VeriScan: A Comprehensive Cybersecurity Tool for Image-Based Threat Detection, Sanitation, and Content Authentication
VeriScan is an advanced Cybersecurity and Digital Authentication solution designed to empower users to analyze digital content with forensic precision. The platform provides a robust suite of tools for detecting a wide variety of image forgeries while serving as a critical defense layer for Vision-Language Models (VLMs) against malicious visual prompt injections.
Clone the repository and install the necessary Python dependencies:
git clone https://github.com/elalgil/VeriScan.git
cd VeriScan
pip install -r requirements.txtNavigate to the frontend directory and install npm packages:
cd frontend
npm installRun the automated batch script to launch both the Backend (FastAPI) and Frontend (React):
veriscan.batBefore executing the code, you must download the pre-trained weight files for both the ResNet50 and SRNet models. These can be found at the following links: ResNet50 weights. Residual Network weights.
Backend API: http://127.0.0.1:8000
Frontend Dashboard: Check the Vite terminal output (default: http://localhost:5173)
In an era of generative AI and sophisticated digital editing, images are no longer static assets—they are potential attack vectors. VeriScan identifies hidden threats that bypass the naked eye and traditional security filters:
Document Forgery Detection: Digital content may be manipulated by image splicing and external objects insersion. It can be identified by revealing inconsistencies in JPEG compression levels which indicate hidden edits.
Propaganda & Disinformation: Images containing "cloned" objects (weapons, protesters, or duplicated objects within a frame) may be used for spreading disinformation, propaganda and creating misleading narratives. It can be identified by detecting "near-identical" interest points within the image.
Identity Integrity: Official organizations require high-integrity facial imagery for security and documentation, but edited images can interfere with automated verification systems. Therefore, unauthorized localized retouching or unnatural blurring in passports and government IDs can be detected by identifying statistical noise irregularities that prove the image is not authentic.
AI-Generated Content & Deepfakes: AI-generated images are proliferating across social media, often fueling disinformation campaigns. Synthetic media created by GAN-based models leaves 'mathematical fingerprints' - latent artifacts invisible to the human eye. These subtle signatures can be identified using specialized pre-trained neural networks, authenticating digital content.
Steganographic Malware & Neutralizing VPI: VLMs (Vision-Language Models) are increasingly vulnerable to Visual Prompt Injections (VPI) - hidden malicious prompts embedded within pixels (Steganographic Malware ) designed to hijack model behavior or exfiltrate sensitive data. We can spotlight these invisible threats by combining high-fidelity SRNet neural profiling with advanced statistical diagnostics. By sanitizing imagery before it reaches the AI, we secure the visual processing pipeline and eliminate steganographic payloads.
VeriScan integrates a multi-layered analysis pipeline, combining classical computer vision heuristics with deep residual neural networks.
- Function: Identifies digital manipulations by analyzing JPEG compression artifacts and pixel-wise variance.
- Research Base: Tehnici de verificare a autenticității imaginilor – ELA. Error Level Analysis
- Implementation: Adapted from killerzman/Python-ELA.
- Function: Detects internal cloning (Copy-Move) where image regions are replicated to hide objects.
- Theory: Employs SIFT keypoint extraction, FLANN-based matching, and RANSAC geometric verification.
- Dataset: CoMoFoD Dataset.
- Reference: An Evaluation of Popular Copy-Move Forgery Detection Approaches. Move-Copy Research
- Function: Estimates Additive Zero Mean Gaussian Noise to identify retouching or unnatural blurring artifacts.
- Theory: Fast Noise Variance Estimation by John Immerkær. Fast Noise Variance Research
- Dataset: CUHK Blur Detection Dataset.
- Function: Identifies images synthesized by GANs and other deep-learning generators by detecting architectural CNN fingerprints.
- Research Base: UC Berkeley and Adobe Research. CNN Detection Research
- Resources: Pre-trained weights and scripts can be found at the CNNDetection GitHub.
- Setup: Utilize
download_testset.shto retrieve ResNet50 model weights optimized for Blur+JPEG robustness.
- Function: An advanced orchestrator that identifies hidden textual commands and malicious payloads.
- Neural Architecture: Utilizes SRNet (Steganalysis Residual Network) converted to ONNX for 3-channel RGB analysis.
- Detection Stack: Aggregates Chi-Square (20%), Sample Pair Analysis (20%), Entropy (20%), and Neural (40%) scores.
- Research Base: Invisible Injections: Exploiting Vision-Language Models Through Steganographic Prompt Embedding. Image injection Research
- Training/Weights: Trained on the ALASKA-1 challenge dataset. Models available via the DDE Lab Website under the "Breaking ALASKA" section.
VeriScan doesn't just detect; it protects. For images flagged with high steganographic risk, the system provides an automated Sanitation Engine:
- Gaussian Blur: Disrupts high-frequency noise signatures used by neural steganography.
- Strategic Re-compression: Neutralizes LSB-based injections while maintaining visual utility.
- Frontend: Built with React, featuring a forensic dashboard with real-time Heatmaps and unified Risk Scoring.
- Backend: High-performance FastAPI orchestrator.
- AI/ML Tech: ONNX Runtime for SRNet inference and PyTorch for CNN-based detection.
VeriScan follows a decoupled architecture where the core logic is isolated from the delivery layers (Web API and UI).
VeriScan app/
├── backend/ # FastAPI Application Server
│ └── main.py # API Entry point and module orchestration
├── frontend/ # React + Vite Forensic Dashboard
│ ├── src/ # UI Components and state management
│ └── vite.config.js # Frontend build configuration
├── verification_manager/ # Core Forensic & Detection Engines
│ ├── cnn_detection_engine/ # GAN/AI detection logic
│ ├── image_authentication_engine/# Classical forensic modules
│ │ ├── compression_artifact_analyzer.py # ELA Analysis
│ │ ├── copy_move_forg_detect_alg.py # Cloning detection
│ │ └── noise_consistency_analyzer.py # Noise variance analysis
│ ├── injection_defense_engine/ # Steganography & SPI defense
│ │ ├── models/ # ONNX model weights (SRNet/ALASKA)
│ │ ├── chi_square_analyzer.py # LSB statistical analysis
│ │ ├── steg_detector_srnet.py # Neural steganography detection
│ │ └── image_injection_detector.py # Result aggregation logic
│ └── verification_manager.py # Primary orchestrator logic
├── resNet_trainer/ # Scripts for training/fine-tuning the CNN models
├── steg injection generator/ # Toolset for creating test injection samples
├── test images/ # Repository of authentic and forged samples for testing
├── documents/ # Repository of all theory articles behind algorithms
├── requirements.txt # Python dependency manifest
└── veriscan.bat # Automated cross-platform system launcher
backend/: Hosts the FastAPI implementation. It handles image ingestion, invokes the necessary analytical engines, and returns JSON-formatted forensic reports to the frontend.
verification_manager/: The "Intelligence Layer" of the system. It is subdivided into specialized engines, ensuring that classical forensics and neural-based threat detection remain decoupled.
image_authentication_engine/: Contains deterministic algorithms (ELA, Noise Variance, Move-Copy) used for detecting standard forgeries.
injection_defense_engine/: Manages the SRNet and statistical modules (Chi-Square, SPA) focused on identifying hidden payloads and adversarial injections.
resNet_trainer/: Includes the training pipeline for the CNN-based AI detection module, allowing for future model updates as new generative techniques emerge.
frontend/: A standard Vite/React project structure. The src/ folder contains the forensic visualization logic, including the rendering of heatmaps and unified trust scores.
assets/: Theoretical background and articles behind the algorithms implemented in the code.
The repository includes a comprehensive Specification Document (System Specification Document.pdf) which serves as the formal technical blueprint for the VeriScan platform.
- Executive Summary & Mission: Detailed project vision focusing on the dual-role of Detection and Integrity Authentication in modern cybersecurity.
- Problem Definition: In-depth analysis of the risks associated with Document Forgery and Visual Prompt Injections (VPI) targeting Large Language Models (LLMs).
- System Architecture: Detailed explanation of the modular FastAPI backend, the React forensic dashboard, and the standardized Authentication Algorithm Protocol.
- Algorithmic Deep-Dive: Comprehensive mathematical and logical breakdowns for every diagnostic module:
- ELA (Error Level Analysis): Compression artifact theory.
- Copy-Move Detection: Keypoint-based logic using SIFT, FLANN, and RANSAC.
- Noise Variance Estimation: The mathematical foundation of the Immerkær mask.
- CNN Detection: ResNet50 fingerprints and Grad-CAM visualization.
- Image Injection Engine: Neural steganography (SRNet) and statistical LSB analysis (Chi-Square/SPA).
- Testing & Validation: The benchmarking strategies using datasets like CASIA 2.0, CoMoFoD, CUHK, and ALASKA-1.
- Academic Bibliography: A complete list of research papers and academic sources that form the theoretical basis of the system.
Elal Gilboa Computer Science Student at The Hebrew University of Jerusalem
Focused on the intersection of Computer Vision and Cybersecurity, specifically in the domains of neural steganalysis and digital forensics.