JP2007096608A - Unauthorized image detection apparatus, method, and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To solve the problem wherein great efforts are required at an auction site to check images uploaded by users every day. <P>SOLUTION: The unauthorized image detecting apparatus comprises a means for hashing an image data received from a user terminal, a hash value storage means for storing a hash value of the image data and a hash value of an unauthorized image data registered, a hash value detection means for detecting a hash value identical to the hash value of the image data from a hash value database of unauthorized image data, a map means for extracting a pixel of the image data along with 1 or a plurality of paths when the identical hash value is not detected by the hash value detection means, a means for storing a first map value indicative of the extracted pixel and a second map value extracting a pixel of unauthorized image data approved beforehand along with the paths, and a detection means for detecting a map value judged to be identical to the first map value at a predetermined proportion, among the second map values. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an unauthorized image detection device, method, and program.

Conventionally, a method for realizing Internet shopping on a Web page is known (for example, Patent Document 1). In this technique, a method for controlling display of product information on a Web page is disclosed so that a user who accesses the Web page is interested.
JP 2002-15231 A

However, this method still has the problems described below.
In Internet shopping, a user who accesses a Web page may upload information such as a user's own image or text. For example, in an auction site, a Web page of an auction site is configured by uploading text and images as product information exhibited by an unspecified number of people.

Since a large number of images are uploaded every day on the auction sites as described above, in some cases, unauthorized images are uploaded, and unauthorized images may be posted and viewed on Web pages accessed by many people. .
Currently, images posted on web pages can be uploaded even if the image is an illegal image such as an illegal copy of an image that is offensive to public order and morals or a copyrighted image. Yes, such posting of images cannot be mechanically prevented.

  The vast number of images uploaded by this user is currently being checked by the service provider's monitor to see if they are fraudulent images. However, this method takes a lot of work and all the images can be downloaded. It is difficult to check.

  Therefore, an object of the present invention is to reduce the burden of monitoring human images of images uploaded by users as product information in such Internet shopping and auctions.

  The present invention provides the following apparatus, control method, and program as means for solving the above problems.

(1) An unauthorized image detection apparatus connected to a user terminal via a network,
A receiving means for receiving image data from the user terminal, a hash means for hashing the image data received by the receiving means, a hash value of the image data hashed by the hash means, and a hash value of one or more illegal image data Hash value storage means for storing (for example, a hash value database of blacklist images), a hash value detection means for detecting the same hash value as the hash value of the image data from the hash value of one or more illegal image data, Map means for extracting pixels of image data along one or a plurality of paths in response to the fact that the same hash value is not detected by the hash value detection means, and a first map value indicating the extracted pixels; A second map value storing pixels extracted from one or more illegal image data along the one or more paths. Map value detecting means for detecting a map value that is determined to be the same at a predetermined ratio among the second map values and a map value detecting means (for example, a map value database of blacklist images); A fraudulent image detection apparatus comprising:

  According to said structure, when the image data received from the user terminal is a fraudulent image, this can be detected. Here, the “illegal image” means an image that the user of the above-described unauthorized image detection device wants to detect for some reason, and is not necessarily limited to an image that is offensive to public order and morals or an illegal copy image. . In this detection, in addition to comparing hash values of image data, map values obtained by extracting pixels through a path defined on the image plane are compared. Therefore, even if an image is determined not to be an unauthorized image because the hash values are different, it can be determined that the image is an unauthorized image if the map values are the same at a predetermined ratio by comparing the map values. Is possible. As a result, it is possible to detect an illegal image more accurately than in the past.

(2) An unauthorized image placement prevention device including the unauthorized image detection device according to (1),
When a map value determined to be the same as the image data at a predetermined ratio is not detected, storage means (for example, an image database uploaded by the user) for storing the image data and access from other user terminals are accepted, An unauthorized image posting preventing apparatus, comprising: image data transmitting means for transmitting image data stored in the storage means to another user terminal.

  According to the above-described configuration, the image data received from the user terminal is displayed only when the image data received from the user terminal does not detect the map value determined to be the same at a predetermined ratio. Store in the storage means (for example, server). That is, when the image data transmitted from the user terminal determines that the image data transmitted from the user terminal is an unauthorized image, the apparatus for preventing unauthorized image posting does not store the image data, thereby making it impossible to upload from the user terminal. Therefore, for example, if an image posted on a Web page is an illegal image that is against public order and morals, the unauthorized image posting prevention device can automatically prohibit uploading of this image.

(3) The unauthorized image detection apparatus according to (1) above,
A fraudulent image detection apparatus provided with means for causing an operator to select one or a plurality of path functions according to the type of image data from a user terminal from among path functions defining one or a plurality of paths.

  According to the above configuration, it is possible for the operator of the unauthorized image detection apparatus to select an optimal path function from a plurality of predefined path functions according to the type and characteristics of the image. Here, the path function is an arbitrary function when the image is an XY plane.

(4) The unauthorized image posting prevention device described in (2) above,
Injustice comprising means for allowing a monitor to determine whether to store the image data in the storage means according to the similarity between the map value of the image data from the user terminal and the map value stored in the map value storage means Image placement prevention device.

  According to the above configuration, even when the illegal image detection devices do not determine that they are the same at a predetermined rate, the map values of the compared images are equal to or higher than the predetermined similarity, that is, the determination by the illegal image detection device is gray. In such a case, the uploaded image and the original image corresponding to the map value of the similarity within a predetermined range can be compared with a monitor of the unauthorized image posting prevention device to make a final determination.

  According to the present invention, it is possible to reduce monitoring and checking by a monitor for a huge image that a user intends to upload as product information via a network.

  Hereinafter, the present invention will be described using embodiments of the invention. However, other variations are possible for the constituent elements and the combinations in the embodiments, and the invention according to the claims is not limited.

  FIG. 1 is a diagram showing a schematic configuration diagram of one system for preventing uploading of unauthorized images by the unauthorized image detecting device according to the present invention and an unauthorized image posting preventing device including the same.

  A merchandise exhibitor of the Internet shopping or auction tries to upload image data via the Internet 3 as a part of information on a merchandise to be exhibited from the user terminal 1. The image to be uploaded is first received by the fraudulent image detection device 10 included in the fraudulent image posting prevention device 4 on the service provider side, and subjected to an inspection as to whether it is a fraudulent image. An image that is determined not to be an unauthorized image is registered in the storage means 19 (for example, a database that stores images uploaded by the user), and image data is transmitted in response to a request from the user terminal 2 that is another user. Sent by means 21. In the figure, the unauthorized image posting prevention device 4 is shown as one device for simplicity, but it may be constituted by a plurality of servers.

  The unauthorized image posting prevention device 4 includes the unauthorized image detection device 10 according to the present invention. The unauthorized image detection device 10 mainly includes a reception unit 11, a hash unit 12, a hash value storage unit 13, and a hash value detection unit 14. , Map means 15, map value storage means 16, map value detection means 17, and output means 18. Here, the receiving means 11 may take a configuration existing in the unauthorized image posting preventing apparatus 4. In addition, the hash value storage unit 13 and the map value storage unit 16 may be included in a separate device from the unauthorized image posting prevention device 4 and transmit / receive data to / from the unauthorized image detection device 10 via communication.

  First, when the user tries to upload an image, the receiving unit 11 receives the image uploaded from the user. The received image data may be temporarily stored in a RAM or hard disk as a buffer, but is not shown here.

  Next, the hash value of the received user image is obtained by the hash unit 12. Here, the “hash value” is obtained by converting the data to be searched into an integer according to a certain rule, and has an advantage that the search can be performed at a high speed by comparing the hash values as compared with the case of comparing the entire data. A widely known function such as MD5 (Message Digest 5), CRC32 (Cyclic Redundancy Checksum 32 bits), SHA1 (Secure Hash Algorithm 1) may be used as a hash function for converting the entire data into a hash value. The unauthorized image detection apparatus 10 may include a selection unit that allows the operator to select the path function.

  The hash value obtained by the hash unit 12 is compared by the hash value detection unit 14 with the hash value of an image registered in advance in the hash value storage unit 13 as an illegal image. The hash value storage means 13 is a database of so-called hash values of blacklist images that stores hash values of images that have been certified and registered as unauthorized images in the past. When the hash value detection unit 14 detects the same hash value of the user image and the hash value of the black list image, the hash value detection unit 14 considers that the user image is the same as the already registered illegal image and The output is made via the output means 18 and the process is terminated. This is because the hash values of different image files are generally not the same.

However, it is impossible to detect an image obtained by changing even a part of an illegal image only by comparing the hash values. Actually, when the user uploads the product image, the image size is limited by the system provider, so clipping is not required for the original image (original image) as shown in FIG. It is usually performed to remove a background portion.
Moreover, even if an image is embedded with a copyright or the like, the image can be edited unless an appropriate tampering prevention technique is embedded, and the copyright portion is simple as shown in FIG. Can be removed. Further, inversion and deformation as shown in FIG. 2C and FIG. 2D are methods often used to avoid detection by hash values.

  As in this example, even if a part of the image data is edited, the hash value of the image file is different. Therefore, it is inappropriate to determine whether the images are the same by simply comparing the hash values. For this reason, the unauthorized image detection apparatus 10 further includes the following means.

  In FIG. 1, when the same hash value as the hash value of the user image is not detected in the hash value storage unit 13, the map unit 15 generates a map value of the image uploaded by the user. Here, the “map value” is obtained by obtaining a color value (color density) of the color space for each pixel (pixel) along a predetermined path or paths. The path definition and map value generation method will be described later.

  The map value obtained by the map means 15 is then compared by the map value detection means 17 with the map value of the image registered in advance in the map value storage means 16 as an illegal image. Similar to the hash value storage unit 13, the map value storage unit 16 is a map value database of blacklist images, which stores the map values of images that have been recognized and registered as unauthorized images in the past.

  The map value detection unit 17 outputs the “similarity” between the compared map value of the black list and the map value of the user image via the output unit 18. Here, the “similarity” is defined by the ratio of the number of pixels that are considered to be the same or within the same color value (for example, the density of each RGB component) to the number of pixels in the entire path. That is, if the number of pixels included on a line of a certain path n is Pn and the number of pixels regarded as the same or the same is Qn, similarity = Qn / Pn.

  The output means 18 includes the similarity between the two images compared, the ID of the image, the image size, and the like as output data, and this output is displayed as a file in addition to being displayed to the operator directly on a normal CRT or liquid crystal screen. It may be the output of another system.

  As a result of the output from the unauthorized image detection device 10, the determination unit 20 in the unauthorized image placement prevention device 4 determines whether to store the uploaded user image in the storage unit 19. The storage means 19 is a database for finally storing the user's uploaded images, and the images held in this database are legitimate images that have been inspected by the image data transmitting means 21 in response to requests from other users. As a part of the product information.

  The determination means 20 will be described in an example described later.

  FIG. 3 shows a “path function” that defines a path for obtaining the map value. In general, the coordinates of the pixels in the image are represented by coordinates on the XY plane with the upper left as the origin (0, 0), so the path function is also an arbitrary function f (x, y) is used. However, the path has directionality, and information indicating the direction is added to the path function. As the path function, an arbitrary function on the XY plane can be used, but in practice, a simple function composed of a combination of one or a plurality of straight lines (lines) is used for the simplicity of calculation amount. It is easy to handle.

FIG. 4 shows a specific example of the path function. 4A and 4B are the simplest examples in which a path function is defined by only one line. Also, examples of other path functions are shown in FIGS. 4 (c) to 4 (f). As described above, information indicating the direction of the path is added to each path function. For example, in the function of FIG. 4E, the start point (a ₁ , b ₁ ), the intermediate point (a ₂ , b ₁ ), (a ₁ , b ₂ ), (a ₂ , b ₂ ), the end point (a ₁ , B ₁ ) are added as accompanying information.

Actually, which pass function is to be used can be determined heuristically with reference to a database that accumulates evaluation values of detection rates of a plurality of pass functions as data for each characteristic of image data.
The classification of the characteristics of the image data may be determined intuitively by the judgment of the system administrator. However, the existing image similarity and image feature extraction technology (for example, JP-A-2003-303188, JP-A-2000-285141) are used. It is also possible to classify using.

  FIG. 5 is a conceptual diagram for comparing the map values of two images. As described above, the map value is a set of color values (color densities) of all the pixels existing on the pass defined by the pass function. In the example of FIG. 5, the path function is defined by one simple line from left to right. The comparison of map values means that the color values are sequentially compared for all of the pixels on the pass function considering this directionality. Hereinafter, map values and color values will be described in more detail.

  Many of the images uploaded via the Internet are in a compressed image format. In general, a JPEG (Joint Photographic Experts Group of CCUIT ISO / IEC) format is widely used. A color image in the JPEG format is converted into an RGB (red, green, blue) color system and displayed on a screen such as a CRT or a liquid crystal display.

_YC b _C r as JPEG in color system (Y is the luminance representing the brightness, _{C b} is the difference between the luminance and blue levels, _{C R} represents the difference between luminance and red level) is used, _YC b _{C r} And RGB can be converted into each other. Here, JPEG is taken as an example, but even if it is GIF (Graphic Interchange Format) format or PNG (Portable Network Graphic) format, which is another compressed image format widely used on the Internet, Think about the color system. However, the GIF format can only express up to 256 colors.

  Hereinafter, the converted RGB color system will be described as 24-bit color (so-called 16.7 million full color).

First, the map value is a set of color values of pixels on the path as described above, and is represented as {C ₁ , C ₂ ,..., C _n }.
Here, n is the number of pixels on the path defined by one path function, and RGB components corresponding to the i-th pixel counted from the path start point along the path direction are represented by C _i (R _i , G _i , B _i ) (i = 1,..., N). In the case of 24-bit color, R _i , G _i , and B _i each take a value of 1 byte (0 to 255), so the color value of each pixel is 3 bytes.

  As shown in FIG. 5, whether or not the inspection image matches the comparison image is determined by comparing the color value of this pixel for each RGB component. However, here, in comparison between the pixel i and the pixel j, even if the RGB component values do not completely match, it can be determined that they are the same within a certain range.

That is, the tolerances (margins) of the RGB components are σ _R , σ _G , and σ _B , the inspection image pixels are C _i (R _i , G _i , B _i ), and the comparison image pixels are C _j (R _j , G _j , B _j ), when | R _i −R _j | <= σ _R , | G _i −G _j | <= σ _G , | B _i −B _j | <= σ _B , C _i and C _j are considered to have the same color value.

Here, the tolerances σ _R , σ _G , and σ _B may be obtained empirically or may be determined using an existing color matching technique or the like.

  The tolerance is used when the original image data is compressed and stored after color tone adjustment processing or the like, and the RGB color values when comparing the map values are obtained from the original image data. This is because it is different from the RGB color value.

  In the following, embodiments of the present invention will be described in more detail using examples on an auction site.

  FIG. 6 shows an example of a screen configuration for the monitor of the unauthorized image posting prevention device of the service provider to finally determine as an unauthorized image based on the data detected by the unauthorized image detection device according to the present invention. Yes.

  In FIG. 6, the similarity of images detected by a plurality of path functions is displayed on the detection result screen 70 based on the output from the unauthorized image detection apparatus 10 (see FIG. 1) according to the present invention. Although one path function may be used, it is usually desirable to use a plurality of path functions in order to improve accuracy. Here, on the detection result screen 70, results of two path functions (path function 1 and path function 2) selected in advance for accumulating the evaluation values of the path functions are displayed simultaneously.

  In the present embodiment, since a plurality of path functions can be used in addition to the path function 1 and the path function 2, the map value storage means 16, that is, the map value database of the black list image has many images for one image. The map value of the path function is stored.

  In this embodiment, when the similarity detected by the path function is within a certain range, it can be mechanically recognized as an illegal image. For example, when the similarity between the map value of the user's uploaded image and the black list image is 90% or more, it is regarded as an unauthorized image, and when the upload is mechanically rejected or when the similarity is less than 60%, it is regarded as an unauthorized image. It is also possible to allow uploading mechanically.

  Furthermore, in FIG. 6, the screen 71 on the right side shows an example of an image inspection screen for a monitor who monitors unauthorized images on the unauthorized image placement preventing apparatus. In the inspection image 72, a path defined by the selected path function 1 is simultaneously displayed as an arrow 75. When the range to be inspected by the monitor from the detection result screen 70 (70a in FIG. 6) is designated by the mouse operation, the image corresponding to the map value of the black list in the selected similarity range with the inspection image 72 is the comparison image group. 73 is reduced and displayed. Actually, in the inspection range 70a, a predetermined range of similarity to be inspected may be displayed as a default. Each image in the comparative image group 73 can be enlarged and displayed for further comparison of details. As described above, when it is difficult to make a determination based on the pass function, in a so-called gray zone, the monitor displays an image belonging to this range in the comparison image group 73, and the inspection image 72 and the comparison image group 73 are included in the comparison image group 73. It can be determined whether there is a match.

  When the monitoring person determines that an image that matches the inspection image 72 exists in the comparison image group 73 in the above-described similarity range in the black list (in this example, the comparison image No. 4). A detection button 74 below the screen 71 is pressed. This process can be executed in the same way for the pass function 2 to increase the accuracy of the inspection. As described above, when the image is in the gray zone, the operator finally checks it, and if it is determined that the image is an unauthorized image, the upload of the user image is rejected. In this case, the fact is displayed on the screen of the user terminal.

  As shown in FIG. 7, the output result of the fraud detection device and the judgment result by the monitoring staff are the type of image, the size of the inspection image and the comparison image, and the judgment similarity detected by the path function, as shown in FIG. Data is collected for each path function.

  The accumulated statistics of path function evaluation values are graphed and can be referred to for subsequent selection of path functions. For example, the accumulated path function evaluation values are further classified according to the type or category of the image, and a plurality of path functions are displayed side by side in descending order of the evaluation value of the path function, and a learning function is provided for use as a path function selection means. You can also.

  As described above, it is possible to reduce the burden of monitoring a large number of images uploaded only by a conventional human using the unauthorized image detection device and the unauthorized image upload prevention unit. In addition, since a range that is regarded as the same by the unauthorized image devices can be adjusted as a parameter, it is possible to construct a system that is flexible and has a learning function that improves detection accuracy by the experience side.

  As mentioned above, although this invention was demonstrated using embodiment, the technical scope of this invention is not restricted to embodiment of the said auction. Various variations or improvements can be added to the above embodiment.

  The method used in the control of the unauthorized image detection apparatus 10 and the unauthorized image posting prevention apparatus 4 (see FIG. 1) including the unauthorized image detection apparatus 10 according to the embodiment of the present invention can also be realized by a program on a computer. The storage medium storing the program can be an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system (or apparatus or device) or a propagation medium. Examples of this storage medium are semiconductor or solid state storage devices, magnetic tape, removable computer readable media examples include semiconductor or solid state storage devices, magnetic tape, removable computer diskettes, random Access memory (RAM), read only memory (ROM), rigid magnetic disk and optical disk are included. Current examples of optical disks include compact disk-read only memory (CD-ROM), compact disk-read / write (CD-R / W) and DVD.

FIG. 1 is a diagram showing the configuration of an unauthorized image detection apparatus and an unauthorized image placement prevention apparatus for preventing unauthorized image placement according to the present invention. FIG. 2 is a diagram illustrating an example of editing image data. FIG. 3 is a diagram illustrating the concept of the path function. FIG. 4 is a diagram showing a specific example of the path function. FIG. 5 is a diagram illustrating comparison of map values between a user image and a comparison image. FIG. 6 is a diagram illustrating an example of a determination screen by an operator based on the output of the unauthorized image inspection apparatus. FIG. 7 is a diagram illustrating an example of an evaluation value item of a pattern function.

Explanation of symbols

1 User terminal 1
2 User terminal 2
DESCRIPTION OF SYMBOLS 3 Internet 4 Fraud image insertion prevention apparatus 10 Fraud image detection apparatus 11 Receiving means 12 Hash means 13 Hash value storage means 14 Hash value detection means 15 Map means 16 Map value storage means 17 Map value detection means 18 Output means 19 Storage means 20 Determination Means 21 Image data transmission means 50 Inspection image 51 Map value of inspection image 52 Comparison image 53 Map value of comparison image 70 Result output display screen of unauthorized image detection apparatus 70a Determination gray zone 71 Incorrect image determination screen 72 Inspection image 73 Comparison image group 74 detection buttons 75 passes

Claims (6)

An unauthorized image detection apparatus connected to a user terminal via a network,
Receiving means for receiving image data from the user terminal;
Hash means for hashing the image data received by the receiving means;
A hash value storage means for storing a hash value of the image data hashed by the hash means, and a hash value of one or more illegal image data;
A hash value detecting means for detecting the same hash value as the hash value of the image data from the hash value of the one or more illegal image data;
Map means for extracting pixels of the image data along one or a plurality of paths in response to the same hash value not being detected by the hash value detection means;
Map value storage means for storing a first map value indicating the extracted pixel and a second map value obtained by extracting pixels of one or more illegal image data along the one or more paths;
Map value detecting means for detecting a map value determined to be the same as the first map value at a predetermined ratio among the second map values;
A fraudulent image detection apparatus comprising: An unauthorized image placement prevention device including the unauthorized image detection device according to claim 1,
Storage means for storing the image data when the second map value determined to be the same as the first map value of the image data at a predetermined ratio is not detected;
Image data transmitting means for accepting access from the other user terminal and transmitting the image data stored in the storage means to the other user terminal;
A fraudulent image posting prevention device. The unauthorized image detection apparatus according to claim 1,
A fraudulent image detection apparatus comprising means for causing an operator to select one or a plurality of the path functions according to the type of image data from the user terminal from among the path functions defining the one or a plurality of paths. The unauthorized image posting prevention device according to claim 2,
Whether to store the image data in the storage unit according to the similarity between the first map value of the image data from the user terminal and the second map value stored in the map value storage unit A fraudulent image posting prevention device comprising means for making a determination. An unauthorized image detection method for an image uploaded from a user terminal via a network,
Receiving image data from the user terminal;
Hashing the received image data in the receiving step;
A hash value storage step of storing a hash value of the image data hashed in the hashing step, and a hash value of one or more illegal image data;
A hash value detection step of detecting a hash value identical to a hash value of the image data from a hash value of the one or more illegal image data;
A mapping step of extracting pixels of the image data along one or a plurality of paths in response to the same hash value not being detected by the hash value detection step;
A map value storing step for storing a first map value indicating the extracted pixel and a second map value obtained by extracting pixels of one or more illegal image data along the one or more paths;
A map value detecting step of detecting a map value determined to be the same as the first map value at a predetermined ratio among the second map values;
A method for detecting fraudulent images. A computer program for causing a computer to execute illegal image detection of an image uploaded from a user terminal via a network,
Receiving image data from the user terminal;
Hashing the received image data in the receiving step;
A hash value storage step of storing a hash value of the image data hashed in the hashing step, and a hash value of one or more illegal image data;
A hash value detection step of detecting a hash value identical to a hash value of the image data from a hash value of the one or more illegal image data;
A mapping step of extracting pixels of the image data along one or a plurality of paths in response to the same hash value not being detected by the hash value detection step;
A map value storing step for storing a first map value indicating the extracted pixel and a second map value obtained by extracting pixels of one or more illegal image data along the one or more paths;
A map value detecting step of detecting a map value determined to be the same as the first map value at a predetermined ratio among the second map values;
A computer program that causes a computer to execute.

Images