Towards Secure Online Distribution of Multimedia Codestreams
Multimedia codestreams distributed through open and insecure networks are subjected to attacks such as malicious content tampering and unauthorized accesses. This dissertation first addresses the issue of authentication as a mean to integrity - protect multimedia codestreams against malicious tamper...
Saved in:
| Main Author: | |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2016
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/etd_coll/131 https://ink.library.smu.edu.sg/cgi/viewcontent.cgi?article=1130&context=etd_coll |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.etd_coll-1130 |
|---|---|
| record_format |
dspace |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
authentication access control multimedia security h.264 transcoding Information Security |
| spellingShingle |
authentication access control multimedia security h.264 transcoding Information Security LO, Swee Won Towards Secure Online Distribution of Multimedia Codestreams |
| description |
Multimedia codestreams distributed through open and insecure networks are subjected to attacks such as malicious content tampering and unauthorized accesses. This dissertation first addresses the issue of authentication as a mean to integrity - protect multimedia codestreams against malicious tampering. Two cryptographic-based authentication schemes are proposed to authenticate generic scalable video codestreams with a multi-layered structure. The first scheme combines the salient features of hash-chaining and double error correction coding to achieve loss resiliency with low communication overhead and proxy-transparency. The second scheme further improves computation cost by replacing digital signature with a hash-based message authentication code to achieve packet-level authentication and loss-resiliency. Both schemes are robust to transcoding, i.e., they require only onetime authentication but allow verification on different transcoded versions. A comprehensive analysis is performed on the proposed schemes in comparison to existing work in terms of their authentication and verification delays, communication overhead, and buffer sizes needed for authentication/verification. Scalable video codestreams encoded by the H.264/SVC standard are made up of frames with spatial and quality layers while each frame belongs to a specific temporal layer. Taking into account the dependency structure of an H.264/SVC codestream, a secure and efficient cryptographic-based authentication scheme that is fully compatible with such a structure is proposed. By integrating the temporal scalability structure with a combination of double error correction coding and packet replication techniques, the proposed scheme is highly loss-resilient with a low communication overhead under burst loss condition. Performances of the proposed scheme under different encoding settings are further analyzed and the results showed that the proposed scheme outperforms an existing scheme in terms of its loss-resiliency. The proposed scheme also exhibits low authentication and verification delays, which is an important performance factor for real-time multimedia applications. The third work in this dissertation studies the security of content-based authentication for non-scalable video codestreams. Based upon the video coding concept, it is shown that existing transform-domain content-based authentication schemes exhibit a common design flaw, where the transform-domain feature extracted is not sufficient to represent the true semantic meaning of the codestreams. Consequently, although the schemes are able to detect semantic-changing attacks performed in the pixel domain, they are unable to detect attacks performed in the transform domain. A comprehensive discussion on how the flaw can be exploited by manipulating transform domain parameters is presented and several attack examples are demonstrated. In addition, the concept behind attacks that manipulate the transform-domain header parameters and the conditions of the attacks, given the attacker's desired attack content, are discussed in depth. Finally, the issue of access control as a mean to regulate unauthorized accesses to protected codestreams is studied. For generic scalable codestreams, a secure and efficient access control scheme is presented, where symmetric encryption is used to protect the codestreams, and attribute-based encryption is used to disseminate access keys to users. We further extend the scheme to address access control for H.264/SVC codestreams. The proposed schemes are secure against collusion attack and employ access keys generation hierarchy that is fully compatible to the dependency structures of generic and H.264/SVC codestreams, respectively. As a result, they are efficient in the way that each user needs to maintain only a single access key regardless of the number of layers he/she is entitled to access. The proposed schemes also eliminate the use of an online key distribution center by employing attribute-based encryption for access keys dissemination.\302\240 |
| format |
text |
| author |
LO, Swee Won |
| author_facet |
LO, Swee Won |
| author_sort |
LO, Swee Won |
| title |
Towards Secure Online Distribution of Multimedia Codestreams |
| title_short |
Towards Secure Online Distribution of Multimedia Codestreams |
| title_full |
Towards Secure Online Distribution of Multimedia Codestreams |
| title_fullStr |
Towards Secure Online Distribution of Multimedia Codestreams |
| title_full_unstemmed |
Towards Secure Online Distribution of Multimedia Codestreams |
| title_sort |
towards secure online distribution of multimedia codestreams |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2016 |
| url |
https://ink.library.smu.edu.sg/etd_coll/131 https://ink.library.smu.edu.sg/cgi/viewcontent.cgi?article=1130&context=etd_coll |
| _version_ |
1712300877763575808 |
| spelling |
sg-smu-ink.etd_coll-11302019-07-11T06:20:02Z Towards Secure Online Distribution of Multimedia Codestreams LO, Swee Won Multimedia codestreams distributed through open and insecure networks are subjected to attacks such as malicious content tampering and unauthorized accesses. This dissertation first addresses the issue of authentication as a mean to integrity - protect multimedia codestreams against malicious tampering. Two cryptographic-based authentication schemes are proposed to authenticate generic scalable video codestreams with a multi-layered structure. The first scheme combines the salient features of hash-chaining and double error correction coding to achieve loss resiliency with low communication overhead and proxy-transparency. The second scheme further improves computation cost by replacing digital signature with a hash-based message authentication code to achieve packet-level authentication and loss-resiliency. Both schemes are robust to transcoding, i.e., they require only onetime authentication but allow verification on different transcoded versions. A comprehensive analysis is performed on the proposed schemes in comparison to existing work in terms of their authentication and verification delays, communication overhead, and buffer sizes needed for authentication/verification. Scalable video codestreams encoded by the H.264/SVC standard are made up of frames with spatial and quality layers while each frame belongs to a specific temporal layer. Taking into account the dependency structure of an H.264/SVC codestream, a secure and efficient cryptographic-based authentication scheme that is fully compatible with such a structure is proposed. By integrating the temporal scalability structure with a combination of double error correction coding and packet replication techniques, the proposed scheme is highly loss-resilient with a low communication overhead under burst loss condition. Performances of the proposed scheme under different encoding settings are further analyzed and the results showed that the proposed scheme outperforms an existing scheme in terms of its loss-resiliency. The proposed scheme also exhibits low authentication and verification delays, which is an important performance factor for real-time multimedia applications. The third work in this dissertation studies the security of content-based authentication for non-scalable video codestreams. Based upon the video coding concept, it is shown that existing transform-domain content-based authentication schemes exhibit a common design flaw, where the transform-domain feature extracted is not sufficient to represent the true semantic meaning of the codestreams. Consequently, although the schemes are able to detect semantic-changing attacks performed in the pixel domain, they are unable to detect attacks performed in the transform domain. A comprehensive discussion on how the flaw can be exploited by manipulating transform domain parameters is presented and several attack examples are demonstrated. In addition, the concept behind attacks that manipulate the transform-domain header parameters and the conditions of the attacks, given the attacker's desired attack content, are discussed in depth. Finally, the issue of access control as a mean to regulate unauthorized accesses to protected codestreams is studied. For generic scalable codestreams, a secure and efficient access control scheme is presented, where symmetric encryption is used to protect the codestreams, and attribute-based encryption is used to disseminate access keys to users. We further extend the scheme to address access control for H.264/SVC codestreams. The proposed schemes are secure against collusion attack and employ access keys generation hierarchy that is fully compatible to the dependency structures of generic and H.264/SVC codestreams, respectively. As a result, they are efficient in the way that each user needs to maintain only a single access key regardless of the number of layers he/she is entitled to access. The proposed schemes also eliminate the use of an online key distribution center by employing attribute-based encryption for access keys dissemination.\302\240 2016-05-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/etd_coll/131 https://ink.library.smu.edu.sg/cgi/viewcontent.cgi?article=1130&context=etd_coll http://creativecommons.org/licenses/by-nc-nd/4.0/ Dissertations and Theses Collection (Open Access) eng Institutional Knowledge at Singapore Management University authentication access control multimedia security h.264 transcoding Information Security |