jForge: An adversarial method to deceive JPEG forgery localization schemes

Automatic localization of tampered regions of a JPEG image has attracted lots of attention in recent times. It is known that the statistical signatures of single and Double JPEG (DJPEG) compression are distinct, and the presence of both the signatures inside an image is proof of manipulation. Automatic localization of tampered regions is carried out by segregating the singly and doubly compressed regions of an image. However, the robustness of the localization process is questionable as very few attempts are made to highlight their vulnerabilities. Here, we propose an adversarial framework, known as jForge, through which one can create a DJPEG compressed image that only bears the signatures of a single compression, and it renders the localization process ineffective. jForge removes the footprints of JPEG compression using model-based approximation techniques. Arguably, this is the first successful attempt to model the DC coefficients of an image, and it employs polynomial regression of two variables to accomplish the same. Similarly, AC coefficients have been approximated using low degree polynomials. We have mounted jForge on three popular forgery localization schemes, and none of them is effective against it. This raises serious doubt regarding the efficacy of the statistical signature-based paradigm of forgery localization.