Mitigating S-RAHA: An On-device Framework to Prevent Forwarding of Re-Captured Images

TL;DR

This paper introduces a low-computation on-device framework that detects and prevents the forwarding of physically recaptured images, addressing a new privacy threat called S RAHA in mobile applications.

Contribution

It presents a deep learning-based recapture detection model and an on-device enforcement mechanism, along with a conceptual invisible metadata identifier for forensic traceability.

Findings

Deep learning model effectively distinguishes original from recaptured images.

The system can automatically block suspected recaptured images from being shared.

The invisible metadata identifier offers a promising approach for forensic analysis.

Abstract

Protecting sensitive visual content from unauthorized redistribution is a growing challenge for privacy focused mobile applications, including dating platforms. Screenshot prevention mechanisms, rely on server side monitoring or are limited to digital screenshot detection, are commonly deployed to stop forwarding sensitive images. However, an adversary uses another smartphone to take a photo of the mobile screen, in this scenario the existing solutions offer no protection against psychically screen recapture attacks. Since the attack happens in the physical plane rather than on a digital plane and shows a void or hole in the existing solutions, we name this the Screen Recaptured Analog Hole Attack (S RAHA). Such physically recaptured images bypass digital safeguards and can be freely forwarded, creating substantial privacy, personal safety, and forensic risks. We present a low computational secure by design on device framework that aims to detect and prevent the forwarding of recaptured images directly to the users device. The proposed system integrates a deep learning assisted recapture detection model capable of distinguishing original digital content from camera to screen captures under diverse environmental conditions, together with an on device enforcement mechanism that automatically blocks the sharing of suspected recaptured images between applications. We also introduce the concept of an invisible metadata identifier (IMI) that can be embedded into protected images to enable forensic traceability of potential leakage paths. Although the IMI component is explored at a conceptual and feasibility level rather than fully implemented, it demonstrates a promising direction for integrating lightweight, invisible identifiers into client side security architectures.