Medical image authentication using SLT and IWT schemes

Abstract

Over the years, different watermarking techniques have been used for medical image authentication purposes. Some techniques have been presented to detect tampering in the medical image while others can also recover the tampered region after the tamper detection. Many of the previous medical image authentication schemes have successfully achieved their aims; however, the robustness of the authentication scheme against unintentional attacks has not been highlighted sufficiently. This paper presents a new medical image authentication scheme in which the medical image is divided into two regions (i.e., region of interest (ROI) and region of non-interest (RONI)). Then two watermarking methods based on Slantlet transform (SLT) are used to embed data in the ROI and the RONI. The proposed scheme can be used for tamper detection, localization, and recovery in addition to the data hiding. To generate the recovery information of the ROI, a new method has been proposed based on the integer wavelet transform (IWT) coefficients. The experiments that have been conducted to evaluate the proposed authentication scheme proved that it is efficient not only in achieving its main tasks that have been mentioned above but also in having robustness against unintentional attacks (i.e., JPEG compression, additive Gaussian noise (AGN), and salt-and-pepper noise) and that makes it more suitable for the practical applications.

1 Introduction

Digital medical images represent an important kind of media that needs protection against manipulation especially when these images are exchanged through unsecured channels like internet. Different image watermarking schemes have been used to protect medical images where some watermarking schemes have been used for authentication while other schemes have been used for data hiding [1]. The medical image watermarking schemes can be classified according to their objectives into four major classes that are: (a) schemes for security and privacy control [16, 18], (b) schemes for intactness of the region of interest (ROI) [12–14, 24, 25], (c) schemes for data hiding and tamper detection [7–9, 22], and (d) schemes for tamper detection, localization, and recovery [2, 3, 6, 10, 17, 23, 26, 27].

Some medical image watermarking schemes have been presented to hide the electronic patient’s record (EPR) in the medical image in order to avoid the detachment of the medical information from the corresponding image and to provide security and privacy while sharing the medical information [16, 18]. In other medical image watermarking schemes, the image is divided into two parts, one of them is the important part for the diagnosis process, which is called the region of interest (ROI) and the second part called the region of non-interest (RONI). It is important that the watermarking process should not affect the ROI because if this region is distorted it may cause wrong diagnosis [12–14, 24, 25]. To ensure the intactness of the ROI, some authentication schemes embed the data in the RONI and keep the ROI intact [12–14], while other schemes [24, 25] have been proposed for the authentication of the ROI in the medical image. In [24, 25], the image has been divided into two regions (i.e., ROI and RONI) then the SHA-256 hash code for the ROI is calculated and embedded in the Least Significant Bits (LSBs) of the RONI. At the receiver side, the original hash value is extracted from the LSBs of the RONI and then these LSBs are set to zero. The authentication process is conducted by calculating the hash value of the received ROI and comparing it with the original hash value that has been extracted from the RONI. If they are the same, the image is authentic and the ROI is intact. The watermarking schemes in [24, 25] are reversible if the original pixel value has zero in its LSB otherwise the pixel value is irreversible.

Some medical image watermarking schemes have been presented to hide medical information and detect tampering in the medical image. In [22], multiple watermarks have been embedded in the medical image. The patient’s information has been embedded in the border of the image using robust watermarking and a fragile watermark has been embedded in the LSBs of the image to detect tampering. In [7, 8], the schemes have been proposed for the heath information management that are based on discrete wavelet transform (DWT) and a quantization method to embed the information. The scheme is irreversible and part of the embedded data has robustness against JPEG compression. In [9], a modified difference expansion method has been proposed, which is an improved version of the original difference expansion (DE) method from [21]. In [9], a region of embedding (ROE) has been chosen to prevent generating any distortion in the ROI. The embedded watermark in this scheme includes the patient’s data and the hash value for tamper detection.

Some medical image watermarking schemes have been proposed for detecting tampering in the image, localizing the tampered region, and recovering the tampered region. In [26], the medical image has been divided into blocks of 8 × 8 pixels then each block is divided into four sub-blocks of 4 × 4 pixels. For each sub-block the watermark bits have been generated including 2 bits for authentication and 7 bits for recovery. The average of the pixel values in each sub-block has been calculated as recovery information. The generated watermark has been embedded in another block in the image using LSBs. The scheme is irreversible and the embedded watermark is fragile. Thereafter, the authors improved the previous authentication scheme by presenting ROI-based scheme [27] where the authentication process has been conducted for the ROI. The 2 bits for authentication have been embedded in the ROI and the recovery bits have been embedded in the RONI. The scheme is also irreversible and the embedded watermark is fragile but less information has been embedded in the ROI, which gives better visual quality of the watermarked ROI. In addition, the recovery information has been generated from the average of each 2 × 2 pixels instead of 4 × 4 pixels, which makes the recovered ROI after tampering has better visual quality. In [23], two authentication schemes based on modulo 256 and discrete cosine transform (DCT) have been presented. The first scheme is for authentication and recovery for whole image blocks. The authentication information is generated from the hash value of the image and the recovery information is generated from the JPEG compression of the block. This scheme performs well in detecting the tampered block but because of the limited capacity, high compression rate has been used to reduce the recovery information, which leads to unacceptable recovered blocks as pointed out by the authors themselves [23]. The second scheme in [23] has been suggested to solve the previous problem where the image has been divided into ROI and RONI then the authentication and recovery information has been generated from the ROI only. Therefore, less compression rate can be used to obtain the recovery information and thus the recovered blocks of the ROI have better visual quality. The scheme is not completely reversible because of the preprocessing that has been used to avoid the pixel flipping. In [6], two reversible schemes based on difference expansion technique (DE) have been proposed for the tamper detection and recovery. In these schemes, the image is divided into 4 × 4 blocks and each block is transformed using DE technique. Only smooth blocks (i.e., the blocks with equal pixel values) have been used for the embedding process. In the first scheme, the average of the pixel values in each block has been calculated as recovery information. The second scheme is ROI-based where the pixel values of the ROI have been used as the recovery information. The disadvantage of this scheme is the limitation of the capacity because of using only the smooth blocks. In [2, 3], hybrid watermarking schemes have been proposed to hide patient’s data, authenticate ROI, localize tampering in the ROI, and recover the tampered region. In these schemes, the recovery information has been generated from the JPEG2000 compression of the ROI. The patient’s data have been embedded in the ROI and the tamper localization and recovery information have been embedded in the RONI. In both schemes, the data have been embedded in the ROI using the modified difference expansion method that has been presented in [9]. In [2], the original difference expansion method from [21] has been used to embed the data in the RONI. In [3], the data has been embedded in the RONI using three-level DWT technique from [11]. The experiments of this technique show that the scheme has robustness against certain level of salt and pepper noise. In [10], another watermarking scheme has been presented for data hiding, tamper localization, and recovery. This scheme used the same procedures that have been proposed in [26] but to make the watermarking process reversible in the ROI, the original LSBs of the ROI have been extracted and embedded in the RONI. The recovery information has been generated from the average of each 4 × 4 block, which leads to recover the tampered blocks of the ROI with low visual quality. The scheme is fragile because of embedding data in the LSBs. In [17], a new fragile medical image watermarking scheme based on a chaotic key and residue number system has been presented. In this scheme, the image is divided into ROI and RONI. The residues of the ROI are calculated using the residue number system in order to be used instead of the original pixel values of the ROI in the watermarked image. The chaotic key has been used as a secret key to choose the locations of embedding the hash value in the RONI. The LSBs of the pixel values in the chosen locations are set to zero and the residues of the ROI are used instead of the original values then the hash value of the image is calculated and embedded in the LSBs of the chosen pixels of the RONI. The hash value has been used to detect tampering at the receiver side, if image is authentic the scheme continue the steps of recovering the original ROI using residue number system and Chinese remainder transform. Thus, the scheme is reversible for the ROI and irreversible for the RONI.

Obviously, there are three aspects that needs to be taken into consideration while implementing a new medical image authentication scheme, which are (a) the tasks that can be performed by the scheme (i.e., data hiding, tamper detection, tamper localization, and tamper recovery), (b) the visual quality of the recovered image after tampering, and (c) the ability of the authentication scheme to withstand the unintentional attacks (i.e., lossy compression and noise). Taking into consideration of these aspects, this paper presents a new ROI-based medical image authentication scheme. First, the medical image is divided into two regions (i.e., ROI and RONI). Then, the information for tamper detection, localization, and recovery are generated from the ROI and embedded in the RONI using robust watermarking scheme based on Slantlet transform. The patient’s data are embedded in the ROI using robust reversible watermarking scheme based on Slantlet transform. The recovery information of the ROI has been generated using a new method based on integer wavelet transform coefficients.

The proposed scheme can be used for tamper detection, localization, and recovery, in addition to the data hiding. The ROI has been recovered with good visual quality and the scheme has the ability to withstand the unintentional attacks (i.e., JPEG compression, additive Gaussian noise (AGN), and salt-and-pepper noise). The rest of the paper is organized as follows. Section 2 introduces the proposed medical image authentication scheme. Section 3 presents the results of the experiments that have been conducted to evaluate the proposed scheme. In Section 4, the conclusions of the work are presented.

2 The proposed medical image authentication scheme

The ROI is the important part for the diagnosis process in the medical image hence some medical image authentication schemes used reversible watermarking for the ROI to ensure its intactness. The proposed authentication scheme in this paper also depends on this idea. Based on the new researches in the reversible watermarking field, the robust reversible watermarking (RRW) schemes have been suggested as better candidates for the practical applications because they can withstand attacks [4, 5, 19, 20]; therefore, we used RRW for embedding data in the ROI, which is based on our previous work in [20]. The data for tamper detection, localization, and recovery have been embedded in the RONI using a modified version of our previous robust irreversible watermarking scheme that has been implemented in [15]. As explained in section 1, most of the previous tamper detection, localization, and recovery methods reduced the recovery information because of the capacity limitation. In the proposed scheme, a new method based on the integer wavelet transform (IWT) has been suggested to generate the recovery information of the ROI. The proposed algorithm for generating the recovery information is explained in details in the following subsection. Then, the proposed watermarking method for embedding data in the RONI is explained. Thereafter, the procedures of the RRW scheme for the ROI are briefly mentioned (the reader can refer to [20] for more details). Lastly, the complete procedures of the proposed authentication scheme are clarified.

2.1 The proposed algorithm for generating the recovery information

The previous authentication schemes proposed some methods to reduce the recovery information. Some of these methods depend on the average of the pixel values in a specific block size. For instance, the schemes in [6, 10, 26] used the average of each 4 × 4 pixels as the recovery information while in [27] the average of each 2 × 2 pixels has been used as the recovery information. Other schemes used a compressed form of the ROI using JPEG2000 compression such as the methods in [2, 3]. The schemes that are based on the average of the pixel values reduce the quality of the ROI and in some cases, it may be considered as unacceptable. The schemes that are based on the compression of the ROI have better visual quality but the use of the JPEG2000 compression limits the robustness of the scheme because any change in the compressed sequence will cause error in the decoding software of the JPEG2000 compression. In the proposed authentication scheme, a new method has been suggested to generate the recovery information of the ROI, which reduces the recovery information, provides good visual quality of the recovered ROI, and gives a chance to implement a robust authentication scheme. The proposed method depends on the integer wavelet transform. The procedures of generating the recovery information (i.e., the features) and recovering the image from the extracted features are explained as follows.

2.1.1 Extracting the features

Consider a grayscale image I _m of size (512 × 512 × 8 bit), the features are extracted using the following steps:

1. 1)

   Calculate the integer wavelet transform (IWT) of the image I _m . The resulting Approximation (CA), Horizontal (CH), Vertical (CV), and Diagonal (CD) coefficient matrices are in integer form.

2. 2)

   Select the approximation coefficients (CA) to generate the features. Some of the coefficients have negative values and some others have values more than 255. Aiming to obtain a feature that can be presented using 8-bits, an adjustment process has been applied to make the coefficients values in the range [0 to 255] as follows:

$$ C{A}_{new}\left(i,j\right)=\left\{\begin{array}{ll}0\hfill & if\;CA\left(i,j\right)<0\hfill \\ {}255\hfill & if\;CA\left(i,j\right)>255\hfill \\ {}CA\left(i,j\right)\hfill & if\;0\le CA\left(i,j\right)\le 255\hfill \end{array}.\right. $$

Where CA is the original approximation coefficients, CA _new is the new approximation coefficients after the adjustment process, and (i, j) are the coordinates of the coefficient.

1. 3)

   Reshape the matrix of CA _new coefficients to be a single row RowCA _new .

2. 4)

   Convert the sequence of the coefficients in RowCA _new to binary by converting each coefficient to 8-bit binary number then save the binary bits in F.

2.1.2 Recovering the image from the extracted features

The steps of recovering the image from its features are as follows:

1. 1)

   Convert F from binary to decimal and reshape the row of coefficients to obtain CA _new matrix.

2. 2)

   Consider the Horizontal (CH), Vertical (CV), and Diagonal (CD) coefficients matrices are zeros.

3. 3)

   Apply inverse integer wavelet transform to obtain the recovered image RI _m .

Experiments have been conducted to choose the wavelet family that can give the best visual quality of the recovered image. Different wavelet families (i.e., 35 wavelet families) have been tested for different medical images. The visual quality has been evaluated by calculating the peak-signal-to-noise ratio (PSNR) between the original medical image and the recovered image from the extracted features. Some of the experimental results that have been obtained are shown in Table 1. From the results it has been found that the proposed method gives the best visual quality of the recovered image using wavelet family Cohen-Daubechies-Feauveau wavelet 3.5 ‘cdf 3.5′. Therefore, the chosen wavelet family for the proposed method will be wavelet cdf 3.5.

Table 1 The visual quality (PSNR (dB)) of the recovered image from the extracted features for different wavelet families

Another experiment has been conducted to compare the visual quality of the recovered image using the proposed method with the recovered image using the previous methods that have been suggested in [2, 3, 6, 10, 26, 27]. The comparison has been conducted for the recovered image from the average of the pixel values for each 2 × 2 block, the average of the pixel values for each 4 × 4 block, the JPEG2000 compression, and the proposed feature extraction method using IWT (wavelet family ‘cdf 3.5′). Table 2 shows the results of this experiment, which illustrates that the recovered image using the proposed method has better visual quality in comparison with the previous methods. Figure 1 shows an example of the recovered images obtained by the compared methods, where the regions of interest are zoomed to show the difference clearly.

Table 2 Comparison of the visual quality of the recovered image for different methods

Fig. 1

Image1 results for the comparison methods. (a) Original image, recovered images using: (b) Average (4 × 4), (c) Average (2 × 2), (d) JPEG2000, and (e) IWT ‘cdf 3.5′. The PSNR values of the recovered images are in Table 2

2.2 The proposed algorithm to hide data in the RONI

To provide high data hiding capacity to embed the information in the RONI, this section presents an improved version of the scheme in [15]. The algorithm here depends on using the Slantlet transform matrix [20] instead of the conventional Slantlet transform.

2.2.1 Embedding in the RONI

The procedures of the proposed algorithm to embed binary data in a block of size (16 × 16) pixels are as follows:

1. 1)

   Transform the image block using SLT matrix as follows:

$$ TB=\left[SL{T}_{16}\right]\left[B\right]\left[SL{T}_{16}^T\right]. $$

Where B is the original block, TB is the transformed block, and SLT ₁₆ is the Slantlet transform matrix of size 16 × 16.

1. 2)

   Divide the coefficients in TB into 4 subbands (LL, HL, LH, and HH).

2. 3)

   Embed binary data ‘b’ by modifying the HL and LH subbands. The watermark bit b(i) is embedded by manually changing the value of the difference between HL(x,y) and LH(x,y). The rules of the SLT coefficients modification are as follows:

$$ If\ b(i)=1\ and\ {D}_1=HL\left(x,y\right)-LH\left(x,y\right)<T, $$

(T is a threshold to control watermark invisibility), then increase HL(x,y) while decrease LH(x,y) by inserting the watermark.

$$ \left\{\begin{array}{c}\hfill H{L}^{\prime}\left(x,y\right)=HL\left(x,y\right) + \frac{\left(T-D1\right)}{2}\hfill \\ {}\hfill L{H}^{\prime}\left(x,y\right)=LH\left(x,y\right) - \frac{\left(T-D1\right)}{2}\hfill \end{array}\right. $$

Else if D ₁   = HL(x,y)-LH(x,y)≥T, do nothing

If b(i) = 0 and D ₂ = LH(x, y) − HL(x, y) < T, similar operation is done:

$$ \left\{\begin{array}{c}\hfill H{L}^{\prime}\left(x,y\right)=HL\left(x,y\right) - \frac{\left(T-D2\right)}{2}\hfill \\ {}\hfill L{H}^{\prime}\left(x,y\right)=LH\left(x,y\right) + \frac{\left(T-D2\right)}{2}\hfill \end{array}\right. $$

Else if D ₂ = LH(x, y) − HL(x, y) ≥ T, do nothing.

This process is repeated to embed a binary sequence of length 64 bits. Thus, each spatial domain block of size 16 × 16 pixels can carry 64 bits.

1. 4)

   Replace the original horizontal and vertical high frequency coefficients with the modified coefficients.

2. 5)

   Apply inverse SLT to obtain the watermarked image using:

B _new  = [SLT ^T₁₆ ] [TB _new ] [SLT ₁₆].

Where B _new is the watermarked spatial domain block, TB _new is the watermarked transform domain block, and SLT is the Slantlet transform matrix. The resultant values in the block B _new are rounded to integer values.

2.2.2 Extraction from the RONI

The procedures of extracting the binary data from a block of size (16 × 16) pixels are as follows:

1. 1)

   Transform the image block using SLT matrix of size 16 × 16.

2. 2)

   Divide the coefficients into 4 subbands (LL, HL, LH, and HH).

3. 3)

   Extract the watermark from the selected coefficients as follows:

The selected horizontal and vertical coefficients are HL′(x, y) and LH′(x, y), respectively, the watermark bit b′(i) can be extracted by:

$$ {b}^{\prime }(i)=\left\{\begin{array}{c}\hfill 1,\ if\ H{L}^{\prime}\left(x,y\right)\ge\ L{H}^{\prime}\left(x,y\right)\hfill \\ {}\hfill 0,\ if\ L{H}^{\prime}\left(x,y\right)>H{L}^{\prime}\left(x,y\right)\hfill \end{array}\right. $$

2.3 The robust reversible watermarking for the ROI [20]

The procedures of the watermark embedding and extraction processes are as follows:

2.3.1 Embedding procedures

1. 1)

   Divide the image into non-overlapping blocks.

2. 2)

   Transform each block using SLT matrix and divide the resultant coefficients into four subbands (HH, HL, LH, and LL).

3. 3)

   Calculate the mean value of the SLT coefficients in HL subband (m^HL) and LH subband (m^LH).

4. 4)

   Define a threshold value (T) to control the visual quality and the robustness, then calculate the modification factors as follows:

$$ M{F}_1=\frac{T-\left({m}^{HL}-{m}^{LH}\right)}{2},\;M{F}_2=\frac{T-\left({m}^{LH}-{m}^{HL}\right)}{2} $$

1. 5)

   Embed one watermark bit (w) in the each block using the following rules :

   1. A)

      If w = 1 and (m ^HL − m ^LH) ≥ Τ, then the block remains without change.

   2. B)

      If w = 1 and (m ^HL − m ^LH) < Τ, then MF ₁ is added to m ^HL and subtracted from m ^LH (i.e., m ^HL _new  = m ^HL + MF and m ^LH _new  = m ^LH − MF ₁).

   3. C)

      If w = 0 and (m ^LH − m ^HL) ≥ Τ, then the block remains without change.

   4. D)

      If w = 0 and (m ^LH − m ^HL) < Τ, then MF ₂ is subtracted from m ^HL and added to m ^LH (i.e., m ^HL _new  = m ^HL − MF ₂ and m ^LH _new  = m ^LH + MF ₂).

Because of the reversibility requirements, the difference between the mean values is saved as side information when the mean values are changed to embed the watermark bit.

1. 6)

   Replace the original subbands by the modified subbands and apply the inverse SLT.

2. 7)

   Apply pixel adjustment process to avoid the overflow/ underflow as follows:

$$ {I}_w^{\prime}\left(i,j\right)=\left\{\begin{array}{cc}\hfill 255,\hfill & \hfill if\kern0.24em {I}_w\left(i,j\right)>255\;\hfill \\ {}\hfill 0,\hfill & \hfill if\;{I}_w\left(i,j\right)\kern0.36em <\kern0.36em 0\;\hfill \end{array}\right. $$

Where I _w is the watermarked image before pixel adjustment, (i,j) are the coordinates of the value in the image, and I ^′ _w (i, j) is the modified pixel value.

2.3.2 Extraction procedures

1. 1)

   Read the watermarked image and its corresponding side information.

2. 2)

   Return the pixel values that have been adjusted to their locations.

3. 3)

   Divide the image into non-overlapping blocks.

4. 4)

   Transform each block using SLT matrix and divide the resultant SLT coefficients into 4 subbands.

5. 5)

   Calculate the mean values of HL and LH subbands.

6. 6)

   Extract the embedded bit using:

$$ {w}^{*}=\left\{\begin{array}{cc}\hfill 1,\hfill & \hfill if\;{m}^{HL*}\ge {m}^{LH*}\hfill \\ {}\hfill 0,\hfill & \hfill if\;{m}^{HL*}<{m}^{LH*}\hfill \end{array}\right.\kern0.5em . $$

Where w* is the extracted bit, m ^HL * is the mean value of the SLT coefficients in HL subband and m ^LH * is the mean value of the SLT coefficients in LH subband.

1. 7)

   Recover the original image by applying the inverse of the process that has been applied in the embedding side.

2.4 The procedures of the proposed authentication scheme

The following subsections describe the embedding and extraction procedures of the proposed medical image authentication scheme.

2.4.1 Embedding procedures

• Step 1: The ROI in the medical image is selected by a polygon as shown in Fig. 2. Then the image is divided into non-overlapping blocks each of size 16 × 16 pixels. The blocks belong to the ROI are extracted and saved in ‘SaveROI’ and the blocks belong to the RONI are extracted and saved in ‘SaveRONI’. The locations of the ROI blocks are saved as a secret key (k1) that will be used at the receiver side to mark the ROI blocks.

  Fig. 2

  

  Dividing medical image into ROI and RONI according to the selected ROI. The blocks that are surrounded by the cyan border are selected as the ROI blocks

• Step 2: To generate the tamper detection and localization information, the average of the pixel values for each block in SaveROI is calculated and saved in ‘AvROI’. Then AvROI is converted to binary sequence ‘binAv’ by converting each average value to 8 bits binary number.

• Step 3: The ROI is represented by a group of adjacent blocks to form an image ‘ImROI’. Then the proposed algorithm (section 2.1.1) for generating the recovery information using IWT ‘cdf 3.5’ is applied to obtain the features of the image ImROI and the binary sequence of these features is saved as ‘binROI’.

• Step 4: The binary sequences binAv and binROI are concatenated with each other and the resultant bit stream is coded using the error correction coding BCH (15,11,1) to increase the robustness. The coded binary sequence is saved as ‘binSeq’.

• Step 5: The text file of the patient’s information is converted to binary and saved as ‘binText’.

• Step 6: A process of checking the available capacity in the ROI and the RONI is necessary before proceeding to the next steps. According to the algorithm that have been suggested to embed data in the RONI, each block can carry 64 bits, thus

$$ Capacity\; of\; RONI={C}_{RONI}= No.\; of\; blocks\;i{n}^{\prime } SaveRON{I}^{\prime}\times 64\; bits\kern0.62em . $$

The capacity of ImROI of size (M × N) using the RRW from [20] is calculated at transform domain block size (2 × 2) (to obtain the highest embedding capacity) as follows:

$$ Capacity\; of\;ROI={C}_{ROI}=\frac{1}{16}\times \left(M\times N\right)\kern0.62em . $$

Now the checking process is as follows:

• If C _RONI  < length (binSeq)

• Then dismiss the embedding procedures and show a message box asking the user to select smaller ROI.

• If C _ROI  < length (binText)

• Then dismiss the embedding procedures and show a message box asking the user to select larger ROI.

• If the capacity in both regions is enough to embed the data then continue the embedding procedures.

• Step 7: Start embedding in RONI.

The robust irreversible watermarking algorithm that has been explained in (section 2.2.1) is applied to embed the binary sequence (binSeq) in the RONI blocks that have been saved in (SaveRONI). Some of blocks required pixel adjustment before embedding data in order to ensure the correct recovery of the embedded data. The pixel values in the block are checked and modified using

$$ pixe{l}_m\left(i,j\right)=\left\{\begin{array}{l}3\kern4em if\; pixel\left(i,j\right)\kern0.36em \le 2\\ {}252\kern3em if\kern0.24em pixel\left(i,j\right)\kern0.36em \ge 253\\ {} pixel\left(i,j\right)\kern0.72em else\;\end{array}\right.\kern0.5em . $$

Where pixel _m (i, j) is the modified pixel value. The resultant watermarked blocks are saved in ‘WRONI’.

• Step 8: Start embedding in ROI.

The RRW from [20] (section 2.3.1) is applied to embed the binary sequence (binText) in the ImROI at spatial domain block of size (4 × 4) (i.e., the transform domain block size is 2 × 2) to obtain the highest embedding capacity. The algorithm generates some side information that is necessary for the reversibility of the scheme. The watermarked ImROI is rearranged as blocks of size (16 × 16) and saved in ‘WROI’.

• Step 9: The watermarked image is obtained by rearranging the blocks of WROI and WRONI. The watermarked image together with the side information that has been generated from embedding data in the ROI and the secret key (k1) are sent to the receiver side.

2.4.2 Extraction procedures

• Step 1: Read the watermarked image and the side information.

• Step 2: Mark the ROI and the RONI using k1.

• Step 3: Divide the image into non-overlapping blocks of size (16 × 16) pixels.

• Step 4: Save the blocks of the ROI in ‘WROI’ and save the blocks of the RONI in ‘WRONI’. Then the ‘WROI’ is represented by a group of adjacent blocks to form an image ‘ImWROI’.

• Step 5: Extract the embedded text from ImWROI and recover the original ROI as explained in (section 2.3.2). The recovered ROI is rearranged as blocks of size 16 × 16 pixels and saved in ‘RecROI’. Then the average of the pixel values in each block is calculated and saved in ‘Avnew’.

• Step 6: Extract the binary sequence from the RONI blocks using the extraction procedures that have been explained in (section 2.2.2). Decode the extracted binary sequence using BCH (15,11,1).

• Step 7: From the number of the blocks in WROI, one can easily separate the resultant binary sequence into its original parts (i.e., the recovery information part and the tamper detection and localization part). The process is as follows:

$$ \begin{array}{l}\mathrm{Average}\ \mathrm{sequence}\ \mathrm{length} = AvLen = \mathrm{number}\ \mathrm{of}\ \mathrm{blocks}\ \mathrm{in} WROI \times 8\hfill \\ {}\mathrm{Recovery}\ \mathrm{sequence}\ \mathrm{length}= ReLen = \mathrm{length}\ \mathrm{of}\ \mathrm{the}\ \mathrm{binary}\ \mathrm{sequence} - AvLen\hfill \\ {}\mathrm{The}\ \mathrm{recoverysequencebits}=\mathrm{binarysequence}\left(1: ReLen\right)\hfill \\ {}\mathrm{The}\ \mathrm{average}\ \mathrm{sequence}\ \mathrm{bits} = \mathrm{binary}\ \mathrm{sequence}\ \left( ReLen+1: end\ of\ the\ binary\ sequence\right)\hfill \end{array} $$

The recovery sequence bits and the average sequence bits are converted from binary to decimal to recover their original values that are named as ‘IWTOriginal’ and ‘AvOriginal’, respectively.

• Step 8: The ROI is tested to ensure its authenticity; the average values of the recovered ROI in ‘Avnew’ are compared with the original average values in ‘AvOriginal’. If the values are equal then the image is authentic and the software is ended at this step. Otherwise, if any difference detected, the ROI is considered not authentic and the software must proceed for the tamper localization and recovery steps.

• Step 9: The recovery sequence in ‘IWTOriginal’ is used to recover the ROI as explained in (section 2.1.2). The recovered ROI from its features is saved in ‘OriginalROI’.

• Step 10: The average values are compared; if ‘Avnew’ and ‘AvOriginal’ are not equal then their corresponding block is marked as tampered. Then the tampered block is replaced by its corresponding block in ‘OriginalROI’ as a recovery process.

3 Experimental results and discussion

To test the performance of the proposed authentication scheme, the experiments have been conducted for medical images of size (512 × 512 × 8 bits). The experiments and their results are in the following subsections.

3.1 Invisibility test

The binary sequence of the patient’s information has been fixed to 1000 bits. The threshold value has been set to T = 2 (as an example) for the embedding algorithms in the ROI and the RONI. The results of the visual quality test are in Table 3 where different images have been watermarked and one of the test images has been tested for different ROI. Figures 3 and 4 show the original images with the selected ROI and their corresponding watermarked images.

Table 3 Invisibility test of the proposed authentication scheme

Fig. 3

Invisibility results for image 1. The original images: (a) Image 1 region1, (b) Image 1 region2, and (c) Image 1 region3. The watermarked images: (d) Image 1 region1, (e) Image 1 region2, and (f) Image 1 region3

Fig. 4

Invisibility results for three different images. The original images: (a) Image 2, (b) Image 3, and (c) Image 4. The watermarked images: (d) Image 2, (e) Image 3, and (f) Image 4

3.2 Tamper detection, localization, and recovery test

To demonstrate tamper detection, localization, and recovery, two tampering processes (i.e., erasing and copy & paste) have been imposed on the watermarked image as shown in Fig. 5, which illustrates the localization of the tampered area and the replacement of the tampered blocks with the recovery blocks. As shown in the results, the proposed scheme can successfully detect and recover the tampered area in the ROI.

Fig. 5

Examples to demonstrate tamper localization and recovery. (a) Original image, (b) Selected ROI, (c) Watermarked image, (d) Tamper1 (erasing), (e) Localization of Tamper1, (f) Recovery of Tamper1, (g) Tamper2 (copy & paste), (h) Localization of Tamper2, (i) Recovery of Tamper2

3.3 Robustness test

The robustness of the proposed scheme has been tested against unintentional attacks (i.e., adding noise and image compression). Figure 6 shows the robustness of the proposed scheme against salt-and-pepper noise, which illustrates that the scheme can successfully localize the noise, and recover the blocks that have noise. Figure 7 shows the robustness results against AGN and Fig. 8 shows the robustness results against JPEG compression. In addition, the performance of the proposed scheme has been tested when tampering and attacks have been imposed on the watermarked image. Figure 9 shows the results when copy-paste and salt and pepper noise have been occurred. Figure 10 shows the results when copy-paste and JPEG compression have been occurred. As shown in the results, the proposed authentication scheme can localize the tampered area and the attacks in the ROI and can successfully apply the recovery process.

Fig. 6

Example to demonstrate robustness against salt-and-pepper noise. (a) Original image, (b) Selected ROI, (c) Watermarked image, (d) Salt-and-Pepper (0.0005), (e) Localization of Salt-and-Pepper (0.0005), (f) Recovery of Salt-and-Pepper (0.0005), (g) Salt-and-Pepper (0.0008), (h) Localization of Salt-and-Pepper (0.0008), (i) Recovery of Salt-and-Pepper (0.0008)

Fig. 7

Example to demonstrate robustness against AGN noise. (a) Original image, (b) Selected ROI, (c) Watermarked image, (d) AGN (0, 0.0005), (e) Localization of AGN (0, 0.0005), (f) Recovery of AGN (0, 0.0005), (g) AGN (0, 0.0008), (h) Localization of AGN (0, 0.0008), (i) Recovery of AGN (0, 0.0008)

Fig. 8

Example to demonstrate robustness against JPEG compression. (a) Original image, (b) Selected ROI, (c) Watermarked image, (d) JPEG 80 %, (e) Localization of JPEG 80 %, (f) Recovery of JPEG 80 %, (g) JPEG 70 %, (h) Localization of JPEG 70 %, (i) Recovery of JPEG 70 %

Fig. 9

Example 1 to demonstrate the performance when tampering and attack are occurred. (a) Original image, (b) Selected ROI, (c) Watermarked image, (d) copypaste & salt-and-pepper noise (0.0005), (e) Localization of copy-paste & salt-andpepper noise (0.0005), (f) Recovery of copy-paste & salt-and-pepper noise (0.0005), (g) copy-paste & salt-and-pepper noise (0.0008), (h) Localization of copy-paste & salt-and-pepper noise (0.0008), (i) Recovery of copy-paste & salt-and-pepper noise (0.0008)

Fig. 10

Example 2 to demonstrate the performance when tamper and attack are occurred. (a) Original image, (b) Selected ROI, (c) Watermarked image, (d) copy-paste & JPEG 80 %, (e) Localization of copy-paste & JPEG 80 %, (f) Recovery of copy-paste & JPEG 80 %, (g) copy-paste & JPEG 70 %, (h) Localization of copy-paste & JPEG 70 %, (i) Recovery of copy-paste & JPEG 70 %

3.4 Comparison with previous authentication schemes

The characteristics of the proposed authentication scheme can be summarized as follows:

1. 1)

   The scheme can be used for tamper detection, localization, and recovery, in addition to data hiding.

2. 2)

   The ROI can be recovered correctly at the receiver side when the watermarked image does not change.

3. 3)

   The ROI can be recovered with good visual quality when changes are happened in the ROI of the watermarked image.

4. 4)

   The scheme has robustness against unintentional attacks, which makes the scheme more suitable for the practical applications.

General comparisons between the proposed authentication scheme and the previous authentication schemes are shown in Tables 4 and 5. As shown in the tables, the proposed scheme performs better than the schemes in [7–9, 12, 17, 22, 25] in terms of tamper localization because the schemes in [7–9, 12, 17, 22, 25] can detect tampering in the image but cannot localize the tampered area.

Table 4 Comparison 1 between the proposed authentication scheme and the previous authentication schemes

Table 5 Comparison 2 between the proposed authentication scheme and the previous authentication schemes

In terms of tamper recovery, the proposed scheme performs better than the schemes in [7–9, 12, 17, 22, 25] because these schemes cannot recover the tampered area. The schemes in [2, 3, 6, 10, 23, 26, 27] can recover the tampered area but the visual quality of the recovered image using the proposed scheme is better in comparison with [2, 3, 6, 10, 23, 26, 27], which has been proved in the experiments and results of (section 2.1.2, Table 2).

In terms of reversibility, the proposed scheme is better in comparison with the schemes in [7–9, 12, 22, 27] because these schemes are irreversible (i.e., the original image cannot be recovered even when the image does not undergone any attack). In terms of robustness, the proposed scheme is robust against JPEG compression, AGN, and salt & pepper noise; therefore, the proposed scheme is better than all the compared schemes in [2, 3, 6–10, 12, 17, 22, 23, 25–27]. As shown in Table 5, the majority of the previous schemes are fragile while some schemes got robustness against only one type of attacks.

4 Conclusions

This paper presents a new medical image authentication scheme based on Slantlet transform watermarking methods. In the proposed scheme, a new method has been suggested to generate the recovery information of the ROI, which is based on the integer wavelet transform coefficients. The proposed method reduces the recovery information, gives good visual quality of the recovered ROI, and provides the ability to implement a robust medical image authentication scheme. A robust reversible watermarking scheme has been used to embed data in the ROI in order to ensure the reversibility of the ROI at the receiver side. A robust irreversible watermarking scheme based on SLT matrix has been used to embed data in the RONI to improve the capacity and give robustness at the same time. The experimental results prove the efficiency of the proposed scheme in detecting and recovering the tampered area in the ROI. The proposed authentication scheme is more suitable for the practical applications in comparison with the previous schemes because it has robustness against unintentional attacks, in addition, it can recover the ROI with good visual quality. The scheme has been implemented and applied for the medical images that have 8-bit depth. For the future work, some adjustments in the scheme can be conducted to apply it for images with different bit depth (e.g., some medical images have 12-bit depth or 16-bit depth). For instance, in case of 16-bit depth the pixel values range is [0 to 65,535] which should be considered while conducting the adjustments of the scheme. In addition, an extensive study of the IWT coefficients for this type of images should be conducted in order to find out the best type of IWT that can be applied.