Scrambling for Privacy Protection in Video Surveillance Systems

1168

Abstract—In this paper, we address the problem of privacy protection in video surveillance. We introduce two efficient approaches to conceal regions of interest (ROIs) based on transform-domain or codestream-domain scrambling. In the first technique, the sign of selected transform coefficients is pseudorandomly flipped during encoding. In the second method, some bits of the codestream are pseudorandomly inverted. We address more specifically the cases of MPEG-4 as it is today the prevailing standard in video surveillance equipment. Simulations show that both techniques successfully hide private data in ROIs while the scene remains comprehensible. Additionally, the amount of noise introduced by the scrambling process can be adjusted. Finally, the impact on coding efficiency performance is small, and the required computational complexity is negligible. Index Terms—Privacy, selective encryption, surveillance, video processing.

I. INTRODUCTION

V

IDEO surveillance systems are omnipresent nowadays, with large systems in use in strategic places such as public transportation, airports, city centers, or residential areas. The prevailing sense of insecurity at the beginning of this century, with terrorist threats and high criminality, renders the intensive use of video surveillance tolerable despite its Orwellian big brother nature. However, people have a legitimate fear of this invasion of their personal privacy, with this objection slowing down a wider acceptance of video surveillance systems. In this paper, we address the issue of privacy protection in video surveillance, with a goal to be able to conciliate the needs of video surveillance with the objection of privacy invasion. This issue has been previously addressed in [1]–[10]. In [1], the scene is represented using an object-based representation. Depending on the end-user access control authorizations, the system subsequently renders a modified version of the video where some objects are masked out. Hence,

References: [1] A. W. Senior, S. Pankanti, A. Hampapur, L. Brown, Y.-L. Tian, and A. Ekin, Blinkering Surveillance: Enabling Video Privacy Through Computer Vision 2003, IBM Tech. Rep. RC22886. [2] D. A. Fidaleo, H.-A. Nguyen, and M. Trivedi, “The networked sensor tapestry (NeST): A privacy enhanced software architecture for interactive analysis of data in video-sensor networks,” in Proc. ACM 2nd Int. Workshop Video Surveillance Sensor Networks, New York, 2004, pp. 46–53. [3] E. Newton, L. Sweeney, and B. Malin, Preserving Privacy by De-Identifying Facial Images Carnegie Mellon Univ., 2003, Tech. Rep. CMU-CS-03-119. [4] T. E. Boult, “PICO: Privacy through Invertible Cryptographic Obscuration,” in Proc. IEEE/NSF Workshop Comput. Vis. Interactive Intell. Environ., Nov. 2005, pp. 27–38. [5] F. Dufaux and T. Ebrahimi, “Video Surveillance using JPEG 2000,” in SPIE Proc. Applications of Digital Image Processing XXVII, Denver, CO, Aug. 2004, pp. 268–275. [6] I. P. Martinez, X. Desurmont, J. Meessen, and J.-F. Delaigle, “Robust human face hiding ensuring privacy,” in Proc. Int. Workshop Image Anal. Multimedia Interactive Services (WIAMIS), Montreux, Switzerland, Apr. 2005. [7] F. Dufaux and T. Ebrahimi, “Scrambling for video surveillance with privacy,” in Proc. IEEE Workshop on Privacy Research In Vision, New York, Jun. 2006, p. 160. [8] W. Zhang, S. S. Cheung, and M. Chen, “Hiding privacy information in video surveillance system,” in Proc. IEEE Int. Conf. Image Process., Genova, Italy, Sep. 2005, pp. II-868–II-871. [9] F. Dufaux and T. Ebrahimi, “Recent advances in MPEG-7 cameras,” in SPIE Proc. Applications of Digital Image Processing XXIX, San Diego, CA, Aug. 2006, vol. 6312, pp. 631211.1–631211.8. [10] [Online]. Available: http://www.eptascape.com/products/eptacam.htm [11] D. Taubman and M. Marcellin, JPEG 2000: Image Compression Fundamentals, Standards and Practice. Norwell, MA: Kluwer, 2002. [12] T. Ebrahimi and F. Pereira, The MPEG-4 Book. Englewood Cliffs, NJ: Prentice-Hall, 2002. [13] ISO/IEC 14496-7/DAM1 Optimized Reference Software for Coding of Audio-Visual Objects, , Mar. 2003, ISO/IEC JTC1/SC29/WG11 WG11N5550. (a) (b) Fig. 11. Privacy protection scrambling in a real video surveillance setting: (a) original sequence and (b) with transform-domain scrambling. real-time DSP implementation of background/foreground segmentation, MPEG-4 encoding and scrambling. The scrambling is using the transform-domain approach where 63 ac coefficients are pseudorandomly scrambled. Results are shown in Fig. 11. It can be observed that both pedestrians and moving cars are successfully scrambled. V. CONCLUSION In this paper, we have described a technique to address the issue of privacy in video surveillance. Regions of interest, assumed to correspond to privacy-sensitive data, are scrambled. In one approach, scrambling is applied in the transform-domain by pseudorandomly flipping the sign of transform ac coefficients or by pseudorandomly modifying dc coefficients. In a second approach, scrambling is performed directly on the compressed codestream by pseudorandomly inversing some bits corresponding to ac coefficients. Simulation results show that the proposed scrambling techniques are successful at concealing privacy-sensitive information while leaving the scene comprehensible. The protection depends on a secret encryption key and the process is fully reversible for authorized users, e.g., law-enforcement authorities, in possession of the latter. After scrambling, the resulting codestream is still standard compliant. Simulations results show that this is obtained with a negligible impact on coding efficiency and a small computational complexity. Moreover, the scrambling process is flexible and the amount of distortion introduced