Upload File

Download - MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Transcript
Page 1: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

DIGITAL FORENSIC RESEARCH CONFERENCE

MP4 Video Authentication Using File

Structure and Metadata

By

Jake Hall

Presented At

The Digital Forensic Research Conference

DFRWS 2015 USA Philadelphia, PA (Aug 9th - 13th)

DFRWS is dedicated to the sharing of knowledge and ideas about digital forensics research. Ever since it organized

the first open workshop devoted to digital forensics in 2001, DFRWS continues to bring academics and practitioners

together in an informal environment. As a non-profit, volunteer organization, DFRWS sponsors technical working

groups, annual conferences and challenges to help drive the direction of research and development.

http:/dfrws.org

Page 2: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

MP4$Video$Authen/ca/on$Using$File$Structure$and$Metadata$ $$

Jake$Hall$

Page 3: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

MP4/3GP$Video$

•  Video$Coding$Formats$– H.264$– MPEGE4$Part$10$

– Advanced$Video$Coding$(AVC)$•  File$Container$Format$– MP4$– 3GP,$3G2$

Page 4: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Movie$Atoms$

•  QuickTime$File$Format$Specifica/on$•  Allow$the$media$and$the$descrip/on$to$be$stored$separately$$

•  Size$>$Type$>$Data$•  Parent$/$Child$Nes/ng$Conven/on$

Page 5: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Original$Go$Pro$Hero$3+$Black$

Page 6: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Parsing$$

•  4$bytes$@$0x00$–$size$of$atom$–$32$bytes$•  4$bytes$@$0x04$–$type$of$atom$–$^yp$

•  File$Type$Compa/bility$

Page 7: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Parsing$

•  4$bytes$@$0x20$–$size$of$atom$–$22742$bytes$•  4$bytes$@$0x24$–$type$of$atom$–$moov$•  4$bytes$@$0x28$–$size$of$atom$–$108$bytes$•  4$bytes$@$0x2C$–$type$of$atom$–$mvhd$–$Movie$Header$Atom$

Page 8: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

$$^yp$@$0x00$moov$@$0x20$•  mvhd$@$0x28$•  udta$@$0x94$

•  FIRM$@$0x9C$•  LENS$@$0xB0$•  CAME$@$0xE8$•  SETT$@$0x100$•  AMBA$@$0x110$•  free$@$0x190$

•  trak$@$0x214$•  tkhd$@$0x21C$•  tref$@$0x278$

•  tmcd$@$0x280$•  edts$@$0x28C$

•  elst$@$0x294$•  mdia$@$0x2B0$

•  mdhd$@$0x2B8$•  …$

71$atoms$in$total$

Page 9: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Using$Atomic$Parsley$to$Render$Original$Go$Pro$

Page 10: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Examples$of$Unique$Atom$Data$

Page 11: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Adobe$Premiere$Structure$Change$

Page 12: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Original$vs.$Premiere$

Page 13: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

ffmpeg$Structure$Change$

Page 14: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Original$vs.$ffmpeg$

Page 15: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Comparison$With$Other$Devices$Panasonic$Lumix$$$$$$$$DMC$TSE5$ LG$G3$

Samsung$$Galaxy$S5$

Samsung$$Galaxy$S4$

Samsung$$Galaxy$S3$

Page 16: MP4 Video Authentication Using File Structure and … Video Authentication Using File Structure and Metadata By Jake Hall Presented At ... – hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

Notes$

•  Forensic$Analysis$of$Video$File$Formats$by$Gloe,$Fischer,$Kirchner$– hkp://dx.doi.org/10.1016/j.diin.2014.03.009$

•  QuickTime$File$Format$Specifica/on$– hkp://developer.apple.com/library/mac/documenta/on/QuickTime/QTFF/qnf.pdf$

•  Atomic$Parsley$– hkp://github.com/wez/atomicparsley$


Top Related

Secure Disseminaon of Video Data in Vehicle-to …...(authentication (authentication code, CA certificate that it uses), authorization (authorization code, applicable policies, policy
Secure Disseminaon of Video Data in Vehicle-to …...(authentication (authentication code, CA certificate that it uses), authorization (authorization code, applicable policies, policy
Personalized Image-based User Authentication using ... · User-to-camera authentication: The personalized camera device capturing the first person video is a central component in
Personalized Image-based User Authentication using ... · User-to-camera authentication: The personalized camera device capturing the first person video is a central component in
Video Authentication using PLEXUS Method · 2018. 12. 16. · 730 | P a g e Video Authentication using PLEXUS Method Dr. Hala Bahjat Abdulwahab1 Computer Science Department University
Video Authentication using PLEXUS Method · 2018. 12. 16. · 730 | P a g e Video Authentication using PLEXUS Method Dr. Hala Bahjat Abdulwahab1 Computer Science Department University
HKP 3C (&B) Painting instructions Camouflage scheme€¦ · HKP 3C (&B) Painting instructions Camouflage scheme HKP 3C, 03115, Z55 - AF1 Boden. ... Close Tamiya: Close Humbrol:
HKP 3C (&B) Painting instructions Camouflage scheme€¦ · HKP 3C (&B) Painting instructions Camouflage scheme HKP 3C, 03115, Z55 - AF1 Boden. ... Close Tamiya: Close Humbrol:
HKR / HKA / HKP /HKSHKR / HKA / HKP /HKS ElEctRic HEAt KitS foR AiR HAndlERS And PAcKAgEd ElEctRic UnitS *Complete warranty details available from your local dealer or at ... Breaker
HKR / HKA / HKP /HKSHKR / HKA / HKP /HKS ElEctRic HEAt KitS foR AiR HAndlERS And PAcKAgEd ElEctRic UnitS *Complete warranty details available from your local dealer or at ... Breaker
Video Based Gait Analysis in Biometric person authentication
Video Based Gait Analysis in Biometric person authentication
Authentication of Digital Video using Fragile Watermarking …informatika.stei.itb.ac.id/~rinaldi.munir/Penelitian/... · 2019. 12. 20. · Authentication of Digital Video using Fragile
Authentication of Digital Video using Fragile Watermarking …informatika.stei.itb.ac.id/~rinaldi.munir/Penelitian/... · 2019. 12. 20. · Authentication of Digital Video using Fragile
Video Based Gait Analysis in Biometric person authentication Jani Rönkkönen
Video Based Gait Analysis in Biometric person authentication Jani Rönkkönen