An open source image forensic toolset
"Forensic Image Analysis is the application of image science and domain expertise to interpret the content of an image and/or the image itself in legal matters. Major subdisciplines of Forensic Image Analysis with law enforcement applications include: Photogrammetry, Photographic Comparison, Content Analysis, and Image Authentication." (Scientific Working Group on Imaging Technologies)
Sherloq is a personal research project about implementing a fully integrated environment for digital image forensics. It is not meant as an automatic tool that decide if an image is forged or not (that tool probably will never exist...), but as a companion in experimenting with various algorithms found in the latest research papers and workshops.
While many commercial solutions have high retail prices and often reserved to law enforcement and government agencies only, this toolset aims to be a both an extensible framework and a starting point for anyone interested in making experiments in this particular application of digital signal processing.
I strongly believe that security-by-obscurity is the wrong way to offer any kind of forensic service (i.e. "Using this proprietary software I guarantee you that this photo is pristine... and you have to trust me!"). Following the open-source philosophy, everyone should be able to try various techniques on their own, gain knowledge and share it to the community... even better if they contribute with code improvements! :)
The first version was written in 2015 using C++11 to build a command line utility with many options, but soon it turned to be too cumbersome and not much interactive. That version could be compiled with CMake after installing OpenCV, Boost and AlgLib libraries. This first proof of concept offered about 80% of planned features (see below for the full list).
While also including novel algorithms, the 2017 version mainly added a Qt-based multi-window GUI to provide a better user experience. Multiple analyses could be shown on screen and a fast zoom/scroll viewer was implemented for easier image navigation. That project could be compiled with Qt Creator with Qt 5 and OpenCV 3 and covered about 70% of planned features.
Fast forward to 2020 when I decided to port everything in Python (PySide2 + Matplotlib + OpenCV) for easier development and deployment. While this iteration is just begun and I have yet to port all the previous code on the new platform, I think this will be the final "form" of the project (as long as someone does not volunteer up to develop a nice web application!).
I'm happy to share my code and get in contact with anyone interested to improve or test it, but please keep in mind that this repository is not intended for distributing a final product, my aim is just to publicly track development of an unpretentious educational tool, so expect bugs, unpolished code and missing features! ;)
This list contains the functions that the toolkit will (hopefully) provide once beta stage is reached (NOTE: functions displayed in italics inside the program are not yet implemented!).
Here are some screenshots from the previous C++ Qt GUI (to be updated with the new version):
File Analysis: Metadata, Digest and EXIF
Color Analysis: Space Conversion, PCA Projection, Histograms and Statistics
Visual Inspection: Magnifier Loupe, Image Adjustments and Evidence Comparison
JPEG Analysis: Quantization Tables, Compression Ghosts and Error Level Analysis
Luminance and Noise: Light Gradient, Echo Edge, Min/Max Deviation and SNR Consistency
$ sudo apt install python3-distutils python3-dev python3-testresources subversion $ wget https://bootstrap.pypa.io/get-pip.py $ sudo python3 get-pip.py $ sudo pip install virtualenv virtualenvwrapper $ echo -e "\n# Python Virtual Environments" >> ~/.bashrc $ echo "export WORKON_HOME=$HOME/.virtualenvs" >> ~/.bashrc $ echo "export VIRTUALENVWRAPPER_PYTHON=/usr/bin/python3" >> ~/.bashrc $ echo "source /usr/local/bin/virtualenvwrapper.sh" >> ~/.bashrc $ source ~/.bashrc $ mkvirtualenv sq -p python3
python3 --versionto install the interpreter and other command line tools
$ wget https://bootstrap.pypa.io/get-pip.py $ sudo python3 get-pip.py $ sudo pip install virtualenv virtualenvwrapper $ echo -e "\n# Python Virtual Environments" >> ~/.bash_profile $ echo "export WORKON_HOME=$HOME/.virtualenvs" >> ~/.bash_profile $ echo "export VIRTUALENVWRAPPER_PYTHON=/usr/bin/python3" >> ~/.bash_profile $ echo "source /usr/local/bin/virtualenvwrapper.sh" >> ~/.bash_profile $ source ~/.bash_profile
$ mkvirtualenv sq -p python3
brew(thanks to @thmsl):
$ /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" $ brew install libmagic
> pip install virtualenv virtualenvwrapper-win > mkvirtualenv sq
sudo apt-get install libxcb-xinerama0
sthfrom the Start menu):
conda create --copy -n sherloq python[enter Yes when it prompts]
conda activate sherloqto activate the environment
pip install -r requirements.txtto install required packages (use
pip install -r requirements_win.txton Windows)
When a new version is released, update the local working copy using Git, SVN or manually downloading from this repository and (if necessary) update the packages in the virtual environment following this guide.