# Audio Watermarking

### Security

The watermark and the marking procedure should also possess certain security properties. The space of distinguishable watermarks should be large enough, which is surely the case, because the number of different watermarks for M=256 results in approximately 4.7x10152 watermarks. The probability of false detection of a watermark can be determined by performing the following steps:

1. Determine the number of bits B out of the M bits of the embedded watermark, which gives a false detection.

2. Calculate the probability that i=B...M bits match with the embedded bitpattern from Figure 4.

#### Figure 4: Security.

The threshold T, indicating detection of the watermark, was chosen to be half the size of the maximum value z for the embedded watermark. The thresholds are plotted as horizontal lines; see Figure 5.

#### Figure 5: Security evaluation about the faked watermarks.

I used different audio tracks and marked all the tracks with the same watermark and an embedding factor of k=0.15. Afterwards, I constructed 30 different bit patterns with a certain percentage identical to the original pattern, then measured the values for the random variables. For both cases, I received a critical similarity of about 67 percent with the original watermark. According to the equation in Figure 4, the probability of detecting a watermark that isn't embedded is 10-35 for Statistic I.

### Robustness

To test the robustness of our watermarking algorithm, I randomly choose 400 different combinations of watermarks and keys, and embedded this bit pattern 10 times into one audio track. All files were 16-bits signed stereo sampled at 44.1 KHz (CD quality).

• Test conditions. All audio signals were watermarked with a embedding factor of k=0.10, then subsequently manipulated; see Figure 6.

#### Figure 6: Test scenario to measure detection values z manipulating the audio file.

To measure the robustness the total error probability, Perror=PI+PII due to the overlap of the PDFs in the unmarked and marked case were calculated from equations in Figures 1(a) and 1(b).

• MPEG1 Layer III audio compression. I tested the robustness against MPEG 1 audio Layer III compression by using a compression rate of 128 Kbps for the watermarked signal.

• Filtering. To test the robustness against filtering, I applied a bandpass filter to the watermarked signal by amplifying the signal by –9 dB in the low- and high-frequency domain. The cut-off frequencies have been 441 Hz for the low-pass filter, and 4410 Hz for the high-pass one.

• Resampling. I sampled the original audio signals with a sampling rate of 44.1 KHz. The sampling rate of the watermarked audio data was reduced to 22.05 KHz and resampled to the original rate of 44.1 KHz. This causes audible distortions, especially in audio tracks carrying high frequencies.

• Requantization. I also sampled audio tracks at 8 bits, since these are often used in games and multimedia applications. More specifically, I tested the process of requantization of a 16-bit watermarked audio signal to 8 bits and back to 16 bits. This increases the incoherent background noise of the audio track due to the rounding errors during the processing.

• Robustness against cropping. The embedding of a watermark bit in every timeslice of about 116 milliseconds enables the detection of the watermark, even in the case of cropping or cutting, provided I have a contiguous part of at least 232 milliseconds from the watermarked audio stream.

Table 1 shows the test results for the different manipulations. The error probabilities of the several manipulation of the watermarked signal can be easily reduced by using more frequency coefficients. This is equivalent to the embedding of the watermark in a longer timeslice.

### Possible Algorithm Enhancements

The watermarking algorithm presented here leaves room for further research in a variety of ways. Other test statistics and embedding functions can be investigated. The embedding of multiple noninterfering watermarks into the same audio track is demanded by certain applications. Perhaps one of the greatest challenges is the robustness against the so-called "jitter" attack (see "Attacks on Copyright Marking Systems," by F.A.P. Petitcolas, R.J. Anderson, and M.G. Kuhn, Lecture Notes in Computer Science, Vol. 1525, Springer-Verlag, 1998).

### Acknowledgment

This work was partially funded by WEDELMUSIC (http://www.dsi.unifi.it/wedelmusic/), a Research and Development project in the IST program of the European Commission.

Michael is a member of the Department for Security Technology for Graphics and Communication Systems Fraunhofer-Institute for Computer Graphics. He can be contacted at [email protected].

### More Insights

 To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.