Mobile-based Telemedicine Application using SVD and F-XoR Watermarking for Medical Images

A medicalservice platform is a mobile application through which patients are provided with doctor’s diagnoses based on information gleaned from medical images. The content of these diagnostic results must not be illegitimately altered during transmission and must be returned to the correct patient. In this paper, we present a solution to these problems using blind, reversible, and fragile watermarking based on authentication of the host image. In our proposed algorithm, the binary version of the Bose_Chaudhuri_Hocquengham (BCH) code for patient medical report (PMR) and binary patient medical image (PMI) after fuzzy exclusive or (F-XoR) are used to produce the patient's unique mark using secret sharing schema (SSS). The patient’s unique mark is used later as a watermark to be embedded into host PMI using blind watermarking-based singular value decomposition (SVD) algorithm. This is a new solution that we also proposed to applying SVD into a blind watermarking image. Our algorithm preserves PMI content authentication during the transmission and PMR ownership to the patient for subsequently transmitting associated diagnosis to the correct patient via a mobile telemedicine application. The performance of experimental results is high compare to previous results, uses recovered watermarks demonstrating promising results in the tamper detection metrics and self-recovery capability, with 30db PSNR, NC value is 0.99.


Introduction:
Telemedicine using mobile devices offers ease of access to medical services as patients may obtain a diagnosis from medical staff sooner in the form of a Patient Medical Report (PMR) transmitted through a mobile network. Exchanging the patient medical image (PMI) and PMR between the patient and medical services introduces challenges, such as the integrity (PMR and preserving the content of PMI) and the time and cost of transmission. The watermarking technique is a solution to these problems. In this situation, PMR is embedded in PMI through a watermark resulting in much less bandwidth memory as normally required for transmission (1,2,3).
Watermarking techniques are classified, from the human perception point of view, as visibly or invisibly embedded information into either a cover data or via dual watermarking (4).
Invisible watermarking prevents the PMR from being seen by unauthorised persons, and the techniques are categorised into fragile watermarking, semi-fragile watermarking, robust watermarking, and hybrid watermarking (2,5,6). Fragile watermarking prevents the PMI and PMR of patients from being changed by unauthorised people due to their sensitivity to modifications (6,7). Fragile watermarking techniques are forthcoming utilising either a secret or public key to provide security (6). The watermark information (PMR and the binary version of PMI) is a binary format to be embedded into the pixel values of the PMI. This information is retrieved for medical image content authentication or patient integrity (8). The embedding methods are either spatial domain or frequency domain and use embedding operations such as AND, OR, XOR, and XNOR (7). The watermark information, in the spatial domain, is directly embedded into PMI pixels value, while in the transform domain it is embedded into the transform version of PMI. Opposed to frequency methods, spatial methods are sensitive to noise, fast Fourier Transform, and lossy compression attacks.
However, some of these methods are considered as fast, simple, of high capacity and immune to cropping attacks (2).
Fragile watermarking techniques are either reversible or non-reversible, or blind or nonblind. The blind techniques do not need the original medical image (that's why it is suitable for mobile based telemedicine applications), and reversible techniques can produce the original (PMI and PMR) from the watermark cover (8,9). The most important characteristics for these methods are the ability to recover without distortion of the actual PMI, and the tamper proofing added with authentication (8). The purpose of integrity and authentication of PMI and PMR in fragile watermark application is to find and localize a place of tampering (8,9). PMI authentication and recovery capabilities using fragile watermarking include watermark generation and embedding along with tamper localization and some of these methods have PMI self-recovery capabilities (6). Many researchers used secret sharing schema (SSS) (3) to increase tamper recovery capabilities, while others used Bose_Chaudhuri_Hocquengham (BCH) code (10) to increase error correction though it is time consuming. Advantages of medical images include saving both memory and bandwidth, detachment avoidance, security, and confidentiality. Requirements include imperceptibility, reversibility, integrity control, and authentication (8). In the methods that use reversible and authentication fragile watermarking schema, watermarked medical image evaluating matrices uses two benchmarking groups: imperceptibility of transmission PMI and robustness of watermark information (2,8).
My contributions in this paper for fragile based watermarking are: 1. Improving correction capabilities in transmission and block based medical images. 2. Increasing similarity between recovered watermark and host watermark. 3. Improving Fridrich and Goljan scheme. 4. Finding new scheme for SVD based blind watermarking.
In this research, a blind reversible fragile watermark is used for both PMI and PMR. The patient uses telemedicine to send his or her PMR and PMI to medical services using a mobile camera, which is used as input to self-embed fragile watermarking schemes like that adopted by Fridrich and Goljan (1) for applications of authentication and integrity verification. The proposed method includes improvements relating to using HCB and secret sharing, which deal with error correction in transmission and repair (PMI and PMR), as well as using fuzzy exclusive Or (F-XoR) and SVD embedding operations. With this process, PMR is extracted from authentic binary PMI. The proposed algorithm provides a new solution for applying SVD as the embedding operation for blind watermarking using SSS. Section 2 of this paper is concerned with preliminaries of secret sharing, reviewing Fridrich and Goljan's schema, and describing F-XoR and SVD. Section 3 then presents the proposed self-embedding schemes with an evaluating metric. Discussion is provided in Section 4, while Section 5 includes our conclusion and future work.

Literature Review
One of the most interesting algorithms used by the researchers is singular value decomposition (SVD), which is a numerical analysis algorithm developed for a variety of applications. From the viewpoint of image-processing applications, SVD includes two properties related to its singular value of an image: 1) stability when adding a small perturbation to an image and 2) intrinsic algebraic image properties (11,12,13,14). That's why SVD has been greatly used in watermarking for many applications (8,15,16). Based on SVD, many fragile watermarking schemes have been introduced in the last decades (2). Byun et al. proposed image authentication based on SVD using fragile watermarking scheme, in which the resulted binary authentication data after applying SVD is embedded into the least significant bits (LSBs) of original image (11). These methods can be further divided as tamper localized fragile watermarks and tamper localization and recovery (self-recovery). Zhang et al. proposed image authentication using a pixel based fragile watermarking scheme, in which SVD characteristics are used to generate the watermark. Arnold transform is applied to the watermark that is embedded in the LSBs of the original image for tamper detection capabilities (8). Dadkhah et al. presented an SVD based watermarking method for tamper detection and recovery, in which a mixed partitioning method for image blocks with size 2x2 and 4x4 is performed to enhance the detection precision of watermarking algorithm (12). Irshad et al. (6), introduced an SVD fragile watermarking algorithm to resolve two problems (safety and recovery) using 4x4 blocks and average value of 2x2 blocks for tamper location and self-recovery. Recent (17) introduced DWT-SVD based selfauthentication image scheme for telemedicine application. In this scheme the first phase is preprocessing, the second is self-authentication, and the final step is tamper detection.

Preliminaries
The following sub sections provide a brief explanation for the methods used by our proposed scheme.

Secret Sharing Technique (18)
The schema of Shamir's (t, n)-threshold describes a perfect (t, n)-threshold schema using Lagrange interpolation. This means that for any t different points, ( , ( )), where ( ) ] is a polynomial and has a degree below t.
The definition of Shamir's schema states that for a secret, ∈ ℤ ⁄ ℤ,using p as a prime number, the secret is set via equal 0 and randomly choosing in The trusted party performs calculation, where: for all 1 ≤ ≤ . shares ( , ( )) are allocated to n different parties. The secret is recovered from any t shares (i, f(i)), for ⊂ {1, … , } , and = 0 = (0), by: Secret sharing schema (3, 6) as described in (18) is applied in the proposed scheme because secret sharing can recover tampered locations (errors in block-based medical images).

Fridrich and Goljan Schema
Fridrich and Goljan offered the original self-embedding-based fragile watermarking schemes for authentication applications with the single objective of embedding the compressed form of an image into the image itself. This is comprised of five components as shown in Fig.1. Block decomposition, watermarking generation, block mapping and watermark embedding, authentication and tamper location, and tampered region recovery (1,19).

Figure 1. The Fridrich and Goljan Schema.
Fridrich and Goljan schema as described in (1) is applied to the proposed scheme with an improvement in the schema by encoding the compressed version of the original PMR with BCH (7, 4, 1) code before embedding the F-XoR into the binary PMI, which is capable of a correction error of one bit (18). Because this schema can have a compressed form of the original medical image embedded into the image itself, by applying the decompression operation to the deduced embedded image, the resulting original image is used for exact diagnosis by doctors.

F-XoR Operation (20, 21)
A fuzzy set A in X, where X is any set, is defined as: For any fuzzy sets A and B, the fuzzy AND operation is defined as: Fuzzy OR operation is defined as: The fuzzy NOT operation is defined as: Then, the F-XoR operation is defined as: F-XoR operation is used in proposed scheme to embed the secret message into the image as our contribution in this paper.

SVD
The method applies a decomposing function to the input PMI into one singular value matric which is a diagonal matric of size equals to MXN, and two orthonormal matrices known as left (U) with size of mXN, and right (V) with size of NXN such as (2): This method is used in the proposed scheme because of its singular values properties and capabilities that are related to embedding small perturbation into PMI that does not change singular value significantly, as it is immune to attack by transposition, flipping, translation, rotation. A new blind reversible SVD is presented in this paper with secret sharing and BCH.

The Proposed Method for Self-Embedding Schemes
The method shown in Fig.2. depends on the block based secret sharing authentication technique to PMR and PMI via the shares. The shares are used to carry several authentication indications, one for patient medical report Block ( )and two for patient medical image block( 1 , 2 ), as well as to support and repair tampered data (using the other six shares for each 3x3 block size of PMI and 1x3 block size of PMR). This process uses the Fridrich and Goljan authentication schema with improvements by using the SVD, F-XoR operation for embedding and BCH (7,4,1). Our recommended method is implemented using MATLAB. The following blocks illustrate the framework of the proposed method. beginning with either a patient using the front mobile camera to take an image that is used later in a telemedicine application or an image from the selected dataset.

Block Decomposition:
The binary version of the user's PMR, which is coded by HCB, into nonoverlapping blocks is divided, then converted into the greyscale component of the user's coloured PMI of size NxN, where N mod 3 is an equal positive integer such as B, into a binary image using the mean as a threshold value, and divided the resulting binary image into nonoverlapping blocks 3 × 3. The result after performing the next two steps over all PMI blocks is the StegoPMI (SPMI) of the greyscale component. The subscript B is used in this paper to indicate "Block."

Watermarking Generation:
The were F-XoR with the first line of binary and the results of three bits are F-XoR to generate the authentication bit, , of . The next two lines of binary PMI B are F-XoR to generate two authentication bits of binary MI B , one for each line as 1 and 2 . The resulting authentication bits are concatenated with their correspondence to represent 12 bits. For every three sets of four-bit words, to represent three decimal numbers, , = 1, 2, 3 , these numbers are input to the Shamir function mod 7, which produces six shares, , = 1, 2, 3, 4, 5, 6 (each three decimal numbers input to BCH (7,4,1)). The nine resulting numbers i , j , i = 1, 2, 3 , and j = 1, 2, 3, 4, 5, 6 , represent the generated watermark block (GW B ). Fig.3. is an example of a GW B for a PMI taken from the front camera of the mobile device.

Block Mapping and Watermark Embedding:
We performed SVD on the previous results of GW B , such that: GW B = GW B GW B GW B (10) as well as on the previously used PMI B , such that: = PMI B PMI B PMI B (11) We computed: Authentication and Tamper Location: The blue component of the user's coloured SPMI is converted into a binary image using the mean as a threshold value and dividing the resulting binary image into nonoverlapping 3x3 blocks. The three lines of elements of binary SMI B are F-XoR to generate three authentication bits of binary SMI B , one for each line as , 1 , and 2 . The resulting authentication bits are re-concatenated with the correspondence to represent 12 bits. Every three sets of four-bit words represent three decimal numbers, , = 1, 2, 3. These numbers are input to the Shamir function mod 7, which produces six shares, , = 1, 2, 3, 4, 5, 6 . Each of the three decimal numbers are input to BCH (7,4,1)). The nine resulting numbers ( and ) represent a regenerated watermark block GW B . SVD is performed on the previous results of GW B , such that: as well as on the previously used SPMI B , such that: We also compute:  if they match , 1 , and 2 . If not, then the same process is repeated for the other three hidden sheers. Until all the blocks are recovered, apply extraction using the F-XoR operation to separate the PMR from PMI; otherwise, the PMI and PMR are damaged.

Proposed Method Metric Evaluation and Discussion
To achieve its performance, the proposed algorithm is applied to a dataset selected from MedPixTM (22), as in Fig.4., and the others are from real volunteer patients consisting of ten pairs of PMIs and PMRs. Fig.5. shows ten pairs that represent dataset corresponding results (SPMI and recovered PMR) produced by the proposed method in noiseless environment. The evaluation metrics are used to evaluate image watermark, recovery metrics and image tampering. Image tampering can be in two types of attack (intentional, and unintentional), a number of which are used in this paper (white Gaussian noise, salt and paper noise, histogram equalization, median filtering, joint picture expert group (JPEG), scaling, and resizing). Finally, a comparison with some previous work using the famous Lena image is presented in this paper.  where ( , ), ( , ), and ( , ) are luminance, contrast, and structure similarities, respectively, between the two images x and y, , , > 0 are the mean of I and standard deviation, respectively, with weak denominator, 3 , where is (23): Tamper detection matric For N blocks: The probability of false acceptance (PFA): The PFA is the probability of classifying a block as authentic when it is a tampered block and is defined as (17): The probability of false rejection (PFR): The PFR is the probability of classifying a block as tampered when it is a tampered block and is defined as (17):

The probability of false detection (PFD):
The PFD is the probability of classifying a block as authentic when it is, in fact, a tampered block and is defined as (17): where is the number of blocks, is the number of tampered blocks, is the number of tampered blocks correctly detected and is the number of authentic blocks incorrectly detected.
Perceptual invisibility is the most significant metric for any fragile watermarking scheme to indicate its capabilities for image recovery. The results where the watermark recovered metric applied are listed in Table 1. The first column represents PSNR (dB) of the pairs of PMIs and its corresponding SPMI. The second column represents NC of the pairs of PMIs and its corresponding recovered PMI. The third column represents the SSI. The resulted values of PSN, NC, SSI indicate that the proposed scheme has a good capability for image recovery. Fig.6. shows the PSNR change of different recovered PMI with tamper percentages (10,20,30,40,50) of PMIs. Fig.7. represents changes in FPR, FNR, and TDR for different tampered PMIs with respect to tampering percentage. The performance of proposed scheme is quite good under (30%) of tampering and satisfactory for (50%) of tampering.
The proposed algorithm was tested by several attacks experiments (e.g., white Gaussian noise, salt and paper noise, histogram equalization, median filtering, joint picture expert group (JPEG), scaling, and resizing) and the resulted values are shown in Table 2. It is clear that these attacks have some impact on SPMI. There will be little distortion after the SPMI is attacked, especially in the case of histogram equalization, rotation and Gauss noise of intensity (0.050) attacks. The value of PSNR will be bellow 30db, while where no attacks tack place, the value of PSNR will be approximately 50db. This points out that the proposed algorithm has good invisibility with very little distortion to SPMI.
Extracted watermark was compared with original watermark to deduce the NC value under the same set of attacks. From the results shown in Table 3, it can be noticed that NC values are very high, most of which are around 0.9. This means that there is some identicality between the original and extracted watermarks.
Salt and paper noise may occur in many stages of processing of image (e.g., cutting, decoding, or transmission). Table 3presents results of values of salt and paper noise attack. The NC value become very small when noise is 0.1, that is because salt and paper noise has an effect on embedded watermarks. JPG images are usually used in image transmission because of reduced SPMI size. Fig.8. shows impact of compression rates of 30%, 50%, and 70% to the resulted value of NC. It can be seen that the value of NC decreases when the compression intensity increases, which affects the similarity between original watermark and extracted watermark. Table 2 demonstrates the rapid change in the value of PSNR that corresponds to the histogram equalization and strong noise that attacks SPMI, even though in this case the extracted watermark information is close to original watermark, which indicates that the proposed algorithm has good robustness against common image processing attacks.
The proposed scheme is applied to the dataset and examined in two cases for tamperdetection metrics. The first case is a noiseless environment, where the tampered blocks are equal zero across the dataset, the average time needed for authentication is 0.965 seconds, and for embedding is 2.184 seconds. In the second case, the watermark image is tampered by a set of attacks, where the average time needed for authentication is 2.943 seconds and for embedding is 2.154 seconds.
In order to perform the comparison between proposed work with previous works (( 14), and (17)), the proposed algorithm was applied to a public test image known as Lena image, and performs PSNR, and NC to deduce their value. Table 4, presents the values of resulted PSNR and NC, indicating that the proposed scheme has improvements as compared to previously describes schemes ((14), and (17)).

Conclusions and Future Work
A watermarking algorithm is applied to mobile telemedicine with tamper detection and recovery capabilities. The proposed authentication algorithm uses the Fridrich and Goljan schema with additional capabilities to correct errors in one bit using BCH (7,4,1) and correcting errors in a 3 × 3 block using SSS. Our algorithm recovers the original PMI and proves the ownership of patients (e.g., it will send the diagnostic to the correct patient). The approach uses a combination of embedding methods; F-XoR embedding and SVD. It has been found that, as known, F-XoR restricts the modification of the cover image bits that are used for embedding watermark to half, and also BCH and SSS increases the capability of tamper correction hence it results in increasing the similarity between the host watermark and the reconstructed one. From previous embedding work using SVD, it can be observed that other methods use the original cover, while our method is blind based on SSS. The results demonstrate the immunity of the proposed method to the transmission noise.
Because H264 video coding is typically used to transmit from mobile devices and computers for real-time applications, our outlook is to study the application of the algorithm using H264 video coding and applicability to decrease size of block, which may affect the tampering dedication in future work.