Digital Forensics

Question 1

What is the job of the lens?

Answer 1

To focus light/image onto centre

Question 2

What is the job of the filter?

Answer 2

Reduce the sensitivity to infrared light

Question 3

What is the job of the sensor?

Answer 3

Turns light into a recordable image

Question 4

What does the DSP unit do?

Answer 4

Performs some basic image processing before the image is saved

Question 5

What is the focal point?

Answer 5

A point on the optic axis where parallel light rays converge

Question 6

What is the optic axis?

Answer 6

A line which runs perpendicular to the lens and directly through the middle

Question 7

What does CMOS stand for? And what is its use?

Answer 7

Complementary metal oxide semiconductor
It helps the light sensitive sensor chip to record all of the data in a very short space of time

Question 8

What does DSLR stand for?

Answer 8

Digital single lens reflex

Question 9

What are pixels?

Answer 9

Individual light sensitive cells which measure the amount of light that fall on them. They cover the cameras sensor

Question 10

How are coloured images produced?

Answer 10

The light seen by the camera is split in to the three primary colours which can than be used to create an accurate image through the use of a Bayer filter

Question 11

What is a Bayer filter?

Answer 11

A grid of coloured filters that sit over the sensor with red, green, and blue elements over individual pixels which will only allow their respective light colours through. It looks at pixels surrounding others to formulate an informed guess of what the true colour of that pixel is

Question 12

What is the job of the colour filter array?

Answer 12

It allows the digital camera to ‘see’ colours as it is colourblind without this and can only determine light intensity

Question 13

What are the two common configurations of the colour filter array? Can you describe them?

Answer 13

The Bayer pattern - checkered
The Stripe pattern - stripes

Question 14

What are photo sites?

Answer 14

Each square on the sensor element is a single photo site

Question 15

Why are there two times more green elements on the colour filter array compared to red and blue?

Answer 15

Due to the human eye being more sensitive to green light

Question 16

What are the two main types of sensors in the camera?

Answer 16

CCD (charge coupled device) and CMOS (complementary metal oxide semiconductor)

Question 17

Define photodiodes

Answer 17

Semiconductor devices that generate an electrical charge in proportion to the number of photons which reach them

Question 18

Where are photodiodes typically found?

Answer 18

They are tightly packed on a silicone wafer in CCDs and CMOSs

Question 19

What are the advantages of CCD sensors?

Answer 19

• Proven record of technologies and commercialization
• Low noise, high S/N because the surface is almost entirely photosensitive (compared to 1/4 in CMOS)

Question 20

What are the disadvantages of CCD sensors?

Answer 20

• High power consumption, slower speed
• on-chip peripheral circuits difficult to manufacture

Question 21

What are the advantages of CMOS sensors?

Answer 21

• Manufacture can be simpler and less expensive
• Use less power than CCD
• Physical size of detector is smaller

Question 22

What are the disadvantages of CMOS sensors?

Answer 22

• Relatively high noise

Question 23

Where are CMOS sensors and CCD sensors typically used?

Answer 23

CMOS - modern consumer cameras (phones)
CCD - scientific applications

Question 24

What is the job of the DSP (digital signal processors) molecule?

Answer 24

To read out the voltages from the image sensor which are then fed into an onboard image processing module which contains proprietary algorithms for improving the perceived quality, demosaicing, and compression

Question 25

Define spacial sampling

Answer 25

The average light intensity per pixel

Question 26

How many values per pixel to monochrome images have?

Answer 26

One

Question 27

Why does the image appear blurry when the light intensity pattern is continuous?

Answer 27

Each pixel only record the average light intensity

Question 28

Define resolution

Answer 28

The dimensions by which you can measure how many pixels are on a screen

Question 29

Why are sharper images shown on a phone compared to a laptop?

Answer 29

They both have the same number of pixels, but they are in a denser space on the phone

Question 30

What is a byte?

Answer 30

8 bits

Question 31

How do we make an image darker?

Answer 31

By subtracting a fixed constant from each of the RGB values

Question 32

Define point processing

Answer 32

The process of adjusting a pixels value according to a transformation function

Question 33

What is an image histogram?

Answer 33

A graph which records the number of pixels in an image, and the light intensity of each of these pixels, and displays this as a bar chart

Question 34

Why is a 4-bit image sometimes used instead of an 8-bit image?

Answer 34

It makes the image histogram clearer due to there being less values

Question 35

What is the function of a look-up table (LUT)?

Answer 35

It implements a functional mapping of pixel intensity values

Question 36

What are the seven methods for detecting photo forgery?

Answer 36

• Reverse image search
• EXIF data check
• Specular reflection
• Photogrammetry
• Inconsistencies in shadows/reflections
• Grey level resampling
• JPEG signatures

Question 37

What is image processing?

Answer 37

The technique of applying a relevant mathematical operation on a digitised image to generate an enhanced image or extract some useful features such as edge, shape, and colour

Question 37

What are the six purposes of spatial filtering?

Answer 37

• Image smoothing
• Noise removal
• Image sharpening
• Edge detection
• Inpainting
• Pre-processing

Question 37

How does image enhancement work?

Answer 37

It alters each pixel by the same amount in order to change the appearance of the image

Question 38

Give three applications of image processing

Answer 38

Medical imaging
Self-driving cars
Satellite imaging

Question 39

Which edges does a vertical difference mask highlight?

Answer 39

The horizontal edges

Question 40

Which edges does a horizontal difference mask highlight?

Answer 40

The vertical edges

Question 41

Define median filter

Answer 41

The output pixel value is determined as the neighbourhood median

Question 42

Define correlated noise

Answer 42

There is some sort of structure or pattern in the noise

Question 43

Define uncorrelated noise

Answer 43

No structure or pattern in the noise

Question 44

Why does correlated noise appear?

Answer 44

Electrical interference, source/sensor interference

Question 45

What effect does shutter speed have on noise?

Answer 45

Slower shutter speed can result in higher noise levels

Question 46

What is Gaussian noise?

Answer 46

Noise where the majority of the pixels have the same value of 127. There is a normal distribution around this number

Question 47

What is uniform noise?

Answer 47

Where the probability of getting any light intensity for a pixel is the same, meaning the distribution is flat

Question 48

What is salt and pepper noise?

Answer 48

The pixels have either a value of 0 or 255

Question 49

Why might salt and pepper noise appear?

Answer 49

Due to errors in transmission, dead pixels in a display, or photodiode leakage

Question 50

What are the advantages of removing salt and pepper noise with a median filter?

Answer 50

• Returns the median value of the pixels in the neighbourhood
• Is non-linear
• Is similar to a uniform blurring filter which returns the mean value of the pixels in a neighbourhood of a pixel
• Unlike a mean value filter, the median tends to preserve steep edges

Question 51

Why does shot noise occur?

Answer 51

Due to the random fluctuations in photon energy captured by the image sensor

Question 52

What is readout noise?

Answer 52

Electrical charge built up within the camera from the different onboard processes

Question 53

What are the two main types of pattern noise?

Answer 53

Photo response non-uniformity (PRNU) and dark signal non-uniformity (DSNU)

Question 54

What is PRNU?

Answer 54

The variation in pixel sensitivity cause by manufacturing defects and the natural non-uniformity of the silicon used in the image sensor

Question 55

What is DSNU?

Answer 55

fixed pattern noise due to ‘dark currents’ that occur in the sensor even when no light is incident upon it

Question 56

How do you obtain the fingerprint for a specific device?

Answer 56

1. Take at least 50 natural scene images using the suspected source camera
2. Individually filter each image using a wavelet denoising filter
3. Average together the filtered images to produce a unique fingerprint for the camera

Question 57

Why is the denoised image only an estimate?

Answer 57

Impossible to remove all noise

Question 58

Define latent fingerprint in terms of digital forensics

Answer 58

Pattern noise extracted from an evidential image

Question 59

Define exemplar fingerprint in terms of digital forensics

Answer 59

Average pattern noise extracted from a sample of images known to have originated from a specific imaging device

Question 60

Define steganograohy

Answer 60

The art/science of communicating by hiding secret messages in innocuous ‘cover’ objects

Question 61

Define acrostic

Answer 61

A text, usually a poem, in which particular letters, such as the first of each line, spell a word or phrase

Question 62

Define cover object

Answer 62

A message that can be transmitted without suspicion, such as an image file, digital sound, or written text

Question 63

Define stego-object

Answer 63

A cover object containing an embedded secret object

Question 64

Why should the same cover never be used more than once?

Answer 64

As two versions of one cover could easily be detected and possibly decoded

Question 65

Define stego-key

Answer 65

Used to encrypt the secret message

Question 66

Define pure steganography

Answer 66

Does not require the exchange of prior information such as a stego-key

Question 67

Define secret key steganography

Answer 67

A secret stego-key is exchanged prior to communicating using a stego-object

Question 68

Define binary image

Answer 68

Images whose pixels only have two possible intensity values

Question 69

What is the random interval method in steganography?

Answer 69

Where elements of the cover are chosen at random for hiding data. The ‘seed’ for the random places, typically a random number generator, must be available to both parties in the communication

Question 70

Define visual attack

Answer 70

A means of detecting embedded information, such as by visual inspection of the least significant bits only of a digital image

Question 71

Define statistical attack

Answer 71

Referring to non-visual methods for determining embedding

Question 72

Define image histogram

Answer 72

The frequency distribution of grey-levels within a digital image

Question 73

What does embedding in the least significant bits to do the image histogram?

Answer 73

Tends to average out pairs of values in the image histogram

Question 74

What statistical technique is used to determine the probability of embedding?

Answer 74

Chi-squared

Question 75

What do the observed values refer to in the Chi-squared equation?

Answer 75

The observed values are every other column in the image histogram

Question 76

What does a low chi-squared value imply?

Answer 76

That embedding has taken place

Question 77

What is the purpose of an image compression algorithm?

Answer 77

In order to reduce the storage requirements, sometimes at the expense of the image quality

Question 78

Define non-lossy (loseless) compression

Answer 78

Original image can be recovered exactly from compressed image file, such as portable network graphics (.png)

Question 79

Define lossy compression

Answer 79

Information lost when a file is compressed. Therefore, only an approximation to the original image is possible, such as joint experts photographic group JPEG (.jpg)

Question 80

Define coding redundancy

Answer 80

Caused by sub-optimal code words for encoding, a symbol typically represents a grey-level

Question 81

Define inter-pixel redundancy

Answer 81

Due to grey-level correlations between neighbouring pixels

Question 82

Define psycho-visual redundancy

Answer 82

Information contained within an image that is superfluous to the interpretation or aesthetics of an image

Question 83

In psycho-visual redundancy, what does clarity depend on?

Answer 83

1. Spacial frequency
2. Amplitude