Authentication of social media images

Not too long ago, I was contacted by a European NGO that was concerned about a particular image that was circulating around social media and the internet.

Depending on which site you happen to be surfing, the picture above is often described as a Ukrainian paramilitary wearing the crossed grenades insignia of the WWII era German SS-Sonderregiment Dirlewanger (aka, the Dirlewanger Brigade). “Composed of criminals expected to die fighting in the front-line, [SS-Sonderregiment Dirlewanger] led by Oskar Dirlewanger. Originally formed for anti-partisan duties against the Polish resistance; the unit eventually saw action in Slovakia, Hungary, and against the Soviet Red Army near the end of the war. During its operations it engaged in the rape, pillaging and mass murder of civilians.”

Needless to say, the use of such iconography / imagery on social media is meant to intimidate / send fear into populations of civilians.

The question posed by the NGO, is the photo real or has it been Photoshopped?

Enter Amped Authenticate.

With over 2 dozen mathematical and statistical tests, as well as tests of the underlying structure of images, Amped Authenticate moves beyond the visual to provide valuable information about the context of images received from a variety of sources – including social media.

The old methods of authentication utilized databases of EXIF information and cryptographic hash values. But images found on social media won’t match hash values and their EXIF information has been substantially changed by the uploading and sharing that happens on-line. Plus, the file has likely been resized and recompressed countless times. The old tools aren’t helpful in the modern world where images are easily manipulated.

As good as a digital forgery might be, there are still tell-tale signs that can be uncovered with the right test – with the right tool.

ELA – Error Level Analysis – works to detect regions of an image that show evidence of different compression levels. Difference in compression levels can result when a region of the image was pasted in from another picture. The brighter the regional results, the greater the difference. In our case, the area of the insignia was almost solid white – meaning it was clearly pasted into the image from another source.

I also examined the random noise within the image. The Noise Map test looks at this random noise to see if there are inconsistencies – different statistics from other parts of the image. In this case, there were inconsistencies in the area of the insignia – clearly visible in the result.

Result = forgery. The image was Photoshopped.

It’s quite easy to fool the eye with a convincing forgery. It’s quite difficult to fool over two dozen scientific tests.

If you would like more information about Amped Authenticate or our training offerings,

Leave a Reply

Your email address will not be published. Required fields are marked *