None of My Pixel is Your Business: Active Watermarking Cancellation Against Video Streaming Service

Presented at Black Hat USA 2018, Aug. 9, 2018, 12:10 p.m. (50 minutes).

Live video streaming services are getting more and more popular in China. In order to ensure their own interests, various service providers have added visible watermarks, which have become increasingly fierce and vicious. Users (originators and viewers) are fed up with those ugly watermarks which are taking up more and more of the screen.

We have found that some of the service providers' watermarks can be actively eliminated, that is, originators can place a reverse watermark in their own video stream beforehand to cancel the service provider's watermark. Although the idea is intuitive, there are some problems in implementation, such as size, position, and shadow. After we theoretically provided an estimation of the achievable limits with computer graphics theory, we did a PoC against one of the largest video streaming service providers in China, which is also listed on the NYSE. The results were very good. After solving some problems related to the parameters related to color management and color space conversion, we can achieve nearly 100% active cancellation of watermarks.

To automate this process, we also build a ffmpeg filter as well as an OBS plugin, which can be helpful to do real-time adjusting with very short training sequence of frames during live broadcasting, so as to achieve a better watermark cancellation effect.

In addition, we propose several existential risks for watermarks that cannot be actively canceled: a) Transform Attack: to transform one watermark into another provider's. b) Code Rate Jitter Attack: adding high-frequency components to force video codec to reduce the code rate near watermark. c) Frame Squeezing Attack: sacrificing some resolution by squeezing screen, then restoring with user-defined javascript to bypass watermark. Corresponding examples and security countermeasures are also provided.


Presenters:

  • Yi-Qun Hui - Master Candidiate, Tsinghua University
    Yi-Qun Hui is a master candidate at the Digital Content Security and Security Forensics Laboratory at Tsinghua University, one of the maintainers of Tsinghua University Open Software Mirrors, and the maintainer of IPTV frontend of Tsinghua University, which has been used by several other universities in China. With several months of internship experience in Kwai Tech, he expects to further explore the field of content security.
  • Wang Kang - Security Expert, Alibaba Group
    <div>Wang Kang is a Security Expert of Alibaba Group, focusing on security&nbsp;issues of IoT, cyber-physical system, V2X, and trusted computing.&nbsp;He was a speaker at Black Hat Europe 2015 and Black Hat USA 2017. He&nbsp;is a contributor of Linux Kernel, (TDD-LTE USB Dongle support)&nbsp;as well as a founder of the Tsinghua University Network Administrators.</div>

Links:

Similar Presentations: