This document proposes a method for preserving privacy in video surveillance by scrambling regions of interest (ROIs) in video sequences. It discusses scrambling quantized DCT or DWT coefficients in compressed video to conceal information in ROIs while maintaining understanding of the overall scene. The scrambling is flexible and reversible with a private key, has low computational complexity, and introduces minimal impact on video coding performance. Previous approaches are also summarized.

1. Frédéric Dufaux and Touradj Ebrahimi
Presents by Kobi Magnezi

2. Abstract
— Problem:
Preserving privacy in video surveillance
— Solution:
Scrambling regions of interest (ROI) in a video
sequence.
— Implementation:
efficient solution based on transform-domain
scrambling

3. Abstract
— Real life:
— MPEG-4
— Motion JPEG 2000
— Results:
— Conceal information in ROI in the scene while
providing with a good level of security
— Scrambling is flexible – distortion can be adjusted
— Small impact on coding performance and
negligible computational complexity increase.

4. Motivation
— Video surveillance systems are becoming ubiquitous.
— Strategic places
— Airports
— Banks
— Public transportation
— Busy city centers.
— Increase security but fear the loss of privacy
— à slowing down the deployment of video surveillance.

5. George Orwell
Big brother: “While tens of millions in government
funding have been spent on research improving video
surveillance, virtually none has been invested in
technologies to enhance privacy or effectively balance
privacy and security”

6. Architecture
Wireless
Wired

7. Architecture

8. Architecture
ROI
Scramble
Compress
•Face detections
•Change Detection
•Tracking
•Skin detection
Privacy Video •Object segmentation & tracking
•Combination

9. 5 Previous approaches addressed
privacy in video surveillance

10. Blinkering Surveillance: Enabling
Video Privacy through Computer Vision. IBM Technical
— “Just enoughquot; of the video stream
— OO
— PrivacyCam

11. Blinkering Surveillance: Enabling
Video Privacy through Computer Vision. IBM Technical
— Approach
— OO representation of the scene
— Re-render frames based on ACL
— Technology
— Privacy console that manages different versions of the
video data based on ACL.
— Privacy Cam - smart camera produces a video stream
with the privacy-intrusive information already removed.

12. “The networked
sensor tapestry (NeST): a privacy enhanced software
architecture for interactive analysis of data in video-sensor
networks
— Networked Sensor Tapestry (NeST)
Test-bed under development
— Secure sharing
— Capture
— Distributing
— Archiving
— Architecture
— Centralized server
— Mobile hardware clients (TinyOS)
— Layered XML messaging schema

13. “The networked
sensor tapestry (NeST): a privacy enhanced software
architecture for interactive analysis of data in video-sensor
networks
— Main concepts:
— privacy buffer
— privacy filters
— privacy grammar
— The utility of the architecture
— variety of hardware/software clients
— remote sensor interface device
— software modules for sensor data
— data visualization, sensor control
— data archival applications

14. Preserving Privacy by De-identifying Facial Images
— Algorithm to protect the privacy by de-identifying
faces
— Old approaches
— Blacking out each face
— covering eyes
— randomly perturbing image pixels
à fail for robustness of face recognition methods

15. Preserving Privacy by De-identifying Facial Images
New approach - k-Same
limits the ability of face recognition software.
The algorithm
• determines similarity between faces
• creates new faces by averaging image components,
• varying k.

16. Privacy through Invertible Cryptographic Obscuration
— Scene distortion via cryptography
— Encryption techniques to improve the privacy aspects
Allowing full access
Allowing general
(i.e. violation of
surveillance to
privacy) only with use
continue
of a decryption key

17. Video surveillance using JPEG 2000
— JPEG 2000 compression
— Events detection and ROI identification
— Compressed video streams
are scrambled and signed
— Privacy
— Data Integrity
— Standards
— JPSEC
— JPWL

18. JPWL / JPSec Schema

19. Previous approaches with JPEG
— The process
— Identify ROI (people, privacy-sensitive info)
— ROIs à Code-blocks
— Code-blocks scrambled by ACL
— Lowering quality layer of the codestream (bandwidth)
— Drawback
— Shape of the scrambled region is restricted to match
code-block boundaries.

20. How we’ll make it better?
— We want that
— Scene remains understandable
— The people are unidentifiable.
— Security
— private encryption key
— Control who can unlock and view the whole scene in
clear.

21. How we’ll make it better?
— Output: single protected code-stream to all clients
— No private key à distorted version of the content
— Private key à unscramble the code-stream.
— Can be used with
— DCT-based: Motion JPEG, MPEG-4 or AVC 2x HD !!
— DWT-based Motion JPEG 2000.
64 kBits
960 MBits
— Goodies
— Flexible Technique can be restricted to arbitrary-shape ROIs
— Level of distortion (fuzzy to completely noisy)

22. Public/Private key encryption

24. Why Compress/Encode
Video Source Output Data Rate[Kbits/sec]
Quarter VGA @20 frames/sec 36 864.00
CIF camera @30 frames/sec 72 990.72
VGA @30 frames/sec 221 184.00
Transmission Medium Data Rate [Kbits/sec]
Wireline modem 56
GPRS (estimated average rate) 30
3G/WCDMA (theoretical maximum) 384

25. MPEG-4
— Based on a motion compensation
— Block-based DCT
— Compression
Predicted frames
Intraframes

26. Four 8x8
Blocks for DCT
16x16
MacroBlocks

27. black with lot of
change in
frequency à
DCT random matrix
cosine function: horizontal, diagonal
and vertical frequencies
one color -->
matrix with 1st
large value &
zeros

28. DCT
cosine function: horizontal, diagonal
and vertical frequencies
Much of the signal
energy lies at Low
frequencies
High frequencies.
Often small to be
neglected with a
little distortion.

29. Human visual system
experiments
standard quantization
matrix
>50 less compress
* (100-quality)/50
<50 more compress
/ lower quality
* 50/quality

31. Quality factor of 75

32. Quality factor of 20

33. Quality factor of 5

34. Quality factor of 3

35. Entropy Encoder (Compress…)
— Variable length Coding
Huffman Coding
or others…

36. Huffman Coding
— The symbol with the highest probability is assigned
the shortest code and vice versa.
— Code words length is not fixed (VLC)
— A codeword cannot be a prefix for another codeword
(Self Synchronized Code)

37. Huffman Coding

39. Video Scrambling
Earlier works Our approach
— Traditional cryptographic — Bit scrambling
techniques
— Encrypt the compressed — Encrypt before compressing
video.
— Whole image completely — Whole scene remains
distorted à indecipherable comprehensible but some
objects cannot be identified
— Coding performance
— Complexity increase
— Arbitrary-shape ROI
— Flexible distortion

40. So when we scrambling?
Before After
Perform scrambling in the original Apply scrambling after encoding. (the
image prior to encoding. compressed codestream is directly
— Advantage: scrambled)
Very simple and independent — Disadvantage:
from the encoding scheme Very difficult to guarantee that the
subsequently used. scrambled codestream will not
— Disadvantage: crash a standard decoder.
Significantly altering the statistics of
the video signal, hence making the
ensuing compression less efficient.
Scrambling in the transform-domain.
Region-based transform domain
scrambling technique inverting the signs of
selected transform coefficients

41. Transform-domain Scrambling
— Frames transform using an energy compaction
transform: DCT, DWT
— The resulting coefficients are then entropy coded
using techniques such as Huffman or arithmetic
coding.

43. MPEG-4 & Scrambling
— Effectively applied
on the quantized
DCT coefficients,
and outside of the
motion
compensation loop

44. The scrambling recipe
— What can be scrambled?
— In general, DC coefficients are strongly correlated and
are therefore unsuitable for scrambling.
— Their signs are not.

45. The scrambling recipe
— So what can be done?
— All DC coefficients of the blocks corresponding to the
ROIs are scrambled by pseudo-randomly flipping their
sign.

46. The scrambling recipe
— The shape of the scrambled region is restricted to
match the 8x8 DCT blocks boundaries.
— Level of scrambling = fewer AC coefficients.

48. Drifts…
— Unauthorized decoder (not capable of unscrambling) will
use a different motion compensation loop than an
authorized decoder
— Result:
Unauthorized decoder may experience a drift, resulting in
— artifacts in the scrambled sequence

49. How to avoid it?
— Scrambled MB in the reference frame, are always
INTRA coded.
— Prevents the drift in motion compensation loop
Predicted frames
Intraframes

51. Encryption
— PRNG initialized by a seed
— SHA1PRNG with 64bit seed
— Increase security à Multiple seed can be used
— Seeds value encrypted using RSA
— Inserted to the code-stream
— Shape of ROI’s
— Meta Data in MPEG-4 (private data / codestream)
— Separate Channel

52. Complexity?
— Flipping sings of selected coefficients

54. Scrambling
— Effectively applied after the DWT and quantization,
and before the arithmetic coder

55. De-Srambling
— The process is fully reversible. At the decoder,
authorized users have merely to perform the exact
inverse operation.

56. Looks familiar?
— Similar approach as proposed for MPEG-4
— Quantized wavelet coefficients are scrambled by
pseudo randomly flipping their sign
KM2
— Level of scrambling = fewer resolution levels.

57. Slide 56
???? KM2
bandwith
Kobi Magnezi, 10/06/2009

58. Goodies of JPEG2000
— The shape of the ROIs
— Embedded ROI mechanism of JPEG 2000.
— Leveraging standard JPEG security (JPSEC)
— The seeds (for PRNG) can be encrypted and
embedded in the codestream.
à Fully JPSEC compliant.

60. Varying scrambling strength for
MPEG-4

61. Varying scrambling strength for
Motion HPEG 2000

62. Coding
efficiency
MPEG-4
Less than 10%
bitrate increases

63. Coding
efficiency
Motion
JPEG2000
Approximately 10%
bitrate increases

65. Security Strength
— Brute-force attack
— tries all combinations reversing the signs of all non-zero AC
coefficients.
— CIF frame (352x288)
— We consider the luminance component
— MPEG-4 and Motion JPEG 2000
— à 99’792 AC coefficients.
— ROI’s
— Suppose that the attacker knows the ROIs which cover 5% of the image
— à restricting the number of corresponding AC coefficients to 4’990.
— Non-Zero
— assuming that only 5 % of those are nonzero
— Need to try reversing the signs of 250 coefficients
à 2250 combinations for each frame.
— à good level of security.

66. something to think about…

67. Eagle Eye