The vast accessibility of Synthetic Aperture Radar (SAR) images through online portals has propelled the research across various fields. This widespread use and easy availability have unfortunately made SAR data susceptible to malicious alterations, such as local editing applied to the images for inserting or covering the presence of sensitive targets. Vulnerability is further emphasized by the fact that most SAR products, despite their original complex nature, are often released as amplitude-only information, allowing even inexperienced attackers to edit and easily alter the pixel content. To contrast malicious manipulations, in the last years the forensic community has begun to dig into the SAR manipulation issue, proposing detectors that effectively localize the tampering traces in amplitude images. Nonetheless, in this paper we demonstrate that an expert practitioner can exploit the complex nature of SAR data to obscure any signs of manipulation within a locally altered amplitude image. We refer to this approach as a counter-forensic attack. To achieve the concealment of manipulation traces, the attacker can simulate a re-acquisition of the manipulated scene by the SAR system that initially generated the pristine image. In doing so, the attacker can obscure any evidence of manipulation, making it appear as if the image was legitimately produced by the system. This attack has unique features that make it both highly generalizable and relatively easy to apply. First, it is a black-box attack, meaning it is not designed to deceive a specific forensic detector. Furthermore, it does not require a training phase and is not based on adversarial operations. We assess the effectiveness of the proposed counter-forensic approach across diverse scenarios, examining various manipulation operations.

翻译：通过在线门户广泛获取合成孔径雷达（SAR）图像推动了多个领域的研究发展。然而，这种广泛使用和易于获取的特性不幸地使SAR数据容易遭受恶意篡改，例如对图像进行局部编辑以插入或掩盖敏感目标的存在。大多数SAR产品尽管本质上是复杂的复数数据，却常仅以幅度信息形式发布，这一事实进一步凸显了其脆弱性，使得即使经验不足的攻击者也能编辑并轻易改变像素内容。为应对恶意篡改，近年来取证学界开始深入探究SAR篡改问题，提出了能有效定位幅度图像中篡改痕迹的检测器。尽管如此，本文论证了专业从业者可以利用SAR数据的复数特性，在局部篡改的幅度图像中隐藏所有操作痕迹。我们将这种方法称为反取证攻击。为实现篡改痕迹的隐蔽，攻击者可以模拟SAR系统对篡改场景进行重新采集，该系统最初生成了原始图像。通过这种方式，攻击者能够掩盖所有篡改证据，使图像看起来像是系统合法生成的。该攻击具有独特优势，兼具高度普适性和相对易用性：首先，这是黑盒攻击，意味着并非针对特定取证检测器设计；其次，无需训练阶段且不依赖于对抗性操作。我们在多种场景下评估了所提反取证方法的有效性，并检验了各类篡改操作。