authentic during recording. "Every single video image is broken down into segments that are protected by a mathematically generated signature akin to a watermark. That makes it almost impossible to remove the watermark fully," said Skwarek. Subsequent manipulations can be identified immediately. Legitimate handling of the files, such as rotating, cropping, scaling or compressing, on the other hand, has no effect on the stored watermarks.
Cyber security and cyber forensics
News from war zones can be verified which in turn strengthens people's trust in media," said Skwarek. The project is being carried out in co-operation with Chainstep GmbH in Hamburg and is funded by the German Ministry of Education and Research's "DATI Innovation Sprints" scheme. "SaM fakes could also occur in messenger apps," said Skwarek. "We have developed the prototype in the lab. The community will decide whether it will be released.” If the community opts for a signature, this would lead to more cyber security, which the FTZ CyberSec has been trying to achieve since it was set up in 2012 with around ten people. It works on e.g., projects to optimise identity procedures and on the security of decentralised energy systems or cyber forensics. "When companies or organisations are blackmailed after a ransomware attack, the ransom is often paid in cryptocurrencies which are based on blockchain technology. We try to follow the money using transaction data from the blockchains as part of our Cyber Block Forensics project," Skwarek noted.
Cyberattacks endangering security of supply
"A decentralised approach to our energy systems is crucial to a successful energy transition - and each individual system must be protected from cyberattacks." And as quickly as possible. The German Energy Agency (dena) has noted an increase in cyberattacks on the IT infrastructure of urban utility companies, their IT service providers and other companies in the energy sector: "The increasing digitalisation and decentralisation of the energy system is leading to even more attack surfaces for attackers. As a result, cyber security is becoming increasingly important for a secure supply." But just how well can systems and installations be secured? "Our students keep asking us that. Unfortunately, there is no such thing as absolute security," said Skwarek. The race against cyber criminals involves an asymmetric additional effort. "A little more effort for us and far more for the hackers. The better a system is secured, the less attractive it is to attackers."