Denise Moussa

Denise Moussa, M. Sc.

Department of Computer Science
Chair of Computer Science 1 (IT Security Infrastructures)

Room: Room 12.155
Martensstr. 3
91058 Erlangen

I am a PhD candidate in the multimedia security group since February 2021. My general fields of research include deep learning, image forensics and audio forensics.

Recent projects

Below, a description of my recently concluded works is listed. My earlier projects are from the field of classical digital forensics, featuring an analysis of common eBook reading applications as well as a search study for data on reused usb stick memory chips. Lately, my research interest extended to multimedia-forensics, where my current main focus is on deep learning based recognition of license plate images that are degraded beyond human recognition. My second interest relates to audio forensics, especially the detection and/or localization of manipulated content. See the list of publications at the bottom of the page.


Point to the Hidden: Exposing Speech Audio Splicing via Signal Pointer Nets (Interspeech 2023)


Verifying the integrity of voice recording evidence for criminal investigations is an integral part of an audio forensic analyst’s work. Here, one focus is on detecting deletion or insertion operations, so called audio splicing. While this is a rather easy approach to alter spoken statements, careful editing can yield quite convincing results. For difficult cases or big amounts of data, automated tools can support in detecting potential editing locations. To this end, several analytical and deep learning methods have been proposed by now. Still, few address unconstrained splicing scenarios as expected in practice. With SigPointer, we propose a pointer network framework for continuous input that uncovers splice locations naturally and more efficiently than existing works. Extensive experiments on forensically challenging data like strongly compressed and noisy signals quantify the benefit of the pointer mechanism with performance increases between about 6 to 10 percentage points.

Paper | GitLab




Forensic License Plate Recognition with Compression-Informed Transformers (ICIP 2022)


Forensic license plate recognition (FLPR) remains an open challenge in legal contexts such as criminal investigations, where unreadable license plates (LPs) need to be deciphered from highly compressed and/or low resolution footage, e.g., from surveillance cameras. In this work, we propose a side-informed Transformer architecture that embeds knowledge on the input compression level to improve recognition under strong compression. We show the effectiveness of Transformers for license plate recognition (LPR) on a low-quality real-world dataset. We also provide a synthetic dataset that includes strongly degraded, illegible LP images and analyze the impact of knowledge embedding on it. The network outperforms existing FLPR methods and standard state-of-the art image recognition models while requiring less parameters. For the severest degraded images, we can improve recognition by up to 8.9 percent points.

Paper | Slides | GitLab



Towards Unconstrained Audio Splicing Detection and Localization with Neural Networks (MMFORWILD 2022, ICPR Workshop)


Freely available and easy-to-use audio editing tools make it straightforward to perform audio splicing. Convincing forgeries can be created by combining various speech samples from the same person. Detection of such splices is important both in the public sector when considering misinformation, and in a legal context to verify the integrity of evidence. Unfortunately, most existing detection algorithms for audio splicing use handcrafted features and make specific assumptions. However, criminal investigators are often faced with audio samples from unconstrained sources with unknown characteristics, which raises the need for more generally applicable methods.
With this work, we aim to take a first step towards unconstrained audio splicing detection to address this need. We simulate various attack scenarios in the form of post-processing operations that may disguise splicing. We propose a Transformer sequence-to-sequence (seq2seq) network for splicing detection and localization. Our extensive evaluation shows that the proposed method outperforms existing dedicated approaches for splicing detection as well as the general-purpose networks EfficientNet and RegNet.

Paper | GitLab



Sequence-based Recognition of License Plates with Severe Out-of-Distribution Degradations (CAIP 2021)


Criminal investigations regularly involve the deciphering of license plates (LPs) of vehicles. Unfortunately, the image or video source material typically stems from uncontrolled sources, and may be subject to severe degradations such as extremely low resolution, strong compression, low contrast or over- resp. underexposure. While LP recognition has a long history in computer vision research, the deciphering under such severe degradations is still an open issue. Moreover, since the data source is not controlled, it cannot be assumed that the exact form of degradation is covered in the training set. In this work, we propose using convolutional recurrent neural networks (CRNN) for the recognition of LPs from images with strong unseen degradations. The CRNN clearly outperforms an existing conventional CNN in this scenario. It also provides an additional particular advantage for criminal investigations, namely to create top-n sequence predictions. Even a low number of top-n candidates improves the recognition performance considerably.

Paper | Slides | Results



In Search of Lost Data: A Study of Flash Sanitization Practices (DFRWS EU 2021)



Best Paper Award

To avoid the disclosure of personal or corporate data, sanitization of storage devices is an important issue when such devices are to be reused. While poor sanitization practices have been reported for second-hand hard disk drives, it has been reported that data has been found on original storage devices based on flash technology. Based on insights into the second-hand chip market in China, we report on the results of the first large-scale study on the effects of chip reuse for USB flash drives. We provide clear evidence of poor sanitization practices in a non-negligible fraction of USB flash drives from the low-cost Chinese market that were sold as original. More specifically, we forensically analyzed 614 USB flash drives and were able to recover non-trivial user data on a total of 75 devices (more than 12 %). This non-negligible probability that any data (including incriminating files) already existed on the drive when it was bought has critical implications to forensic investigations. The absence of external factors which correlate with finding data on new USB flash drives complicates the matter further.

Paper | Slides



Analyse verbreiteter Anwendungen zum Lesen von elektronischen Büchern (Technical Report, 2019)



Der Marktanteil elektronischer Bucher (E-Books) am Buchmarkt wächst beständig. Um E-Books zu rezipieren, benötigt man spezielle Leseumgebungen, die als Software (im Browser oder als eigene Anwendung) oder als Spezialgerät (E-Reader) realisiert sein können. Diese Leseumgebungen sind geeignet, Daten über das Leseverhalten zu sammeln. Im Rahmen einer universitären Lehrveranstaltung wurden die Software-Leseumgebungen der beiden deutschen Marktführer Kindle und Tolino untersucht. Der vorliegende Bericht fasst die Ergebnisse dieser Analysen zusammen. Das Ergebnis ist eine umfassende Bestandsaufnahme der digitalen Spuren, die durch die Benutzung der Programme entstehen. Betrachtet wurden die zum Untersuchungszeitpunkt aktuellen Versionen der jeweiligen Webanwendungen und Android-Apps sowie des Kindle-Windows-Clients. Die Ergebnisse entstanden im Rahmen einer Übung zur Vorlesung “Fortgeschrittene forensische Informatik II” im Wintersemester 2018/19 an der Friedrich-Alexander-Universität Erlangen-Nürnberg (FAU), die gemeinsam durchgeführt wurde vom Lehrstuhl fur Informatik 1 und dem Institut für Buchwissenschaft an der FAU.



Key ID 2498B03D7CA0C7DA
Fingerprint 9F2D 4F5A 84BD 6135 7B5B 502D 2498 B03D 7CA0 C7DA
Public Key Public Key