Robust and Fragile Medical Image Watermarking: A Joint Venture of Coding and Chaos Theories

A secure spatial domain, hybrid watermarking technique for obtaining watermark (authentication information) robustness and fragility of the host medical image (content integrity) using product codes, chaos theory, and residue number system (RNS) is proposed. The proposed scheme is highly fragile and unrecoverable in terms of the host image, but it is significantly robust and recoverable in terms of the watermark. Altering the medical image may result in misdiagnosis, hence the watermark that may contain patient information and organization logo must be protected against certain attacks. The host medical image is separated into two parts, namely, the region of interest (ROI) and region of noninterest (RONI) using a rectangular region. The RONI part is used to embed the watermark information. Moreover, two watermarks are used: one to achieve authenticity of image and the other to achieve the robustness against both incidental and malicious attacks. Effectiveness in terms of security, robustness, and fragility of the proposed scheme is demonstrated by the simulations and comparison with the other state-of-the-art techniques.


Introduction
Digital watermarking is one of the most promising techniques for authentication, copyright protection, and ownership identification. In digital watermarking, the watermark information could be fragile, semifragile, robust, or hybrid. Fragile watermarks are very sensitive and are used for tamper detection, while the robust watermarks are used to withstand common image processing operations. e watermark having robustness against friendly attacks while fragile against malicious attacks is called semifragile, and the one having mixed properties is called a hybrid watermark [1]. Medical image watermarking is becoming more promising in terms of security, privacy, and authenticity; hence, several schemes have been investigated in this regard. Major purposes of the medical image watermarking are authenticity and integrity control. Here, the authenticity is referred to as the measure through which it is ensured that the image source is valid and the image belongs to the right patient. e integrity control is a capability to validate that image has not been tampered by any means. Since, in some cases, little modifications in the medical image may cause a wrong diagnosis [2,3], the authors in [4] focused on integrity control and authentication of patient electronic record (PER). While in [5], the authors focused on three areas in medical image watermarking that are authentication, data hiding, and their combination. In this paper, a DICOM image was selected for experiments, after being divided into ROI and RONI parts. e major drawback of the technique was fragility of the watermark. Because the PER is an important information, it must not be preserved through the fragile methods that make it vulnerable against many attacks. In [6], the authors proposed an integrity verification and authentication of a medical image (ultrasound) by considering it from DICOM image bank. e ROI was divided by a rectangular region from the RONI area. en, the hash value of the whole image was calculated by means of hash function SHA-256. For the sake of enhancing the security, two secret keys were used: one as the hash key and the other as the embedded watermark key. Eventually, the watermark was embedded in the LBS of the RONI area. e received image was assumed authenticated if it possessed a high degree of correlation. Akin to [6], in [7], the authors also selected the RONI as watermarking area for authentication purpose. However, the reversibility was not ensured, if the RONI was altered. In [8][9][10], the authors proposed a reversible watermarking scheme for medical images. e scheme is secure but exhibits a very low level of imperceptibility. e authors proposed a blind hybrid watermarking technique for medical images in [11]. e first watermark was made robust that consisted of doctor ID, patient information, and LSBs map of ROI which were embedded into the RONI after encryption. e second watermark was used for the sake of fragility (integrity control). It consisted of a binary pattern and was embedded inside the ROI. e results show that the proposed scheme does not provide a good measure of hybridization. In [12], the authors presented a fragile image watermarking technique using SVD characteristics for authentication. Akin to this, in [13], the authors presented a perceptual hash algorithm for multispectral image authentication. In [14], the authors presented a semifragile, blind image authentication using discrete curvelet transform. e scheme was promising in terms of robustness and high normalized correlation. In [15,16], the authors proposed techniques to optimize the three conflicting parameters of image watermarking. However, the techniques are not suitable for medical images in general. In [17], the authors provide a secure transform domain watermarking scheme using error correcting codes. e scheme exhibits good protection against various attacks including checkmark and channel noise. A similar approach has been carried out in [18] where the authors utilized product codes and cubic product codes for watermark protection in spatial domain for medical images. However, there is no detail provided regarding imperceptibility and capacity. In [19], the authors proposed a spread spectrum-based medical image watermarking technique. e scheme provided high level of fragility, but the capacity and imperceptibility of the scheme were not up to the mark. In [20], the authors provided a medical image authentication technique using RNS and chaos theory. However, the scheme exhibits a very poor imperceptibility. Yu et al. [21] presented a comprehensive review of recoverable and nonrecoverable semifragile watermarking techniques on medical images in spatial and transform domain.
It is concluded that there does not exist a perfect semifragile watermarking technique that can distinguish between the friendly (image processing) and malicious attacks. Moreover, it is hard to balance between fragility and robustness [21]. Similarly, there does not exist a technique that results in a robust watermark (authentication) and a perfectly fragile host medical image that does not tolerate on a single pixel tamper (100% content integrity). Because that pixel/s may be important for some diagnostics such as tumor detection. e situation becomes even critical if the watermark information is significant in size compared to the host image and a considerable level of imperceptibility is to be achieved. To overcome these issues, in this paper, a spatial domain, secure, hybrid watermarking technique for making the watermark (patient information/organization logo) robust and the host medical image highly fragile (content integrity) using product codes, chaos theory, and RNS is proposed. e technique is unrecoverable in terms of the host image; however, the watermark is recoverable because of error correcting codes (ECC). e image is divided into the region of interest (ROI) and the region of noninterest (RONI) using the smallest rectangular area.
en, based on a chaotic key, some precalculated pixels in RONI are made zero. en, this RONI is rearranged with residued ROI, and a hash is generated for the whole image which acts as a basis of a fragile watermark. is will give us 128 bits. On the contrary, the watermark is converted to redundant residues and then encoded using error correcting codes to achieve robustness and is concatenated with fragile watermark. Again, based on the same chaotic key, concatenated watermark is embedded in RONI pixels by replacing its 4 LSBs. On the receiver side, based on the chaotic key, both watermarks are extracted. Hence, the chaotic key provides the means of security. e rest of the paper is divided as follows: Section 2 introduces the techniques used. Section 3 contains the proposed technique. Section 4 contains simulation results, while Section 5 concludes the paper.

Chaotic Systems.
Chaotic systems exhibit many characteristics that differentiate them from the other systems. One characteristic is their sensitivity to the initial conditions which if slightly modified, an entirely different pattern is obtained. Hence, a chaotic system can be used as a pseudonoise (PN) generator. It means many nonperiodic and noise-like sequences can be generated. One of the simplest maps is logistic map which has a recursive relation that describes population growth over the time which is given as where r is a bifurcation parameter and 3.57 < r ≤ 4 for the system to be chaotic and x 0 belongs to (0, 1). Once the sequence of real numbers is generated, a binary sequence is produced with approximately equal number of 1's and 0's.

Hash Function.
Hash is a one-way function that can produce a signature called a message digest/hash value after applying on the data. Reverse never happens that given the hash value, it computes the data as depicted in Figure 1. is, one-way property of hash algorithm can be used for authenticity of data. Secure hash algorithm (SHA-256) is also a kind of hashing function which gives 256-bit message digest.

Product Codes.
Product codes are two-dimensional codes where each dimension contains block codes. Due to their unique arrangement, product codes have capability of correcting random errors as well as burst errors since any upcoming error in row-wise can be easily corrected through column-wise and vice versa. Since burst error occurring in rows will become single error for column code and vice versa so, by using these codes, the error correcting capability can be enhanced, as shown in Figure 2. More specifically, the product code can be easily understood in the following manner. In this work, a low complexity decoder of the product codes is utilized [22,23]. Suppose we have two block codes A 1 with attributes (n 1 , k 1 , and d 1 ) and A 2 with attributes (n 2 , k 2 , and d 2 ), where n i , k i , and d i are code word length, message size, and minimum distance of constituent codes, respectively: (1) Place an array of k 1 × k 2 information bits with k 2 columns and k 1 rows as shown in Figure 2 (2) Encode k 2 rows using code A 1 , which will result in an array of k 2 × n 1 (3) Now encode n 1 columns using code A 2 , which will result in n 1 × n 2 product code.

Residue Number System (RNS) and Chinese Remainder eorem (CRT).
A riddle posted in a book by a Chinese scholar called Sun Tzu in the first century was the first documented manifestation of residue number system (RNS) representation as discussed by Grosswald (1996) and Jenkins (1993) [24]. In RNS, any integer X can be represented with a small set of integers called residues (x 1 , x 2 , . . ., x i ), where x i represents the ith residue. e relation can be given as where m i is the ith modulus.
e RNS provides unique representation for all integers in the range between 0 and M. If the integer X is greater than M − 1, the RNS representation repeats itself. erefore, more than one integer might have the same residue representation. e dynamic range of RNS is given as follows: It is important to emphasize that the moduli must be relatively prime to be able to exploit the full dynamic range M. Given a set of pair-wise relatively prime moduli and a residue representation (x 1 , x 2 , . . ., x k ) in that system from which residues have been made. Here, the number X can be calculated using CRT as follows: where M � k i�1 m i and |x i L i |m i � 1, in which L i is the multiplicative inverse of M i with respect to m i .

Proposed Watermarking Scheme
is section presents the proposed digital watermarking scheme for medical images.

Watermarking Embedding.
Watermarking embedding and watermark and original image extraction schemes are given in Figures 3 and 4, respectively. Detailed steps of watermark embedding are as follows: (1) Extract the possible ROI from the original image by bounding the smallest rectangle around the desired area, since only the ROI part of the image is to be converted to residues as explained in step 2.

Cover data
Hash function Hash  (3) Generate a chaotic sequence using (1) and multiply by 6 and take its ceil(.) so that the real chaotic sequence maps into integers as Similarly, pixel 255 has residue (0, 0). We need to differentiate it from pixel 0 which also has residue (0, 0). We send the pixel valued 255 as a pair (15,15), which can again be represented by 8 bits. is unique pair will not occur in this residual scheme with moduli 17 and 1. Now change the above sequence into sum sequence as where Y i � i n�1 X n . After changing into sum sequence, divide each sequence by 2 so that its range corresponds within RONI and then take its ceiling as is sequence which is an outcome of chaotic key will give locations for embedding the concatenated watermark in RONI: (4) Arrange all the pixels of RONI in the vector form using the chaotic sequence obtained in previous step and make the first 4 LSBs of those corresponding to pixel of RONI to zero. (5) Rearrange the RONI pixels obtained in step 4 with residued ROI obtained in step 2. (6) Compute the hash of the image obtained in step 5.
is will give 128 bits one-way hash value which will be used as an authentication watermark for the image.
(10) Again, arrange the pixels of RONI in the vector form as in step 4 and embed the watermark W c based on the chaotic key computed in step 3 by replacing the four LSBs of RONI with every 4 bits of the watermark W c . (11) Rearrange the RONI pixels in their original position to obtain the watermarked image. Now the concatenated watermark W c exists in RONI while the ROI is residued.

Watermark and Original Image Extraction Scheme.
Watermark and original image extraction steps are as follows: (1) Separate the RONI from the ROI in the watermarked image.  (2) Arrange all the pixels of RONI in some arbitrary vector. Now by knowing the chaotic key, watermarked pixels are indicated as is sequence is an outcome of chaotic key which will give locations for extracting the concatenated watermark W c from RONI.
(3) Using the chaotic sequence obtained in step 2, extract the concatenated watermark W c from the first 4 LSBs of RONI pixels in some vector and place 4 bit values as zero at that location as W c � [H, W e ]. (4) Separate the encoded watermark W e from the concatenated watermark W c and decode it to get the actual information. (5) Rearrange these RONI pixels with the residued ROI to form the image. (6) Rearrange these RONI pixels with the residue converted ROI to form an image. (7) Now compute the hash of this whole image and store it as hash_2. Also separate the hash from the concatenated watermark W c and store it as hash_1. (8) Compare hash_1 with hash_2. If the hash is same, then the image is authentic, and hence it goes to next steps, otherwise the image is tampered. (9) In scanning residued ROI, the residue pairs having second residue as 15 go through conversion process as given in the step 2 of embedding. In this way, all of the residue pairs are converted into 9 bits again. en again apply CRT in (3) to get back original pixels of ROI from residues. (10) Combine these ROI pixels with RONI pixels to get the original image.

Simulation Results
To see the effectiveness of the proposed system, the experiment was conducted in MATLAB. e test image is ultrasound image of size 194 × 259 greyscale pixels, and the watermark logo of size 30 × 30 was considered. BCH codes (127, 99, and 4) were used as row-wise as well as column-wise in the formation of product codes, respectively, for the robustness of the watermark. e proposed watermarking scheme effectively embeds both the watermarks into original image and then extracts both the watermarks from the watermarked image. e logistic map 2 given in (1) with initial conditions x(0) � 0.25 and r � 3.58 at embedding side and SHA-128 hash algorithm are used to calculate the hash of image. Figure 5(a) shows the original ultrasound image in which ROI is selected as the smallest rectangular region that bounds the ROI region, and Figure 5

Security Analysis.
In this experiment, security analysis of the proposed scheme is shown firstly by using same initial conditions of the chaotic system at extracting stage and then by using slightly modifying initial conditions at extracting stage. Exact hash and original image is recovered when no attack is applied to the watermarked image. Figure 6 shows the recovered image and hash with initial conditions x(0) � 0.25 and r � 3.58 which are exactly the same as the image shown in Figure 5 and the hash given with Figure 5. Table 2 shows the recovered hash by using same initial conditions and with slightly modified initial conditions x(0) � 0.250001 and r � 3.58. In the latter case, exact hash is not recovered, which means the image is  is shows the effectiveness of the proposed scheme in terms of fragility.

Robustness Analysis.
is section provides analysis of the proposed scheme in terms of robustness. In this way, the watermark will be introduced to various well-known attacks, and effectiveness of the scheme is examined. To check the robustness of the image or how much the image is robust against an attack, a normalized correlation is calculated which is a correlation of original and recovered image, given by the following equation: where W and W ′ represent the original and extracted watermarks of dimension M × N each, respectively.

Robustness against Salt and Pepper Noise.
Robustness of a watermark against salt and pepper noise having variances 0.02, 0.03, 0.05, and 0.2, respectively, are considered in this experiment, and objective measures for these variances are shown in Figure 7 with their extracted watermarks. As we can see that when noise variance was enhanced to 0.2, the watermark is still clearly detectable; this clearly demonstrates the robustness of our proposed scheme. e correlation analysis is given in Table 3. It shows that with variances 0.02, 0.03, and 0.05, there is no effect on image normalized correlation N c while in the case of 0.2, there is 0.0571 amount of degradation in the correlation value and still the image is very much recognizable by the naked eye.

Robustness against Speckle Noise.
Robustness of the watermark against speckle noise having variances 0.02, 0.03, 0.05, and 0.2 is considered in this experiment, and objective measures for these variances are shown in Figure 8. e correlation analysis is given in Table 4. It shows that for all the variances of speckle noise taken (0.02, 0.03, 0.05, and 0.2), there is no effect on image normalized correlation; hence there is no significant degradation in the image. So, the scheme is highly robust against the speckle noise.      Tables 5 and 8, respectively, while the recovered watermark is given in Figure 9.

Robustness against Median
Filtering. Robustness of the watermark against median filtering with window sizes of 3 × 3 and 5 × 5 is considered. Effects of these filters are shown in Figure 10. e correlation analysis is given in Table 6. It shows that with the window size of 3 × 3, the effect on image correlation is 0.0739, while in case of window size 5 × 5, there is 0.0179 amount of degradation in the correlation value and hence the image is very much recognizable.

Robustness against Tampering.
Robustness against tampering is demonstrated, as shown in Figure 11. A total of 9 bits were modified in RONI part of the watermarked image and the watermark is extracted. e watermark is still recognizable as shown in Figure 11(a). When the corrupted bits were of 18 bits, the watermark is still readable as shown in Figure 11(b), which shows the high robustness of the proposed scheme. e correlation analysis is given in Table 7. It shows that with the tampering of 9 bits, the effect on image correlation    Figure 11: Robustness of the watermark against tampering: (a) 9 bits and (b) 18 bits.    Figures 12(a) and 12(b), respectively. e  experiment shows that the watermark is still recognizable after the rotation attack of 2 degrees, as shown in Figure  12(a). Similarly, when the watermarked image is again rotated with 8 degrees, the watermark is still detectable as shown in Figure 12(b) which demonstrates the high robustness of the proposed scheme against rotation. e normalized correlation is 0.9856 and 0.9752 which corresponds to a degradation of 0.0144 and 0.0248, respectively, which is given in Table 8. e values given in Tables 3-8 show that the proposed scheme exhibits a significant level of robustness against the given attacks. is is how we made the watermark, which comprises the patient information, robust. is is accomplished by the product codes used in the proposed scheme, and this scheme exhibits good error correction capability.

Fragility Analysis.
e proposed scheme offers high degree of fragility for medical image and high robustness against several attacks to safeguard the watermark. Table 8 shows the fragility analysis of the proposed scheme for all the aforementioned given attacks. In this regard, the only check is comparison of the recovered hash with the original embedded hash of the image.
is is given by [a16c4d371f512de40-f836428ea2541fe]. From Table 9, it is apparent that the recovered hash after any of the attacks is totally different from the original hash. It shows that the proposed scheme provides a high level of fragility to the medical images.

Imperceptibility Analysis.
To show the efficiency of the proposed scheme in terms of imperceptibility, a different set of experiments are conducted. Same greyscale ultrasound image of size 194 × 259 pixels is taken as host image and the watermark logos "A," "C," "H," and "M" were considered having sizes 30 × 30, 40 × 40, 50 × 50, and 60 × 60, respectively, for different payload analysis. Figure 13 As far as the perceptual quality of the watermarked images is concerned, from the naked eye test, the ROI area does not seem to be much affected, however, the RONI is changed. e peak signal to noise ratio (PSNR) values of the watermarked images (which is the measure of imperceptibility) are given with them. e worst PSNR is against the largest logo "M," which is 30.2 dB, which is acceptable practically [1]. PSNR can be given by the following equation: PSNR � 10 log 10 255 2 MSE , where f and f ′ are original and watermarked images, respectively, of dimensions M × N. Comparison of the proposed scheme with [6] in terms of capacity and imperceptibility is given in Table 10. Capacity is taken as  Figure 14: Comparison of the proposed scheme with [6] in terms of capacity and imperceptibility.
a ratio of watermark size to image size. For the cases where capacity is lower than 10%, the scheme in [6] outperforms the proposed scheme in terms of imperceptibility, for example, a PSNR of 249.6 dB achieved at 7.2% capacity. However, for capacity values higher than 10%, proposed scheme outperforms. For example, the maximum capacity demonstrated in [6] is 14.6% with PSNR achieved as 27.4 dB while in the proposed scheme, 42.4 dB PSNR is achieved with 14% capacity. Moreover, for the capacity 42.9%, the proposed scheme exhibits a PSNR of 30.2 dB while in [6], PSNR value of 31.7 dB is achieved for capacity value 13.6%. Hence, for higher capacities, the proposed scheme performs way better. Figure 14 shows the comparison of the proposed scheme with the scheme given in [6] in terms of capacity and imperceptibility.
e graph is plotted based on Table 10 values. Capacity ratio and PSNR (dB) vales are shown on the x and y axis, respectively. For capacity values greater than 10%, the proposed scheme outperforms the scheme in [6]. Exponential trend lines show that the proposed scheme exhibits a linear drop while the scheme in [6] exhibits an exponential drop in imperceptibility with increasing capacity ratio. At the capacity ratio above 40%, the proposed scheme exhibits a sustainable imperceptibility while the scheme in [6] shatters.

Conclusion
A novel digital watermarking scheme for medical images which offers robustness to the watermark information and fragility to the host medical image based on chaotic key, hash function, product codes, and RNS is proposed. In the proposed watermarking scheme, the watermark is robust against a variety of common attacks while the host image is highly fragile against tampering. Added hash function and chaotic key-based embedding ensure the security measures. Embedding locations, duly generated with the help of chaotic system, are highly sensitive to initial conditions. ese initial conditions are known at the receiver side that makes possible a blind recovery. e proposed scheme is robust against a variety of attacks because of the error correcting codes utilized. A wide spectrum of simulation results shows the effectiveness of the proposed scheme in terms of robustness, fragility, security, capacity, and imperceptibility. In future, the proposed scheme may be extended for colored (3D) medical images, and to withstand more attacks, host image robustness will make the scheme even interesting.