Difference between revisions of "Security of Scalable Multimedia Streams"

From NMSL
Line 1: Line 1:
The demand for multimedia services has been rapidly increasing over the past few years. More and more users rely on multimedia services for many aspects of their daily lives, including work, education, and entertainment. This makes the security of delivering multimedia content of great importance. Therefore, we focus on providing source authentication and data integrity services for media stream, i.e., ensuring that streams being played by receivers are original and have not been tampered with by malicious attackers. Our especial focus is on scalable video streams, which are becoming very popular with respect to recent advances in scalable coding and the increasing heterogeneity among receiver devices.
+
The demand for multimedia services has been rapidly increasing over the past few years. More and more users rely on multimedia services for many aspects of their daily lives, including work, education, and entertainment. Multimedia content, however, is often distributed over open and insecure networks, such as the Internet. Accordingly, secure delivery of multimedia streams is an important and critical problem. Secure delivery means authenticating multimedia streams so that all receivers can ensure that the content is original and is not tampered with by any attacker.
  
A number of major challenges rise when considering authentication of scalable video streams. First, digital signature operations, which are the foundation of authentication processes, are too computationally expensive to be performed frequently in real-time, especially by limited-capability devices such as cell phones and PDAs. Second, flexibility of scalable videos needs to be supported by the authentication scheme. A scalable video is encoded and signed once, and there can be many valid substreams extractable from one bitstream, each of which needs to be authenticated. Third, packet losses frequently take place in transmission networks, especially in wireless channels. Counteracting the impact of loss in video transmission scenarios is approached by several techniques such as Forward Error Correction (FEC), interleaved packetization, etc. This impact in case of "authenticated" video gets more highlighted. Due to the dependency that the authentication mechanism may impose on video packets, it may amplify the loss ratio of the network; a video packet and its authentication information must both be successfully received, or the video packet is unusable even though it is not lost. The authentication scheme should have zero or negligible such effect. Fourth, some additional information needs to be attached to the stream by the authentication mechanism in order for receivers to be able to verify the stream. The amount of this information needs to be carefully controlled, since bandwidth is a limited resource and should not be non-negligibly occupied by the authentication information.
+
Various challenges need to be dealt with for this purpose. First, the authentication mechanism, which can be computationally expensive, has to keep up with the online nature of the streams. Second, media content is often distributed over unreliable channels, where packet losses are not uncommon. The authentication scheme needs to function properly even in the presence of these losses. Third, media streams can be encoded in scalable (or layered) manner to accommodate heterogeneous clients and varying network conditions. In this case, the authentication scheme has to successfully verify any substream extracted from the original stream. Finally, the authentication information added to the streams should be minimized in order to avoid increasing the already-high storage and network bandwidth requirements for multimedia content.
  
We are investigating the above four challenges and several other subtle issues for authentication of scalable video streams in a computationally efficient manner, with low delay and communication overhead and high resilience to packet losses. We also performed systematic tamperings with scalable videos with very limited manipulation possibilities in order to highlight the importance of our approaches. Our main focus is on recent scalable video structures, such as the state-of-the-art H.264/SVC standard, which follow a more complex structure compared to traditional simple scalable videos, and can flexibly support different types of scalability by using various coding tools.
+
We investigate these challenges for authentication of scalable video streams in a computationally efficient manner, with low delay and communication overhead, and high resilience against packet losses. Our main focus is on scalable videos encoded using the state-of-the-art video coding standard H.264/SVC, the Scalable Video Coding (SVC) extension of H.264/AVC video coding technique. H.264/SVC offers great flexibiliy while incurring much lower overheads compared to classic scalable coding techniques. We have designed an authentication scheme for H.264/SVC streams that supports its full flexibility: it takes into account the coding characteristics of H.264/SVC scalability model and enables verification of all possible substreams. In addition, the proposed scheme is designed for end-to-end authentication of streams. In an end-to-end authentication procedure, a content provider prepares the authenticated video and sends it to receivers, possibly through a third-party Content Delivery Network (CDN) with proxy servers that may need to adapt the flexible video streams. These proxies or any
 +
other entity involved in the delivery process do not have to understand our authentication scheme, which is an important advantage of the proposed scheme.
  
  
Line 15: Line 16:
 
== Publications ==
 
== Publications ==
  
* M. Hefeeda and K. Mokhtarian, “Authentication Schemes for Multimedia Streams: Quantitative Analysis and Comparison,” To appear in ACM Transactions on Multimedia Computing, Communications and Applications.
+
* M. Hefeeda and K. Mokhtarian, Authentication Schemes for Multimedia Streams: Quantitative Analysis and Comparison, ''ACM Transactions on Multimedia Computing, Communications, and Applications'', Accepted January 2009.
  
* M. Hefeeda and K. Mokhtarian, “Security of Scalable Multimedia Streams,Handbook on Security and Networks, World Scientific Publishing Co., To appear in summer 2009.
+
* K. Mokhtarian and M. Hefeeda,  End-to-End Secure Delivery of Scalable Video Streams, In Proc. of International workshop on Network and Operating Systems Support for Digital Audio and Video (NOSSDAV'09), 6 pages, Williamsburg, VA, June 2009.
 +
 
 +
* M. Hefeeda and K. Mokhtarian, [http://www.cs.sfu.ca/~mhefeeda/Papers/pv09.pdf Analysis of Authentication Schemes for Nonscalable Video Streams], In Proc. of IEEE International Packet Video Workshop (PV'09), 10 pages, Seattle, WA, May 2009.  Slides [ [http://www.cs.sfu.ca/~mhefeeda/Talks/pv09.pptx ppt] ] [ [http://www.cs.sfu.ca/~mhefeeda/Talks/pv09.pdf pdf] ]
 +
 
 +
* M. Hefeeda and K. Mokhtarian, Authentication of Scalable Multimedia Streams, Book Chapter in Handbook on Security and Networks, World Scientific Publishing Co., To appear in Summer 2009.
  
  
Line 23: Line 28:
  
  
* '''[[svcAuth]]''': An Authentication Scheme for Securing the Delivery of H.264/SVC Video Streams
+
* '''[[svcAuth]]''': A Library for Authenticating H.264/SVC Video Streams

Revision as of 23:05, 22 June 2009

The demand for multimedia services has been rapidly increasing over the past few years. More and more users rely on multimedia services for many aspects of their daily lives, including work, education, and entertainment. Multimedia content, however, is often distributed over open and insecure networks, such as the Internet. Accordingly, secure delivery of multimedia streams is an important and critical problem. Secure delivery means authenticating multimedia streams so that all receivers can ensure that the content is original and is not tampered with by any attacker.

Various challenges need to be dealt with for this purpose. First, the authentication mechanism, which can be computationally expensive, has to keep up with the online nature of the streams. Second, media content is often distributed over unreliable channels, where packet losses are not uncommon. The authentication scheme needs to function properly even in the presence of these losses. Third, media streams can be encoded in scalable (or layered) manner to accommodate heterogeneous clients and varying network conditions. In this case, the authentication scheme has to successfully verify any substream extracted from the original stream. Finally, the authentication information added to the streams should be minimized in order to avoid increasing the already-high storage and network bandwidth requirements for multimedia content.

We investigate these challenges for authentication of scalable video streams in a computationally efficient manner, with low delay and communication overhead, and high resilience against packet losses. Our main focus is on scalable videos encoded using the state-of-the-art video coding standard H.264/SVC, the Scalable Video Coding (SVC) extension of H.264/AVC video coding technique. H.264/SVC offers great flexibiliy while incurring much lower overheads compared to classic scalable coding techniques. We have designed an authentication scheme for H.264/SVC streams that supports its full flexibility: it takes into account the coding characteristics of H.264/SVC scalability model and enables verification of all possible substreams. In addition, the proposed scheme is designed for end-to-end authentication of streams. In an end-to-end authentication procedure, a content provider prepares the authenticated video and sends it to receivers, possibly through a third-party Content Delivery Network (CDN) with proxy servers that may need to adapt the flexible video streams. These proxies or any other entity involved in the delivery process do not have to understand our authentication scheme, which is an important advantage of the proposed scheme.


People


Publications

  • M. Hefeeda and K. Mokhtarian, Authentication Schemes for Multimedia Streams: Quantitative Analysis and Comparison, ACM Transactions on Multimedia Computing, Communications, and Applications, Accepted January 2009.
  • K. Mokhtarian and M. Hefeeda, End-to-End Secure Delivery of Scalable Video Streams, In Proc. of International workshop on Network and Operating Systems Support for Digital Audio and Video (NOSSDAV'09), 6 pages, Williamsburg, VA, June 2009.
  • M. Hefeeda and K. Mokhtarian, Authentication of Scalable Multimedia Streams, Book Chapter in Handbook on Security and Networks, World Scientific Publishing Co., To appear in Summer 2009.


Software

  • svcAuth: A Library for Authenticating H.264/SVC Video Streams