Achieving Lightweight Privacy-Preserving Image Sharing and Illegal Distributor Detection in Social IoT

,e applications of social Internet of ,ings (SIoT) with large numbers of intelligent devices provide a novel way for social behaviors. Intelligent devices share images according to the groups of their specified owners. However, sharing images may cause privacy disclosure when the images are illegally distributed without owners’ permission. To tackle this issue, combining blind watermark with additive secret sharing technique, we propose a lightweight and privacy-preserving image sharing (LPIS) scheme with illegal distributor detection in SIoT. Specifically, the query user’s authentication information is embedded in two shares of the transformed encrypted image by using discrete cosine transform (DCT) and additive secret sharing technique. ,e robustness against attacks, such as JPEG attack and the least significant bit planes (LSBs) replacement attacks, are improved by modifying 1/8 of coefficients of the transformed image. Moreover, we adopt two edge servers to provide image storage and authentication information embedding services for reducing the operational burden of clients. As a result, the identity of the illegal distributor can be confirmed by the watermark extraction of the suspicious image. Finally, we conduct security analysis and ample experiments.,e results show that LPIS is secure and robust to prevent illegal distributors frommodifying images andmanipulating the embedded information before unlawful sharing.


Introduction
e continuous and rapid development of the Internet promotes the interconnections of things. However, the Internet is a double-edged sword. On the one hand, it brings about the rise of emerging fields and the integration of multiple fields, such as social networks [1][2][3][4], Internet of ings (IoT) [5][6][7][8][9], and Industrial IoT [10,11]. On the other hand, it also brings a lot of problems, such as malicious information dissemination [12] and privacy disclosure [13,14]. Known as the new generation of Internet, IoT is becoming more prevalent with the development of 5G [15] and expands the forms of communications among people to people and things [16]. Moreover, IoTallows various types of devices to perform local tasks with the help of the cloud [17]. However, the response speed from the cloud is generally slow to support the demand of IoT devices. In order to improve the response speed to IoT devices, edge computing adopts devices and platforms with computing, storage, and application to provide nearby services for IoT devices [18][19][20]. After assigning social behaviors to the communication processes, IoT devices can communicate with each other for the purpose of social activities [21], which contribute to the development of social Internet of ings (SIoT) [22][23][24]. SIoT is rich in applications and has many data sources and types, such as images, text, and sound, which greatly facilitates people's daily life and work.
As a broadly used carrier of information, images are widely used in SIoT. ey can not only record wonderful moments, such as scenery and ethnic activities, but also hold a lot of personal information which may be sensitive to users' privacy, such as facial information. When an image is captured by a mobile camera, the sensor itself cannot determine whether the image contains private information. To share the information in SIoT, the sensor will share the image according to the group set by its owner. After the image is shared, other users' operations on the image will not be controlled by the image owner, and others may modify or illegally distribute the image. In this case, the owner's privacy will be threatened. Access control is a widely used security mechanism that allows only selected groups of authorized users to access images through the designed protocols [25][26][27][28]. When an authorized user obtains an image, the image can be fully manipulated because the user's behavior is often autonomous, unpredictable, and not controlled by the image owner. erefore, access control is restricted in the case of illegal distribution of images by authorized users. Data hiding techniques are suitable for authentication by embedding hidden data in an image [29]. Embedding data in the least significant bit planes (LSBs) is a common way for hiding. Zhang et al. [30] used stream cipher for the encryption and divided the encrypted image into different blocks. en, each bit of information is embedded in a block by changing half of pixels' LSBs of the block. Based on [30], Xia et al. [29] proposed a privacy-preserving image retrieval scheme with copy detection. However, these methods are pregnable to attacks but maintain a good visual quality, because the embedded data can be erased by modifying the values of LSBs. To improve the robustness against attacks, researchers have turned their eyes on frequency domain embedding [31]. Singh et al. [32] transformed the cover image through the combination of discrete wavelet transformation (DWT), discrete cosine transform (DCT), and singular value decomposition (SVD) and then embedded image watermark and text watermark in the different components of these coefficients. Zear et al. [33] enriched the diversities of watermarks for adapting the medical needs. Although these methods have good performance in high embedding capacity, they do not support embedding in encrypted image, because values in transformed images are always floating point numbers. Moreover, these methods are not as lightweight as we desired for meeting SIoT applications.
Considering the uncontrollability and unpredictability of authorized users' behaviors in SIoT, we propose a lightweight and privacy-preserving image sharing (LPIS) scheme with the capability of illegal distributor detection, aiming at dealing with the potential illegal distribution problem of authorized users. In this paper, illegal distributors may attempt to remove the embedded information for the purpose of illegally sharing images. Direct embedding in the spatial domain is usually vulnerable to LSB attacks [30]. Moreover, JPEG compression technique regards the information embedded in the spatial domain as redundant information and may cause the loss of information upon JPEG attack [34]. We embed the authentication information in the DCT domain by modifying a small number of coefficients of the transformed image for improving the robustness against these two attacks for the reason that the IDCT maps the embedded information to the overall brightness information of the block. Furthermore, the embedding should be operated on the encrypted image to further protect the privacy of the owner. Since the coefficients of the transformed image are floating point numbers, and homomorphic encryption can greatly increase the burden of IoT devices, we adopt the additive secret sharing technique to provide lightweight encryption for preventing image content from being captured by semihonest edge servers. To support additive secret sharing, two edge servers are needed as operating platforms to provide storage and embedding operations. With the help of two edge servers, the image owner can accurately and conveniently identify illegal distributor's identity when there occurs a suspicious image.
e main contributions are summarized as follows: ( e rest of this paper is organized as follows: Section 2 details the problem of illegal distribution, outlines the system model and security model considered in this paper and then highlights the system goals. Section 3 describes the construction of LPIS. Section 4 shows the security analysis and experimental results. e conclusion is given in Section 5.

Problem Description
In this section, we present the system model of the LPIS scheme, followed by the security model and system goals.

System Model.
In this paper, we aim at addressing the issue of illegal distribution in SIoT. When IoT devices communicate for social activities, device owners always protect their privacy by allowing information to be shared only within their designated groups. Members of a group tend to share the same interests, but may not necessarily protect the privacy of the data shared by the sharers. For example, when the sensor camera automatically shares the image which contains owner's private information according to the group specified by the owner, other users in the group (image users) may choose to ignore the owner's privacy and may share the image, which will cause the privacy disclosure of the image's owner. We consider such a situation and limitations and propose the LPIS scheme to quickly confirm the identity of the illegal distributor when there occurs a suspicious image. Moreover, to meet the high response speed for IoT devices, we adopt edge servers to provide computing power and nearby services for IoT devices.
As illustrated in Figure 1, the system model in this paper mainly involves four entities: image owner (IO), image users (IUs), and two edge servers (S 1 and S 2 ). e IO collects images with sensors and outsources images to edge servers for relieving their local storage and for the convenience of image sharing. We denote the original outsourced image as I and transform it into frequency domain by DCT transformation. DCT is adopted to improve the robustness against JPEG attack. JPEG is a widely used compression technique which can remove the redundant information of the image. e information embedded in the spatial domain is always considered as redundant information, so direct embedding in the original image may cause information losses after JPEG compression. Embedding information in DCTdomain may mitigate this effect, because IDCT will map the embedded information to the overall brightness information of the block. To protect the privacy of I DCT , the IO first encrypts I DCT by splitting it into two random shares, I ′ and I ″ , where I DCT � I ′ + I ″ . en, I ′ and I ″ are distributed to S 1 and S 2 , respectively. To obtain the shared image, the IU sends his authentication information AI to the servers, where AI is a binary image of his signature image and the values of AI belong to 0, 1 { }. e servers find the retrieved image and check if IU is on the list of authorized users specified by IO. Once the IU is an authorized user, S 1 and S 2 will generate two different random vectors representing the values of AI. S 1 and S 2 , respectively, embed their random vectors in the corresponding blocks of the image as required (see Section 3.2 for details) and send the embedded image to the IU. e IU just needs to add up two shares and use IDCT; then, the embedded image with authentication information I AI will be obtained. For the entire process, we assume that all communication channels among entities are secure.

Security
Model. Similar to [35], we set edge servers as semihonest entities, which can perform the protocols as defined but may try to learn private information as much as possible when they are interested in the stored data. Both edge servers S 1 and S 2 are out of the trusted domain of IO. Moreover, we assumed that two servers are noncolluding, which means that neither of servers will reveal more information than protocol messages [35]. is assumption is reasonable and practical because S 1 and S 2 may be managed by two different service providers. We also consider the external attackers A * who may eavesdrop on communication channels to obtain encrypted data. In addition, we define the illegal distributors A * * as those who are authorized IUs but illegally distribute shared images for their personal benefits. We have defined illegal distributors A * * separately from external attackers A * , meaning that they will have different behaviors and no conversion between A * * and A * is allowed. Meanwhile, we enhance the attack capability of A * * to show that LPIS have good robustness against A * * , while allowing illegal distributors to collude with either S 1 or S 2 . e specific attack capabilities of the two are shown as follows: (i) A * may reach a compromise with S 1 or S 2 to guess plaintexts of all ciphertexts outsourced by IO or the ciphertexts sent from S 1 or S 2 through an interactive protocol. (ii) A * * may illegally distribute the embedded image for their own benefits after destroying the embedded information. is means that A * * are authorized users but do not obey the rules of image sharing as IO expects. At the same time, A * * may attempt to modify the obtained image to remove the authentication information embedded in the image.
Note that A * and A * * are forbidden to compromise both S 1 and S 2 simultaneously. A * are not allowed to become authorized users in our system either.

System Goals.
e system is expected to achieve the goals of both security and lightweight with high visual performance. In this paper, we assume that edge servers may attempt to learn some private information about IO from the encrypted image while following protocol steps to complete the assigned storage or processing tasks. erefore, the system treats them as semitrusted service providers. e system goals of the scheme are described as follows: (1) Security: security is the primary goal in our scheme.
Our system will suffer threats from two kinds of entities: edge servers and illegal distributors.
(a) Security for edge servers: the edge servers are assumed to be honest-but-curious, so the content of the image should be invisible to edge servers during the image sharing process. When being operated in the encrypted form, the image data will never be leaked to any of the edge servers. (b) Robustness against illegal distributors' attacks: it is difficult to prevent the occurrence of illegal distribution, but we can confirm illegal distributor's identity as soon as a suspicious image is found. erefore, the scheme should be robust against various attacks.
(2) Lightweight and efficiency: computational processes should be executed on the server side, and the costs at both owners and users should be as low as possible. Because the edge servers are always service providers and the clients are service users, the computational operations should be executed by servers to lower the burden of clients. In addition, IoT devices are always resource-constraint and require timely service responses, so the transmission cost should be as low as possible, and the computational time cost on the server side should be kept as low as possible. e encryption method and secure computation techniques we used are lightweight and suitable for IoTscenarios, and edge servers are able to provide high speed responses for IoT devices.
In the image sharing system, the detection of illegal distributors should not affect the performance of image sharing, which means that the embedding of authentication data should not affect the visual quality of the image. is is the basic requirement of the normal use of shared images.

Construction of the LPIS Scheme
In this section, we introduce the implementation of LPIS scheme with illegal distributor detection in SIoT, aiming at achieving the goals as described in Section 2.3. e whole process of LPIS is also shown in Figure 2. 3.1. Image Sharing. Before sending the encrypted image to edge servers, the IO uses DCT transformation to improve the robustness of the scheme, such as hiding the original pixel value of the image and resisting JPEG attack: Step 1. Image transformation: since two edge servers are curious-but-honest entities, IO needs to convert the image from spatial domain to transformed domain by using DCT to protect the original pixel value and the image content. e IO divides I into 8 × 8 blocks of pixels in spatial domain and applies blockwise DCT transformation for all blocks. We denote the transformed image as I DCT . Here, is the transformed coefficient, and M × N is the size of the image. Each DCT raw coefficient matrix's first entry is called Direct Current component and the rest are Alternating Current components. Our scheme is to alter a few AC components to achieve the purpose of embedding authentication information.

Query and Information
Embedding. When IUs from the same social circle request a shared image they need, they should send their identity information to the edge servers.
Here, we use the signature image signed by IU as the identity information and transform it into binary image of size W × H which is denoted as AI. Note that the edge servers will receive the same AI, and only when the AI passes the validation on both of edge servers, will any further action be taken. Otherwise, the request will be rejected.
Step 1. Since the numbers the IO encrypted are decimals, S 1 and S 2 should first convert the encrypted numbers into integers by multiplying the numbers by  Figure 1: System architecture.
10 p , where p is the precision of the number they desire. It is worth noting that the operation of multiplying 10 p is in the encrypted domain, and no privacy will be leaked. e correctness can be demonstrated as follows: For a shared number w � w 1 + w 2 , two servers S i (i � 1, 2) compute w i � ⌊w i × 10 p ⌋, respectively, by using the same p (e.g., the hash value of identity information can be used as p). en, where ⌊ · ⌋ denotes the round-down operation. After w is divided by 10 p , the result is similar to w when ignoring the accuracy of rounded decimals.
Step 2. Both I ′ and I ″ , sized M × N, are divided into blocks of size l × l (usually l � 8 to match the block size of DCT transformation). In order to guarantee that the following steps are well processed, the AI needs to be resized to w × h, which satisfies w ≤ ⌊M/l⌋ and h ≤ ⌊N/l⌋ at the same time. By doing so, each pixel of resized AI corresponds to a block of I ′ and I ″ .
Step 3. S 1 and S 2 , respectively, generate two different pseudorandom vectors, k 1 and k 2 , of length l. e value of k i (i � 1, 2) belongs to [0, 1]. S 1 holds k 1 and S 2 holds k 2 . Each vector represents a value of AI, in which the value belongs to 0, 1 { }. For example, vector k 1 represents the value 0 and k 2 indicates 1. We also introduce the intensity indicator α to control the strength of k i (i � 1, 2) to be added (3). Note that α is fixed before the embedding phase and is a constant value which will not be changed across different images. In particular, different α values have different effects on image quality as shown in Section 4.2.
Step 4. For each side of edge servers, S 1 (S 2 ) only embeds K 1 (K 2 ) in the diagonal elements of the blocks of I ′ (I ″ ) where the corresponding pixel value of AI is 0(1). Note that both K 1 and K 2 are multiplied by 10 p to be consistent with I ′ and I ″ . We denote the embedded shares of I as I AI ′ and I ′ ′ AI .
Step 5. S 1 and S 2 send I AI ′ and I ′ ′ AI to IU after they are divided into 10 p , respectively. e detailed algorithm is given in Algorithm 1. After the embedding phase, we obtain an encrypted DCT image with authentication information in it. Note that the information embedding phase is performed on both of the edge servers, respectively, and each server embeds its own part of AI. When IU receives the two shares of the image, he only needs to add up these two shares and use IDCT to convert the image into spatial domain, and then the embedded image with authentication information will be obtained. ere are two main purposes for this design. First, the robustness of LPIS against attackers is improved. In this scheme, the authentication information is not embedded in a fixed pixel with original AI value, but with two random vectors instead, so IU cannot easily extract the embedded data while knowing the embedding locations. Second, the quality of the image is maintained. After IDCT transformation, the embedded information will be mapped to the overall brightness information of the block. Because the same intensity indicator α is used and only a few Security and Communication Networks coefficients are modified, the brightness information changes in the same extent and the visual quality of the image is maintained.

Illegal Distributor Detection.
When there occurs a suspicious image I S , IO will identify the illegal distributor with the help of S 1 and S 2 . e following are detailed steps: Step 1. IO transforms I S from spatial domain into frequency domain by using DCT transformation and sends it to S 1 and S 2 .
Step 2. S 1 and S 2 share their private random vectors k 1 and k 2 with each other and calculate the correlation coefficient between each block's diagonal elements and two pseudorandom vectors, respectively. Subsequently, they can extract the authentication information AI ′ . As the block has the size l × l, we first extract l diagonal elements from each block, denoted as p → , and then use the following formulation to calculate Pearson correlation between p → and k i , i � 1, 2.

Security Analysis.
In LPIS, we set S 1 and S 2 to be honestbut-curious and noncollusive entities. Based on this assumption, we need to prove that LPIS is secure under the threats defined in Section 2.2. Lemma 1 shows that the additive secret sharing technique is secure.
Lemma 1 (see [35]). If a random element r is uniformly distributed on Z n and independent from any variable x ∈ Z n , then r ± x is also uniformly random and independent from x.
Proof of Lemma 1 is shown in [36]. Because the embedding of authentication information is independent of each edge server, the attacker cannot obtain the embedding information of the other edge server under the assumption that he can only collude with one edge server. To prove that LPIS is secure under outside attacks and the threat of illegal distribution, we use the definition in [37]. (1) for i←1: w do (2) for j←1: h do (3) @ S 1 side:  6 Security and Communication Networks Definition 1 (see [37]). We say that a protocol is secure if there exists a probabilistic polynomial-time simulator S that can generate a view for the adversary A in the real world and the view is computationally indistinguishable from its real view.
As shown in Section 2.2, we defined two kinds of attackers: external attackers A * who can collude with only one of the edge servers; illegal distributors A * * who are authorized users but illegally distribute the obtained image.

Theorem 1. LPIS is secure under threats of external attackers
Proof. Since the embedding is operated by S 1 and S 2 locally without any interactions, they can be perfectly simulated. If A * compromise S 1 or S 2 , they can pass only one edge server's verification and obtain one share of the image and one of the random vectors. In LPIS, only those who can pass the verifications of both of S 1 and S 2 can obtain the shares of the image. Additionally, the one who compromises only one edge server can do nothing with the information he obtained.

□ Theorem 2. LPIS is secure under threats of illegal distributors A * * who are authorized users.
Proof. A * * are special attackers who are authorized users but destroy the privacy of IO for their own benefits. ey will try to destroy the embedded information and distribute the image mainly by two ways. Firstly, they may try various attacks to destroy the embedded authentication information without severely damage the visual quality of embedded image. LPIS is robust to LSB replacement attack, JPEG compression attack, and other attacks which will be shown in Section 4.2.3. Secondly, they may collude with either S 1 or S 2 to eliminate the embedded information and obtain the plaintext of the image. Because of the defined large interval, the pixel values are uniformly split into that interval, so the image content is well protected from statistical analysis. e plaintext of the image is not obtainable by only colluding with one server. In addition, when A * * obtain the share of S i , they will know the secret embedded vector k i and the plaintext of embedded information from S i , while they cannot obtain the other part because it is not allowed to collude with the other server S 1−i . As a result, it is a hard problem to guess k 1−i ′ that is the same as k 1−i to destroy the whole embedded information. erefore, LPIS is secure under A * * . e above proofs show that our system is secure when there exist external attackers and semihonest entities. Especially for illegal distributors, our solution has countermeasures against them. erefore, our scheme is secure. Specifically, when A * * are authorized users yet illegally distributing the image, IO can easily identify them by extracting their authentication information with the help of S 1 and S 2 . e authentication information of IUs is always unique and has one-to-one correlation with authorized users. □ 4.2. System Performance. In this section, we evaluate the performance of LPIS and the performance of resistance against attacks.
To evaluate the visual quality of the embedded image, we use the peak signal to noise ratio (PSNR) and the structural similarity index (SSIM) as the evaluation indicators. Usually, the higher the PSNR value, the better the image quality, the closer the SSIM to 1, and the better the image structure.
For an image I and a compared noisy image K, the definitions of PSNR and SSIM are as follows: where max(I) is the max gray value of I.
where μ I and μ K are the means of I and K, σ I and σ K are the variances, σ IK is the covariance between I and K, c 1 � (k 1 L) 2 , and c 2 � (k 2 L) 2 . L is the dynamic range of pixel values, and k 1 and k 2 are always set to 0.01 and 0.03, respectively. In experiments, we take "Lena," which is of size 512 × 512, as the cover image I (Figure 3(a)) and denote the signature image "Alice," which is resized to 64 × 64, as IU's authentication information (AI) (Figure 3(d)). When outsourcing I into S 1 and S 2 , the IO first transforms it into DCT domain (denoted as I DCT ) and randomly splits it into two shares, where I DCT � I ′ + I ″ . en, IO sends I ′ and I ″ to S 1 and S 2 , respectively (Figures 3(b) and 3(c)).

Impact on Intensity Indicator α.
As addressed earlier, the intensity indicator α will affect the intensity of the embedded vector, which in turn affects the visual quality of the embedded image. Here, we discuss the impact of α, where α � 5, 10,15,20,25,30 { }. e random vectors to be embedded by S 1 and S 2 stay the same. Figure 4 shows the embedded images and the extracted signature images under different α values. Associated with PSNR and SSIM shown in Table 1, with the increase of α, the embedded image's quality is affected more intensively, but the quality of extracted signature images becomes better. e greater the embedded value is, the greater the proportion in this DCT block will be; thus, the more the brightness of this block will then be affected after IDCT. For this reason, we make a trade-off between the quality of the image with embedded information and the quality of the extracted signature image, where α � 25 is used as the embedding intensity in our following experiments. When using α � 25, PSNR is greater than 30, which means that the image quality is not seriously affected (Figure 4(i)), but the quality of the extracted AI is maintained at a high level, and the SSIM value Security and Communication Networks 7 between the original AI and extracted AI reaches 1 (Figure 4(j)).

Computational Time Cost of LPIS.
Since IoT devices are usually resource constrained, we try to make LPIS as lightweight as possible. One manifestation of lightweight is that the computational time cost of all operations should be low. We analyze the time cost of each operation step. As shown in Table 2, the total computational cost of LPIS is less than 0.2 s for an image of size 512 × 512 without considering the communication delay. e DCT transformation and encryption are operated by IO, and the time cost of these two operations is less than 0.1 s. e embedding operation is carried out in the cloud, and the average time cost of embedding 1 bit for each server is 11 μs.
Moreover, we compare LPIS with other algorithms [30,[38][39][40][41][42][43] in terms of the embedding time cost. As the embedding capacities of each algorithm are different, we compare the average computational time cost of embedding 1 bit as criteria. Table 3 shows the comparison results among these algorithms, in which LPIS reaches a low computational time cost compared to current methods. Spatial domain embedding is the most direct way for hiding secret data, such as LSB flipping [30,38] and LSB replacement [40]. Compared to existing spatial embedding methods in encryption domain, LPIS reaches high embedding efficiency. e efficiency of LPIS is similar to [41], but LPIS is more robust against JPEG attack because of the transformed domain embedding. Meanwhile, additive secret sharing technique is more efficient than the homomorphic encryption scheme [42], which meets the goal of lightweight for LPIS. Although [39] also used additive embedding as the embedding operation, it first calculated and retained the mean value of pixels in each set before embedding, which increased the computational embedding cost.

Performance under Attack.
LPIS mainly aims at the scenario where there exist illegal distributors who try to remove the embedded data and distribute the image without IO's permission. erefore, LPIS is robust against various attacks such as LSBs replacement attacks and JPEG attack. In many existing approaches, data is embedded in the LSB or the three LSBs [29,30], which are not appropriate for illegal distributor detection in the cloud environment. Besides, IU can easily erase the embedded information ( Figure 5(a)) while the visual quality of the image is not severely affected. However, setting more LSBs to zero will indeed damage the visual quality (Figures 5(b) and 5(c)). Note that the higher the bit plane is, the higher the proportion of the image brightness will be. After the LSBs of the block are deleted and the block is transformed into frequency domain, the changes of the block will also be transformed into the frequency domain corresponding to the original DCT coefficient, and the influence of each pixel on the DCT coefficients will be weakened. erefore, LPIS has superior robustness against deleting LSBs attacks; even high bit planes are removed and the visual quality is severely affected (Figures 6(a)-6(c) and Figures 7(a)-7(c)).
JPEG is the most common format of images used in networks, which can greatly reduce the image size and maintain the visual quality by removing redundant data of the image. Here, we use MATLAB to implement JPEG compression with its default compress rate ( Figure 6(d)). e extracted authentication information under JPEG attack is shown in Figure 7(d). e SSIM between extracted AI under JPEG attack and original AI is 1, which shows that LPIS can resist JPEG attack.
Furthermore, the image may probably be polluted by the white noise through the communication. e amplitude of white noise roughly follows Gaussian distribution. Here, we set σ � 0.02, 0.1, 0.2, 0.5 of Gaussian distribution to simulate different amplitudes of the white noise. As we can see in Figures 7(e)-7(h), the higher the value of σ is, the more severely the visual quality will be affected and the more severely the extracted AI is polluted. However, with the improvement of the quality of communication channels, a low value of σ is more likely to appear. We can therefore draw a conclusion that LPIS is robust enough to resist white noise attacks.      1

Conclusion
In this paper, we proposed LPIS scheme to solve the problem of detecting illegal distributor in SIoT. In order to adapt to the IoT environment, we adopted the additive secret sharing technique to encrypt the shared image. LPIS can help the image owner identify illegal distributor's identity by the embedded authentication information, and no plaintext information of the image was leaked to any of edge servers. Moreover, the design and implementation of privacy-preserving embedding improved the robustness of detection. e embedded information cannot be removed easily by illegal users through traditional attacks or JPEG compression attack. In conclusion, LPIS can effectively support privacypreserving image sharing in SIoT with illegal distributor detection.

Data Availability
e cover image data used to support the findings of this study are included within the article.

Disclosure
An earlier version of this paper has been presented as a conference paper in SpaCCS: International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage.