2021 Proceeding- General Chairs:
- Dirk Borghys,
- Patrick Bas,
- Program Chairs:
- Luisa Verdoliva,
- Tomáš Pevný,
- Bin Li,
- Jennifer Newman
As general and program chairs, it is our great pleasure to welcome you to the 2021 ACM Workshop on Information Hiding, Multimedia and Security - IH&MMSec'21. In usual times, the conference should have been held at the Royal Military Academy in Brussels, Belgium. However, due to the situation of the Covid-19 pandemic, this year again, the conference will be virtual. Let us hope that it is the very last time! Nevertheless, this year's workshop continues its tradition of being the premier forum for presentation of research results on leading edge issues of multimedia security such as hidden communications, multimedia forensics, data protection, biometrics, security of multimedia recognition systems, as well as topics in privacy, policy and legal issues in relation to multimedia security and forensics in real world applications. We expect the workshop to facilitate cross-fertilization of ideas among key stakeholders from academia, industry, practitioners, and government agencies around the globe.
The call for papers attracted 47 submissions from countries around the world. The program committee accepted 22 papers that cover a wide variety of topics mentioned above. In addition, the program includes three keynote talks focused on information leakages: one dedicated to side-channels attacks by Francois-Xavier Standaert (UCL, Belgium), one on privacy issues in machine learning by Nicolas Carlini (Google Brain), and one on watermarking to monitor data used during training by Alexandre Sablayrolles (FaceBook). We hope that both the live presentations and the proceedings will serve as a valuable reference for security researchers and developers.
Proceeding Downloads
Evaluating and Designing against Side-Channel Leakage: White Box or Black Box?
Side-channel analysis is an important concern for the security of cryptographic implementations, and may lead to powerful key recovery attacks if no countermeasures are deployed. Therefore, various types of protection mechanisms have been proposed over ...
How Private is Machine Learning?
A machine learning model is private if it doesn't reveal (too much) about its training data. This three-part talk examines to what extent current networks are private. Standard models are not private. We develop an attack that extracts rare training ...
Tracing Data through Learning with Watermarking
How can we gauge the privacy provided by machine learning algorithms? Models trained with differential privacy (DP) provably limit information leakage, but the question remains open for non-DP models. In this talk, we present multiple techniques for ...
PRNU-based Deepfake Detection
As deepfakes become harder to detect by humans, more reliable detection methods are required to fight the spread of fake images and videos. In our work, we focus on PRNU-based detection methods, which, while popular in the image forensics scene, have ...
Fake Speech Detection Using Residual Network with Transformer Encoder
Fake speech detection aims to distinguish fake speech from natural speech. This paper presents an effective fake speech detection scheme based on residual network with transformer encoder (TE-ResNet) for improving the performance of fake speech ...
Meta and Media Data Stream Forensics in the Encrypted Domain of Video Conferences
Our paper presents a systematic approach to investigate whether and how events can be identified and extracted during the use of video conferencing software. Our approach is based on the encrypted meta and multimedia data exchanged during video ...
Exploitation and Sanitization of Hidden Data in PDF Files: Do Security Agencies Sanitize Their PDF Files?
Organizations publish and share more and more electronic documents like PDF files. Unfortunately, most organizations are unaware that these documents can compromise sensitive information like authors names, details on the information system and ...
Angular Margin Softmax Loss and Its Variants for Double Compressed AMR Audio Detection
Double compressed (DC) adaptive multi-rate (AMR) audio detection is an important but challenging audio forensic task which has received great attention over the last decade. Although the majority of the existing studies extract hand-crafted features and ...
FederatedReverse: A Detection and Defense Method Against Backdoor Attacks in Federated Learning
Federated learning is a secure machine learning technology proposed to protect data privacy and security in machine learning model training. However, recent studies show that federated learning is vulnerable to backdoor attacks, such as model ...
Banners: Binarized Neural Networks with Replicated Secret Sharing
Binarized Neural Networks (BNN) provide efficient implementations of Convolutional Neural Networks (CNN). This makes them particularly suitable to perform fast and memory-light inference of neural networks running on resource-constrained devices. ...
Deep Neural Exposure: You Can Run, But Not Hide Your Neural Network Architecture!
Deep Neural Networks (DNNs) are at the heart of many of today's most innovative technologies. With companies investing lots of resources to design, build and optimize these networks for their custom products, DNNs are now integral to many companies' ...
iNNformant: Boundary Samples as Telltale Watermarks
Boundary samples are special inputs to artificial neural networks crafted to identify the execution environment used for inference by the resulting output label. The paper presents and evaluates algorithms to generate transparent boundary samples. ...
Towards Match-on-Card Finger Vein Recognition
Security and privacy is of great interest in biometric systems which can be offered by Match-on-Card (MoC) technology, successfully applied in several areas of biometrics. In finger vein recognition such a system is not available yet. Utilizing minutiae ...
General Requirements on Synthetic Fingerprint Images for Biometric Authentication and Forensic Investigations
- Andrey Makrushin,
- Christof Kauba,
- Simon Kirchgasser,
- Stefan Seidlitz,
- Christian Kraetzer,
- Andreas Uhl,
- Jana Dittmann
Generation of synthetic biometric samples such as, for instance, fingerprint images gains more and more importance especially in view of recent cross-border regulations on security of private data. The reason is that biometric data is designated in ...
Optimizing Additive Approximations of Non-additive Distortion Functions
The progress in steganography is hampered by a gap between non-additive distortion functions, which capture well complex dependencies in natural images, and their additive counterparts, which are efficient for data embedding. This paper proposes a ...
Information Hiding in Cyber Physical Systems: Challenges for Embedding, Retrieval and Detection using Sensor Data of the SWAT Dataset
In this paper, we present an Information Hiding approach that would be suitable for exfiltrating sensible information of Industrial Control Systems (ICS) by leveraging the long-term storage of process data in historian databases. We show how hidden ...
Revisiting Perturbed Quantization
In this work, we revisit Perturbed Quantization steganography with modern tools available to the steganographer today, including near-optimal ternary coding and content-adaptive embedding with side-information. In PQ, side-information in the form of ...
Fast Detection of Heterogeneous Parallel Steganography for Streaming Voice
Heterogeneous parallel steganography (HPS) has become a new trend of current streaming media voice steganography, which hides secret information in the frames of streaming media with multiple kinds of orthogonal steganography. Because of the complexity ...
How to Pretrain for Steganalysis
In this paper, we investigate the effect of pretraining CNNs on ImageNet on their performance when refined for steganalysis of digital images. In many cases, it seems that just 'seeing' a large number of images helps with the convergence of the network ...
Improving EfficientNet for JPEG Steganalysis
In this paper, we study the EfficientNet family pre-trained on ImageNet when used for steganalysis using transfer learning. We show that certain "surgical modifications" aimed at maintaining the input resolution in EfficientNet architectures ...
Piracy-Resistant DNN Watermarking by Block-Wise Image Transformation with Secret Key
In this paper, we propose a novel DNN watermarking method that utilizes a learnable image transformation method with a secret key. The proposed method embeds a watermark pattern in a model by using learnable transformed images and allows us to remotely ...
White-Box Watermarking Scheme for Fully-Connected Layers in Fine-Tuning Model
For the protection of trained deep neural network(DNN) models, embedding watermarks into the weights of the DNN model have been considered. However, the amount of change in the weights is large in the conventional methods, and it is reported that the ...
A Protocol for Secure Verification of Watermarks Embedded into Machine Learning Models
Machine Learning is a well established tool used in a variety of applications. As training advanced models requires considerable amounts of meaningful data in addition to specific knowledge, a new business model separate models creators from model ...
On the Robustness of Backdoor-based Watermarking in Deep Neural Networks
Watermarking algorithms have been introduced in the past years to protect deep learning models against unauthorized re-distribution. We investigate the robustness and reliability of state-of-the-art deep neural network watermarking schemes. We focus on ...
DNN Watermarking: Four Challenges and a Funeral
The demand for methods to protect the Intellectual Property Rights (IPR) associated to Deep Neural Networks (DNNs) is rising. Watermarking has been recently proposed as a way to protect the IPR of DNNs and track their usages. Although a number of ...
Recommendations
Acceptance Rates
| Year | Submitted | Accepted | Rate |
|---|---|---|---|
| IH&MMSec '18 | 40 | 18 | 45% |
| IH&MMSec '17 | 34 | 18 | 53% |
| IH&MMSec '16 | 61 | 21 | 34% |
| IH&MMSec '15 | 45 | 20 | 44% |
| IH&MMSec '14 | 64 | 24 | 38% |
| IH&MMSec '13 | 74 | 27 | 36% |
| Overall | 318 | 128 | 40% |