Today — we’re releasing a free, publicly available tool called Inspect. It’s a JPEG metadata viewer & the cumulation of one year of research on post-capture photo forensics (editing detection). Inspect is meant to educate the public on two key image quality factors — pixel quality & metadata quantity. Below is the story of how our team landed on the creation of this tool & our position regarding detection of still image editing.
今天,我们将发布一个名为 Inspect 的免费公共可用工具 。 它是JPEG元数据查看器,并且对捕获后的照片取证(编辑检测)进行了为期一年的研究。 检查旨在对公众进行两个关键图像质量因素的教育-像素质量和元数据数量。 以下是我们的团队如何着手创建此工具以及我们在检测静止图像编辑方面的立场的故事。
Last year, Truepic acquired Fourandsix Technologies. The goal of the acquisition was to explore post-capture photo forensics technologies alongside world-renowned digital forensics leader, Dr. Hany Farid. In the year that followed, we hired a specialized team, developed upon the technology, processed hundreds of thousands of images from real clients, and iterated upon core forensic concepts. It was a very valuable experience that helped affirm our belief in Controlled Capture technology, as we ultimately found that post-detection of digital image manipulations will have a limited near-term impact on the world.
去年,Truepic 收购了Fourandsix Technologies 。 此次收购的目的是与世界著名的数字取证领导者Hany Farid博士一起探索拍摄后的照片取证技术。 在接下来的一年中,我们聘请了一支专业团队,根据该技术进行开发,处理了来自真实客户的成千上万张图像,并根据核心取证概念进行了迭代。 这是一次非常宝贵的经验,有助于确认我们对“受控捕获”技术的信念,因为我们最终发现,对数字图像操作的后检测将对整个世界产生有限的近期影响。
While Truepic’s flagship technology, Controlled Capture, can & has been used as a tool to photo document with extremely high trust, it is fundamentally limited to images captured through our specialized camera application. As with most software, there are significant scaling challenges that can only come with time & brand recognition. So, while those leveraging Truepic’s system can capture images with verified contents, time, date, and location, such as this…
虽然Truepic的旗舰技术Controlled Capture可以用作具有高度信任的照片文档的工具,但从根本上讲,它仅限于通过我们的专用相机应用程序捕获的图像。 与大多数软件一样,在扩展时间和品牌识别方面也面临着巨大的扩展挑战。 因此,利用Truepic系统的人员可以捕获具有经过验证的内容,时间,日期和位置的图像,例如……
…the other ~2 trillion images a year without verifiable provenance will still be called into question. This is true in society and business alike, as Airbnb, Uber, & countless other organizations have recently realized.
…每年还有约2万亿张没有可验证来源的图像仍将受到质疑。 正如Airbnb , Uber和许多其他组织最近意识到的那样,这在社会和企业中都是如此。
There are two key discoveries by our team that have driven our conclusion that the detection of edits and manipulations to still photos will be a losing game: (1.) The fundamental way the JPEG file format works, and (2.) the modification and compression caused by uploading and sharing images across the internet.
我们团队有两个重要发现,这些结论促使我们得出结论: 检测到对静止照片的编辑和操作将是一场失败的游戏: (1。)JPEG文件格式的基本工作方式,以及(2.)修改和通过Internet上传和共享图像而导致的压缩。
JPEG *文件格式从根本上来说是有缺陷的-使元数据不受检测 (The JPEG* file format is fundamentally flawed — making metadata immune to detection)
Open your iPhone, adjust the date & time in the Settings App, and snap a photo. Guess what? — the camera original content metadata attached to your photo has the newly altered time & date, not the accurate time & date (altered metadata fields include: Created, Modified, CreateDate, DateTimeOriginal, SubSecCreateDate, SubSecDateTimeOriginal, etc). No detection mechanism on the planet will be able to detect this simple time and date adjustment. The root of this issue is that the standard approach of attaching EXIF data to a JPEG file is broken, and even knowing that an image has not been modified after capture does not mean it is accurate even at the time of capture.
打开您的iPhone,在“设置”应用中调整日期和时间,然后拍摄照片。 你猜怎么了? —附加到照片的相机原始 内容元数据具有新更改的时间和日期,而不是准确的时间和日期(更改的元数据字段包括:创建,修改,CreateDate,DateTimeOriginal,SubSecCreateDate,SubSecDateTimeOriginal等)。 这个星球上没有检测机制能够检测到这种简单的时间和日期调整。 此问题的根源在于,将EXIF数据附加到JPEG文件的标准方法已被破坏,即使知道在捕获后图像没有被修改也并不意味着它即使在捕获时也是准确的。
What does that mean for the trillions of photos on the internet? Well, if they were captured on a smartphone, or most any other capture device with simple setting adjustments, their date & time, and thus provenance, is impossible to re-establish through any automated method — even if it’s determined to be “camera original” data.
这对互联网上数万亿张照片意味着什么? 好吧,如果它们是通过智能手机或大多数其他具有简单设置调整的捕获设备捕获的,则它们的日期和时间以及出处就无法通过任何自动化方法重新建立,即使确定为“相机原始” ”数据。
The same goes for location details. By making manipulations to the location perceived by the native camera on a device, the same problem exists — modified location will be stamped as the camera original on a JPEG file. Turning on Developer Mode on an Android device allows anyone to perform this location adjustment in a couple of minutes.
位置详细信息也是如此。 通过对设备上的本机摄像头感知到的位置进行操作,存在相同的问题-修改后的位置将被标记为JPEG文件上的摄像头原件。 在Android设备上打开开发人员模式,任何人都可以在几分钟内执行此位置调整。
What does this mean? — anyone can make simple, novice level adjustments on their device, snap a photo, upload it to the internet, and not a single programmatic detection technology will accurately locate the potentially malicious changes to the metadata. This is an incredibly challenging problem & has been the focus of much discussion around disinformation, fraud, and online visual deception.
这是什么意思? —任何人都可以在其设备上进行简单的新手级别调整,拍摄照片,将其上传到互联网,并且没有一种编程检测技术可以准确地定位对元数据的潜在恶意更改。 这是一个极具挑战性的问题,并且一直是围绕虚假信息,欺诈和在线视觉欺骗的众多讨论的焦点。
*We should note that this problem is not specific to the JPEG/JFIF file format, as other formats (such as PNG) suffer from these same issues. That said, JPEG/JFIF is by far the most widely adopted file format for sharing still photographs across the internet.
*我们应注意,此问题并非特定于JPEG / JFIF文件格式,因为其他格式(例如PNG)也遭受这些相同问题的困扰。 就是说,JPEG / JFIF是迄今为止在互联网上共享静态照片的最广泛采用的文件格式。
几乎每个互联网服务和图像上传管道都会修改和压缩图像 (Almost every internet service and image upload pipeline modifies & compresses images)
When a digital image is uploaded to the internet, or sent through standard messaging applications, two critical changes are made to the file:
当数字图像上传到Internet或通过标准消息应用程序发送时,对该文件进行两项重要更改:
- The metadata is often completely stripped for privacy reasons. 由于隐私原因,通常会完全剥离元数据。
- The image is compressed to preserve bandwidth & improve upload speeds. 图像被压缩以保留带宽并提高上传速度。
Looking at a very common example of this… here’s a table showing Apple Mail’s standard compression options & the resulting photo sizes:
看一个非常普通的例子……这是一张表,显示了Apple Mail的标准压缩选项以及生成的照片尺寸:
Here’s a digital image that has been edited in photoshop to include a surfer, surfing a wave backwards:
这是在photoshop中编辑的数字图像,其中包括冲浪者,向后冲浪:
When uploaded or sent through the internet, the image is compressed & resized, which alters the fidelity of the image, and the available pixels to analyze. Based on our table above, the resulting image ratios appear as follows:
当上传或通过互联网发送时,图像会被压缩和调整大小,从而改变了图像的保真度以及可供分析的像素。 根据上表,得到的图像比例如下:
With each subsequent compression & size adjustment, the necessary pixel fidelity to perform programatic detection of the manipulation is reduced, and eventually completely lost:
每次进行后续压缩和大小调整时,执行程序化操作检测所需的像素保真度都会降低,并最终完全丧失:
Which has led our team to the conclusion that: manipulated pixels in images are hard to detect, and often nearly impossible to detect if the image has been heavily compressed and/or substantially resized. Which, happens to almost every image uploaded to the internet (or sent over SMS, email, etc).
这导致我们的团队得出以下结论: 图像中的可操纵像素很难检测,并且通常几乎无法检测图像是否已被严重压缩和/或大幅调整大小。 几乎所有上传到互联网(或通过短信,电子邮件等发送的图片)都会发生这种情况。
As one real-world example of these fundamental flaws — Truepic ran a proof-of-concept with one of the nation’s largest insurance carriers, processing 150k images through our detection system. After analysis — we found that the average image quality score was just 272 (1250 represents a modern smartphone), and the average metadata quantity was 62 (100 represents an average unmodified & untouched image). Which means — for a single representative enterprise — the average quality & metadata degradation to the images they receive from their customers negates over 10 years of camera advancement, resulting in images that are the visual equivalent of a smartphone produced in 2009. So, detection algorithms are at a natural disadvantage to helping them root out image-based fraud & deception, as they are forced to process images with the visual quality of a 10-year-old digital photo.
作为这些基本缺陷的真实示例,Truepic与美国最大的保险公司之一进行了概念验证,通过我们的检测系统处理了15万张图像。 经过分析,我们发现平均图像质量得分仅为272(1250代表现代智能手机),平均元数据数量为62(100代表未修改和未修饰的平均图像)。 这意味着-对于一个具有代表性的企业来说-从客户那里收到的图像的平均质量和元数据质量下降,抵消了10年来相机技术的进步,所产生的图像在视觉上相当于 2009年生产 的 智能手机 。 因此,检测算法在帮助他们根除基于图像的欺诈和欺骗方面处于天生的劣势,因为它们被迫处理具有10年数码照片视觉质量的图像。
With nearly every internet service stripping digital image metadata, compressing, and resizing their images, it becomes apparent that detecting false images online is not a practical approach. Until we move to non-destructive file formats, and change how we treat & respect these file types during transmission across the internet, it will be difficult, if not impossible to do still image manipulation detection accurately & at scale. Even if internet services adjust their platforms to better address compression and resizing, the first problem — testing for altered time, date, & location will still remain a fundamental issue. It is worth noting that these image detection issues also highlight the critical challenge of detecting “Cheapfakes”, rudimentary image & video manipulation, which are still the most common type of visual deception. Furthermore, stripped & inaccurate metadata exacerbates the problems of misattributing images, which we’ve seen recently everywhere from California to Syria.
随着几乎每个互联网服务都剥离数字图像元数据,压缩并调整其图像大小,很明显,在线检测错误图像并不是一种实用的方法。 除非我们转向非破坏性文件格式,并更改在互联网传输过程中对待和尊重这些文件类型的方式,否则即使不是不可能准确,大规模地进行静止图像处理检测,也将非常困难。 即使互联网服务调整了其平台以更好地解决压缩和调整大小,第一个问题-测试更改的时间,日期和位置仍将是一个基本问题。 值得注意的是,这些图像检测问题也突出了检测“ Cheapfake ”,基本图像和视频操作的关键挑战,这些仍然是最常见的视觉欺骗类型。 此外,剥离和不正确的元数据加剧了图像分配不当的问题,最近从加利福尼亚到叙利亚 ,我们都发现了这种问题。
Social media-fueled fake news in India last year highlights the worst-case scenario that these issues present. Misattributed images combined with false narratives can spread very quickly, undetected, and can lead to violence:
去年, 在印度社交媒体助长的虚假新闻突显了这些问题带来的最坏情况。 错误归类的图片加上错误的叙述会Swift传播,未被发现并可能导致暴力行为:
“A— Timothy McLaughlin — Wired
“ A- 蒂莫西·麦克劳克林-有线
This has led us to our final conclusion — establishing data integrity at the source is the definitive solution to trust in media. Experts refer to this as “the provenance approach”. You will continue to see our team leading efforts in establishing the standards around this technology, and working hard to democratize access & drive tangible, real-world impact for both business & society. This includes work around data integrity from source cameras, non-destructive file formats, and collaboration with the entire internet ecosystem on shared standards.
这使我们得出了最后的结论-从源头建立数据完整性是对媒体信任的最终解决方案。 专家将此称为“出处方法”。 您将继续看到我们的团队在建立围绕该技术的标准方面的领导工作,并努力使访问民主化并为企业和社会带来切实的,现实的影响。 这包括围绕源相机的数据完整性,非破坏性文件格式以及与整个互联网生态系统在共享标准上进行协作的工作。
The Inspect tool that we are releasing today, conversely, will help provide education to the public on why traditional photos, and the data contained in them, are not a source of high trust information.
相反,我们今天发布的Inspect工具将帮助公众了解为什么传统照片以及其中包含的数据不是高度信任信息的来源。
下一步是什么? (What’s next?)
Through the lessons learned during our research, our team will focus our energy in three areas:
通过在研究过程中获得的经验教训,我们的团队将把精力集中在三个领域:
Controlled Capture Technology— and Truepic Vision available for everyone: Our team has recently made it possible for any organization to sign-up through our website & utilize Controlled Capture technology to capture high trust images & videos from third parties. Our goal is to distribute this technology as widely as we can, and empower every organization with high trust capture tools to make better image-based decisions. Available here.
控制捕获技术-和视觉的TruePic供大家:我们的团队最近已经使我们能够为任何组织的注册通过我们的网站和利用控制捕捉技术从第三方获取高信任图片和视频。 我们的目标是尽可能广泛地分发这项技术,并使用高度信任的捕获工具授权每个组织做出更好的基于图像的决策。 在这里可用 。
Truepic & Social Responsibility: We recently announced a grant program, that allows any organization with a social impact oriented mission to use our trusted controlled capture tools at reduced or zero cost. We are committed to helping organizations that are on a mission to improve the state of our world.
Truepic和社会责任:我们最近宣布了一项赠款计划 ,该计划允许具有社会影响导向使命的任何组织以降低的成本或零的成本使用我们值得信赖的受控捕获工具。 我们致力于帮助以改善世界状况为使命的组织。
Inspect as an educational tool: We will continue to improve upon the public Inspect tool based on usage and feedback. Our goal is to educate those looking to learn more about the fundamental challenges in detecting edits to imagery. This free metadata viewer also serves as a natural extension of our social responsibility values. If the landscape changes in the future, and post-detection of image editing becomes possible at internet scale, we will look to re-invest in these efforts.
检查作为一种教育工具:我们将根据使用情况和反馈继续改进公共检查工具。 我们的目标是教育那些想要了解更多有关检测图像编辑的基本挑战的人。 这个免费的元数据查看器还可以自然地扩展我们的社会责任价值。 如果将来情况发生变化,并且可以在互联网范围内进行图像编辑的后期检测,那么我们将寻求对这些工作进行重新投资。
For any questions — our team can be reached at info@truepic.com — for inquiries on the grant program, please contact mounir@truepic.com.
如有任何疑问(可通过info@truepic.com与我们的团队联系),如对资助计划有任何疑问,请联系mounir@truepic.com。
A very special thank you to Justin, Amy, Nick, Ryan, Oliver and everyone else that worked on the Inspect project.
非常感谢Justin,Amy,Nick,Ryan,Oliver和其他参与Inspect项目的人员。
3万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
