Forensic Watermarking Tool Embeds Trackable Info in Every Frame

News
By
published

A single injected frame can provide user IDs, IP addresses, and session data.

castLabs DRM visualization
(Image credit: castLabs)

Amsterdam-based Digital Rights Management (DRM) company castLabs has introduced what it feels is the next step in content protection through a new technique, dubbed "single-frame forensic watermaking". The concept behind the DRM system is to leverage the company's cloud-based "Video Toolkit solution", which processes and protects uploaded content (such as video, images, and documents) by adding "tunable watermarks", which are then redistributed alongside the (now-watermarked and monitored) content.

The basic idea of the service is that it can be applied either standalone or alongside other DRM-protection mechanisms, while offering an additional layer of "tunable" security to any sensitive content. When the content is uploaded through the company's AWS-hosted solution, the company's software secretly embeds identifying information on each frame by "creating unique watermark IDs, [and] strategically hiding them within video frames or other visual digital assets." How strategic that hiding is, however, is unclear: the company does say that at least for video streaming, its service watermarks "every frame entirely", meaning that there must be included redundancies in how the data is encoded across frames.

According to the company, a single frame that's been treated with its "forensic watermark" tech is all that's required to recover the original copyright information - even when attempting to recover data from a picture or video shot of the computer screen (one of the easier ways of defeating metadata-based protections). According to the company, this "blind extraction" capability (where the software detects existing watermarks without knowing whether or not the source file contains it) is one of its differentiators in the content-protection scene. The ability for its watermarking feature to survive digital-to-analog conversion is also relatively striking.

The tool seems to be more geared toward enterprise and industrial-espionage use-cases. Tech companies, for instance, usually distribute advanced information on unreleased-products to journalists, influencers and, distribution partners that's provided under the terms of what are known as non-disclosure. But as the existence of leaks attests, even the existence of physical watermarks and a distribution list can lead to leaks - as soon as information leaves its origin, the Internet takes care of distributing it. The company's solution aims to alleviate this problem immensely.

It's unclear when and if this technology could be used for other mediums. For instance, could this technology be applied to internal game builds, or gone-gold game releases? If this technology finds its way into games, then at least theoretically, anyone "streaming" a pirated version of a game could be caught unaware by the digital rights holder. The idea here might be to include an executable check that verifies online licensing for the game in question, activating the watermark in case of failure. To be clear, that's not happening here, and nothing says it will happen. But with gaming companies in particular being on the forefront of anti-piracy DRM techniques such as Denuvo, it sounds plausible that this sort of "forensic watermarking" would turn around some heads within that sector.

Time will tell; but for now, it seems that per-frame watermarking that survives even media changes has arrived. We're wondering whether AI companies are taking a look at this technology; considering the difficulties in separating synthetic from emergent data for AI training, and these companies' own promise of introducing competent watermarking technology to Ai-produced content, we'd expect them to be craning their necks.

Francisco Pires
Francisco Pires
Freelance News Writer

Francisco Pires is a freelance news writer for Tom's Hardware with a soft side for quantum computing.

6 Comments Comment from the forums
  • edzieba
    No. A game is not an encoded video stream.

    This steganographic technique, like all other video steno tools, relies on you performing the watermarking on a controlled system prior to distribution: compromise of that system, or an unwatermarked file ever leaving control, means complete compromise of the entire architecture. Since games are rendered locally, this prerequisite is impossible to achieve.
    Reply
  • Brian28
    There are ways to add steganographic marks to video game output, and some games do, but as you said it's not foolproof and could be removed as long as it's being rendered on the user's machine. But it can still prevent trivial sharing of such content. (Not everyone has the skill to alter a game's render pipeline.) I know of games where this is used for alpha versions which are supposed to be under NDA. (Not this specific tool, but steganographic marks in general.)
    Reply
  • Giroro
    I wonder if this technology will be made freely available so all content creators from all backgrounds and castes of society can protect their life's work.

    Or, if it will be just another obscenely expensive weapon that the established mega-billionaire media oligarchy will abuse use as designed to steal ideas fully comply with minimum local legal requirements, victim blame consumers tricked into buying their products provide strong community outreach, imprison people who want convenient and long-lasting access to media dirty freeloading pirates, and blast independent reviewers into oblivion provide an open-door policy to listen to feedback from all people of differing opinions and world views.

    Just kidding, there's no need to wonder exactly who this is for and who it's designed to target.
    Reply
  • umeng2002_2
    Blur > sharpen > render
    Reply
  • bit_user
    edzieba said:
    No. A game is not an encoded video stream.
    You're lacking imagination. Given a library of GPU-optimized code for inserting these watermarks, a game absolutely could watermark the final rendered images before they're sent to the display. They wouldn't even need much information - just your license key - and it wouldn't need to be entirely recoverable from just a single frame.

    The main tradeoff game makers would face is that this, like their other DRM, could be removed by skillful crackers who knew to look for it. However, if the game makers are sufficiently motivated, perhaps they could embed the information in more subtle places, like various game textures during loading time. This would also make it less impactful on framerates.
    Reply
  • edzieba
    bit_user said:
    You're lacking imagination. Given a library of GPU-optimized code for inserting these watermarks, a game absolutely could watermark the final rendered images before they're sent to the display. They wouldn't even need much information - just your license key - and it wouldn't need to be entirely recoverable from just a single frame.

    The main tradeoff game makers would face is that this, like their other DRM, could be removed by skillful crackers who knew to look for it. However, if the game makers are sufficiently motivated, perhaps they could embed the information in more subtle places, like various game textures during loading time. This would also make it less impactful on framerates.
    Stenographic on-line watermarking suffers from the same issues that existing non-stenographic watermarking has (i.e. printing username or some other UID onto the rendered image): once a user knows that it exists then as an active influence on rendering it can be tracked down and removed. The render pipeline is local, and even attempts at 'secure enclaves' like for HDMI have not help up against local access. Offline tricks like watermarking textures - as well as being vulnerable to disruption from the render pipeline - are also the more trivial to defeat via asset replacement.
    Reply