Randomized detection for spread-spectrum watermarking: Defending against sensitivity and other attacks

Spread Spectrum (SS) has been a well-studied technique in signal processing. As a tool for watermarking in an adversarial context, however, this methodology needs caution and new variations. We suggest SS variants where the detection rule is randomized in the sense of having the watermark detector use secret coin flips to choose subsets of the watermarked data and perform correlation tests. We then form a pool of such estimates and pick the median value. We study the effect of such detection methods on sensitivity and estimation attacks, which suggest that randomization is a necessary tool to prevent these types of potentially debilitating adversarial methodologies. We also present other schemes for improving the robustness of SS methods, along with experimental results. Though we recognize the limitations of SS in the face of adversarial attacks, our methods attempt to maximize the potential of SS watermarking in such scenarios.