Region-Based Hybrid Medical Image Watermarking Scheme for Robust and Secured Transmission in IoMT

With the growth in Internet and digital technology, Internet of Medical Things (IoMT) and Telemedicine have become buzzwords in healthcare. A large number of medical images and information is shared through a public network in these applications. This paper proposes a region-based hybrid Medical Image Watermarking (MIW) scheme to ensure the authenticity, authorization, integrity, and confidentiality of the medical images transmitted through a public network in IoMT. In the proposed scheme, medical images are partitioned into Region of Interest (RoI) and Region of Non-Interest (RoNI). To ascertain integrity of RoI, tamper detection and recovery bits are embedded in RoI in the medical image. RoI is watermarked using adaptive Least Significant Bit (LSB) substitution with respect to the hiding capacity map for higher RoI imperceptibility and accuracy in tamper detection and recovery. Electronic Patient Record (EPR) is compressed using Huffman coding and encrypted using a pseudo-random key (secret key) to provide higher confidentiality and payload. QR code of hospital logo, Encrypted EPR, and RoI recovery bits are interleaved in RoNI using Discrete Wavelet Transform-Singular Value Decomposition (DWT-SVD) hybrid transforms to achieve a robust watermark. The proposed scheme is tested under various geometric and non-geometric attacks such as filtering, compression, rotation, salt and pepper noise and shearing. The evaluation results demonstrate that the proposed scheme has high imperceptibility, robustness, security, payload, tamper detection, and recovery accuracy under image processing attacks. Therefore, the proposed scheme can be used in the transmission of medical images and EPR in IoMT. Relevance of the proposed scheme is established by its superior performance in comparison to some of the popular existing schemes.


I. INTRODUCTION
In this internet era, medical images and patient information is widely transmitted through a public transmission channel in Internet of Medical Things (IoMT) applications. While sharing medical images or electronic patient record (EPR) through a public network, they can get tampered or manipulated, leading to the wrong diagnosis by the medical consultants. Similarly, one can easily claim false ownership of the medical images [1]. Confidentiality of the patient record is also a major concern. Thus, it is very important The associate editor coordinating the review of this manuscript and approving it for publication was Ludovico Minati .
to ensure authenticity, authorization, integrity, and confidentiality of the information during transmission [2]. Medical Image Watermarking (MIW) is one of the most popular approaches to address these issues [3]. For diagnosis, the whole medical image is not used by the medical consultant. Therefore, a medical image can be segmented into a Region of Interest (RoI) and a region of Non-Interest (RoNI) [4]. RoI is used for diagnostic purpose, and RoNI is not important for diagnosis. It is important to ensure the integrity and higher imperceptibility for RoI. Therefore, EPR, hospital logo (or any other authentication information), and tamper detection/recovery information can be embedded as a robust and invisible watermark in RoNI. The Imperceptibility of RoNI can be compromised to ensure higher robustness for the watermark embedded in RoNI. Watermark can be extracted from RoNI to track ownership (authenticity), tamper detection/recovery (integrity), authorization, and confidentiality of the information when it is needed [5]. Spatial, frequency or hybrid domain [6] MIW techniques can be used to insert authentication information into the host medical image. The Least Significant Bit (LSB) watermarking technique is one of the spatial domain techniques used to embed watermark by directly altering the LSB of pixels in the host image. LSB is a fragile watermark technique, so it can be used for tamper detection in RoI [7]. High imperceptibility can be achieved by adaptive LSB substitution. Frequency domain watermarking techniques show higher robustness, hence can be used to embed authentication and patient information in RoNI [8]. This paper proposes a region-based hybrid MIW scheme using hybrid domain watermark techniques for higher imperceptibility, security, tamper detection/recovery accuracy, and authentication, even under intentional/unintentional attacks. The proposed scheme ensures authenticity, authorization, integrity, and confidentially of the medical data. The remaining sections of this paper are organized as follows: Section II analyses the related work, Section III describes the proposed scheme in detail, Section IV presents discussion on simulation results, followed by conclusion and future enhancements in Section V.

II. RELATED WORK
During the past decade, there has been a lot of research in MIW using spatial, frequency and hybrid domain techniques for the secure transmission of medical image and EPR in IoMT. Reversible MIW schemes are explored to ensure high imperceptibility and integrity of medical image [10], [13], [22], [23] using spatial domain techniques. Generally, reversible watermarking techniques (spatial domain), are imperceptible and can be used for integrity verification, but they are less robust. The schemes proposed in [10]- [13], [22], [23], [25] have high imperceptibility but are vulnerable to some image processing attacks. Hence, researchers have suggested frequency domain watermarking schemes such as SVD [17], Schur [24] and hybrid transform schemes using DWT -SVD [6], [16], [25], Redundant discrete wavelet transform (RDWT) -SVD -HT [9], DWT -Schur [11], FdCuT -DCT [14], FD -DCT [18] to achieve high imperceptibility as well as high robustness. The schemes proposed in [6], [9], [11], [12], [14]- [17], [22], [24], [25] have achieved high imperceptibility and robustness but lacks in ensuring integrity of the transmitted data. Integrity (tamper detection and recovery) is one of the important requirement for medical image transmission to ensure that the receiver has received intact medical image. To ensure integrity, schemes in [6], [10], [13], [18], [23] implemented localised tamper detection and recovery techniques. However, there is scope of improvement in the accuracy rate of tamper detection and recovery. Confidentiality and security of EPR watermark is also necessary for applications such as Telemedicine, IoMT, e-healthcare services. In majority of existing MIW schemes, watermark security is either ignored or less focused. MIW schemes presented in [10]- [15] have less focused on watermark security. Arnold map is applied for security of the watermark in [16], [17], but it has low security. Further, schemes in [9], [24], [25], use chaotic map for watermark security. But, chaotic maps suffers from hyper tuning parameter issue. Scheme in [23] and [18] use RC4 and FD for watermark security respectively. Despite the fact that the techniques presented in [9], [18], [23] have achieved high imperceptibility, robustness, and security but has high computational cost. Digital image watermarking schemes proposed in [29]- [31], embeds tamper detection, localization and recovery information in the digital image. These schemes achieve higher imperceptibility and embedding capacity but at the cost of robustness. These schemes have achieved higher tamper detection and localization accuracy but may not be suitable for MIW, as the embedding is done in the entire image which may affect the visual quality of RoI in medical images. Region-based MIW approaches are also proposed, as they effectively use the nondiagnosis (RoNI) portion for watermark embedding without compromising the integrity of the diagnosis-relevant portion (RoI) [10], [12].
Motivation and contribution: The related work review reveals that a good amount of research has been done to securely transmit medical data through the Internet using the MIW approach. However, some challenges need to be addressed. Here, a region based hybrid MIW scheme is proposed to address the mentioned challenges. The proposed MIW scheme is motivated by Swaraja et al. [11], Hanan [6], Kumar & Jha [18] and its contributions are as follows: 1) High EPR security and payload at low computational cost: The proposed scheme ensures EPR security by using the compression-then-encryption approach. First, EPR is compressed by using Huffman coding. EPR compression provides security and increases the payload. Further, the compressed EPR is encrypted using a unique pseudo-random key (PRK) to make EPR highly secure. Divide-And-Conquer (DAC) and Mersenne Twister (MT) random number generator is used to generate PRK having time complexity of O(n log n). Encrypted EPR is embedded as a watermark in RoNI. 2) High RoI imperceptibility: RoI is watermarked according to the hiding capacity map (H map ) to ensure higher RoI imperceptibility. Tamper detection information is embedded in RoI by using adaptive LSB in the spatial domain. This approach is more secure than the conventional LSB embedding technique.

3) High RoI tamper detection and recovery accuracy:
Block wise parity and authentication bit is computed for detecting and localizing RoI tampering. Parity and authentication bits are embedded in the adjacent block in a cylindrical manner. Original LSBs are embedded as a robust watermark in RoNI, further used to VOLUME 10, 2022 recover original RoI. Tamper detection accuracy of the proposed scheme, is more than 97% for various medical images. Also, PSNR of the recovered images is more than 40dB indicating high imperceptibility of recovered images. Thus, the proposed scheme provides higher accuracy in RoI tamper detection, localization and recovery. 4) Precise medical image authentication: Generally, a hospital logo is embedded in the medical image for its authentication, but that can be easily forged. Hence, in the proposed scheme, the QR code of the hospital logo is interleaved in the medical image to avoid authentication forgery.

III. PROPOSED WORK
Here, a region-based MIW scheme is proposed to ensure authenticity, integrity, confidentiality and security of medical images with high imperceptibility and robustness. In the proposed scheme, the medical cover image (C) of size M ×N is segmented into RoI (Region of Interest) and RoNI (Region of Non-Interest). After medical image segmentation, tamper detection and recovery information is embedded in RoI using adaptive LSB with respect to H map . Encrypted EPR, QR code of hospital logo and RoI recovery bits (ROIRB) are embedded in RoNI using DWT-SVD. Watermarked RoI and RoNI are combined to get watermarked medical image C . Watermarks are extracted from C for authentication, tamper detection and recovery. EPR is also retrieved from C . Block diagram of the proposed watermark embedding and extraction scheme (RoI and RoNI) are shown in Figure 1 and Figure 14 respectively. The proposed scheme is elucidated as follows: A. RoI AND RoNI SEGMENTATION RoI and RoNI can be segmented manually or with the help of automated segmentation tools [26]- [28]. However, automated segmentation tools are image modality dependent, computationally expensive and less accurate at marking RoI than manual approaches [38]. Therefore, manual segmentation of RoI ( by the radiologist or physician) is considered in the proposed scheme. An irregular shape ROI is manually marked by the radiologist/physician in the medical image as shown in Figure 2 (i). Following steps are performed to mark a rectangular RoI in the proposed scheme: Step 1: For a M × N medical image, draw M × N grid lines (M horizontal lines and N vertical lines) to completely cover the image, where each pixel occupies one grid cell as shown in Figure 2 (ii).  Figure 2 (iii), the resulting rectangular region is the ROI of the medical cover image, and the rest of the region is the RONI.
After RoI and RONI segmentation of medical cover image, RoI embedding is done as explained in following sub-section.

B. RoI EMBEDDING AND EXTRACTION
RoI has a key role in making diagnostic decisions; thus ensuring high RoI imperceptibility and integrity is crucial.
In the proposed scheme, RoI is watermarked using adaptive LSB substitution (spatial domain) for tamper detection, localization and recovery. Block-wise tamper detection and recovery bits are embedded in RoI concerning H map to provide high imperceptibility and security. The following subsection explains the H map generation.

1) HIDING CAPACITY MAP (H map ) GENERATION
The hiding capacity map represents the maximum number of bits that can be interleaved into each pixel without sacrificing imperceptibility. The proposed scheme generates H map from the structural residual saliency map (S map ). According to the information theory an image can be divided into two parts i.e. novelty (innovation) and redundant parts [20]. The novelty part of an image is unaffected by any image modifications. A log or log-log spectrum can be used to extract the novelty of an image. The proposed scheme extracts the novelty part of an image using the log spectrum representation [51]- [53]. Saliency map uses the novelty part of the image, which is independent of the image, and redundant information cannot be suppressed by the coding system [20], [40]. Thus, the structural saliency map generated for the original RoI and watermarked RoI (attacked) will be identical, and subsequently H map will also be identical. H map generation process is presented in Algorithm 1. The pixel values in the S map range from 0 to 1, indicating the nature of RoI pixel as flat to busy. In S map , 0 indicates flat zone and 1 indicates busy zone. Human Visual System (HVS) is less sensitive to the changes in a busy zone than the flat zone. Therefore, the busy zone pixels have been chosen to hide the maximum amount of RoI tamper detection and recovery bits (TDRB). To achieve higher imperceptibility for RoI, only 1-bit LSB substitution is considered in flat zone where 0.25 ≥ S map (i, j) ≥ 0, whereas 4-bit LSB substitution done in busy zone where 1 ≥ S map (i, j) > 0.75. The range of S map value is divided into four continuous intervals for determining the embedding capacity of pixel as shown in Algorithm 1. Generation of H map from corresponding S map for RoI is explained with an example in Figure 3. The following subsection explains the RoI embedding corresponding to (H map ).

2) RoI EMBEDDING
In the proposed scheme, TDRB is embedded in RoI using adaptive LSB substitution using H map where a maximum of 4 bits can be embedded in each pixel. First, RoI is divided into 6×6 non-overlapping blocks referred to as main block (MB),  which is further divided into 3 × 3 non-overlapping called as sub blocks (SB) as shown in Figure 4.
Further, main block pixel average (MB avg ) and sub block pixel average (SB avg ) for each 6×6 block in RoI is calculated Apply log spectra to FFT coefficients to get logamplitude spectrum and phase angle. 3: Apply a median filter to the original log-amplitude spectrum to smooth it out even more. 4: Further subtract smoothed spectrum from the original log spectrum resulting in residuals of the spectrum. 5: Finally, invert the combined residuals of the spectrum and phase angle to get theS map . 6: Use following threshold to generate H map from S map : where i is the row and j is the column indices of H map and S map .
For tamper detection, authentication (A) and parity (P) bits are determined for each SB from SB avg and MB avg using Eq. 3 and Eq. 4.

Parity bit(P)
Further, 7 MSB of SB avg , A and P bits are appended to form a 9-bit TDRB vector for a given SB. TDBR vector of an SB is embedded in the other SB using a one-to-one mapping process as given in Eq. 5.
where SB N is the N th sub-block. SB is numbered in raster scan fashion and SB N is the mapped sub-block for a given SB N (N 1, 2, 3 . . . ..T ). T is the number of blocks in RoI. L is the biggest prime number between 0 -T/2. TDRB of SB is embedded in a circular order; for, e.g. if the total number of blocks are 4, then TDBR will be embedded in a circular manner, i.e. SB 1 →SB 2 →SB 3 →SB 4 →SB 1 as shown in Figure 5. TDRB (9-bits) of a SB N is embedded in SB N where (N = 1, 2, 3, 4) by using adaptive LSB substitution according to the H map as shown in Figure 6 to get watermarked RoI (RoI ). Before the embedding in SB N , the original LSB of SB N (w.r.t H map ) are appended to a 1-D vector RIORB (RoI recovery bits). Further, RIORB is embedded in RoNI for tamper recovery at the receiver end.

3) ROI EXTRACTION
Before making any diagnostic decisions, integrity of ROI should be ensured to avoid wrong diagnosis. For this, the watermarked medical image is partitioned into ROI and RoNI to extract integrity check watermarks for tamper detection and recovery. Firstly, H map is generated for ROI as explained in section III-B1. Authentication (A), parity (P) bit and 7 MSB are extracted for a 3 × 3 SB from the respective SB N according to H map . Further, authentication (A ) and parity (P ) bit for each 3 × 3 ROI SB is calculated using Eq. 1, Eq. 2, Eq. 3 and Eq. 4. To localize the tampering, for each sub block, (A ) and (P ) are compared with the extracted (A) and (P). If the computed and extracted authentication and parity bits are equal, then it indicates that the ROI sub block is intact otherwise tampered. The tampered sub block is recovered by replacing 7 MSBs of all pixels of SB with the MSB extracted from mapped SB N . And the original LSBs of the pixels are restored from ROIRB extracted from RoNI as explained in sub-section III-E2. This process is carried out for each sub block to detect, localize and recover ROI tampering. The flowchart of tamper detection and recovery is shown in Figure 7.

C. EPR ENCRYPTION AND DECRYPTION
EPR may contain patient's confidential information and must be kept secure while it is transmitted via a global communication channel. High payload is also a major requirment in smart healthcare systems such as Telemedicine, and IoMT. In the proposed scheme compression and cryptographic approach is used to achieve high security and payload for EPR. Firstly, EPR is compressed using Huffman coding and then encrypted by using pseudo random key (PRK ) at the sender's side. PRK is a secret key which is shared by the certified authority/sender to the receiver of the watermarked medical image. At the receiver end, encrypted EPR is extracted from the watermarked medical image followed by decryption (using PRK received secretly) and decompression (using Huffman coding). The overall encryption and decryption process is shown as flowchart in Figure. 8. The process is explained in following subsections:

1) EPR COMPRESSION
The proposed scheme employs lossless compression technique for EPR compression, to circumvent any loss of information. There are various lossless compression techniques such as Huffman coding, LZW, RLE, bit plane coding, and arithmetic coding. Considering the computational cost and compression ratio, Huffman coding is more suitable for medical image watermarking [42]- [44]. EPR is compressed by using Huffman coding to get EPR comp which is further encrypted as explained in following subsection.

2) EPR ENCRYPTION
EPR comp pixels are shuffled with respect to PRK in order to obtain the encrypted EPR (EPR enc ) as shown in Figure 9. PRK is generated using Divide-and-Conquer (DAC) algorithm, where the data or information is recursively sub-divided into smaller problems and then combine all sub-divisions to develop a solution. The size of PRK is equal to the size of EPR comp , which implies that if, the size of EPR comp is N × N then the size of PRK will also be N × N .
Values in Z is randomized by using DAC. A random pivot point (P) is selected and the vector Z is divided into two vectors (sub intervals) called left and right sub-vectors. The selected random position is appended to the PRK vector. This process is recursively repeated until the left and right sub-vectors are empty, as shown in Figure.    generate longer series without repetition within a range of [0,2 p -1], where p is the Mersenne prime of 19937 [21]. Also, MT generator takes less time to generate larger series and is approximately twenty times faster than the hardwareimplemented processor-based RDRAND instruction set. The total computational cost to generation of pseudo random key in this approach is O(n log n), where n is the total size of watermark [39]. The process of PRK vector is explained with an example in Figure 11. Finally, PRK vector is converted into matrix of size N × N in a raster scan order to get PRK matrix. EPR pixel are shuffled according to the PRK matrix to obtain encrypted EPR (EPR enc ). The total number of different possible, PRK generated is (M /4×N /4)!. Hence, it is difficult for the attacker to guess the original key. If the watermark size is increased, the number of possible PRK also increases.

3) KEY MANAGEMENT
In the proposed scheme, a unique secret key (PRK ) is generated for every pair of cover image-watermark embedding.  This approach is less venerable in comparison to using a common single secret key for all images. Here, for key management, the unique PRK is registered and saved with the third party or certified authority [48], responsible for sharing the key with the receiver. This also avoid attacks where the attacker embeds false watermark and generate own secret keys [49], [50].

4) EPR DECRYPTION
EPR decryption is the reverse process of watermark encryption. Encrypted EPR (EPR enc ) is extracted from the watermarked medical image. EPR enc is decrypted by shuffling the pixel positions concerning PRK received secretly from the certified authority/sender. The process of decryption with respect to PRK is depicted in Figure 12. Further, decrypted EPR is decompressed by using Huffman coding to get extracted EPR.

D. QR CODE OF HOSPITAL LOGO
In the proposed scheme, QR code of hospital logo (Logo QR ) is embedded in RoNI for authentication. Logo QR is generated by using Zxing QR code generator available at [54]. Logo QR embedding avoids logo counterfeiting.

E. RoNI EMBEDDING AND EXTRACTION
The proposed scheme utilizes RoNI for robust watermark embedding by taking advantage of the fact that, RoNI is less significant in making diagnostic decisions. Three binary watermarks, i.e. QR code of hospital logo (medical image authentication information), compressed and encrypted EPR enc (confidentiality), and ROIRB (tamper recovery information) are embedded in spectral-domain using DWT-SVD hybrid transform. DWT-SVD hybrid transform is proposed to achieve high robustness against the majority of attacks. DWT transform is robust to scaling, compression and filtering attacks [32], [33]. Whereas SVD transform is robust against geometrical attacks (e.g. rotation, cropping, etc.) and common image processing attacks (e.g. histogram equalization, noise addition, filtering, etc.) [34]- [37]. RoNI embedding is explained as follows:

1) RoNI EMBEDDING
For RoNI embedding, 1-level DWT is applied on RoNI, giving four sub-bands (LL, LH, HL, and HH). LL subband constitute image approximation. HL and LH subbands incorporate facet information in unique directions (horizontal, vertical). Whereas the HH sub-band consists of high-level image information, any insertions to the HH causes distortions in the cover image. Hence, to ensure high imperceptibility, LL, LH and HL sub-bands are considered for embedding. Further, LL, LH and HL sub-band are decomposed into corresponding unitary (U, V) and singular (S) matrices, i.e. LL (U LL , S LL , V LL ), LH (U LH , S LH , V LH ) and, HL (U HL , S HL , V HL ) by applying SVD. Singular matrices contains less significant image information [41], therefore, the three watermarks i.e. RIORB, EPR enc and Logo QR are embedded in S LL , S LH and S HL respectively. For embed- ding watermarks in singular matrices, S LL , S LH and S HL are further partitioned into 4 × 4 non-overlapping blocks for higher robustness and security [41] as shown in Figure 13. Watermarks are embedded in a diagonal position in S LL , S LH and S HL using a randomly chosen scaling factor (α). Four watermark bits are inserted in each 4 × 4 non-overlapping block to achieve higher embedding capacity and imperceptibility. Finally, inverse SVD and DWT transform is applied to obtain watermarked RoNI (RoNI ). Algorithmic steps for RoNI embedding are shown in Algorithm 2. RoNI extraction is the reverse process of RoNI embedding, as explained below.

Algorithm 2 RoNI Embedding Process
where α is watermark strengthening parameter, i= 1,2,3,4 and S LL , S LH and S HL are watermarked singular matrix. 5: Apply inverse SVD followed by inverse DWT to obtain watermarked RoNI (RoNI ).
Watermarked RoI and RoNI are combined together to obtain watermarked medical image (C ). The proposed MIW scheme can be implemented for color medical images also. For color medical images, red, green and blue channels are extracted (using RGB color model). Changes in blue channel VOLUME 10, 2022 induces less distortion in the image. Using this fact, watermark is inserted in blue channel by treating it as grayscale image. After embedding, watermarked blue, red and green channels are concatenated to get the watermarked color medical image.

2) RoNI EXTRACTION
For watermark extraction from RoNI, 1-level DWT is applied on the watermarked RoNI (RoNI ) giving 4 sub-bands (LL 1 ,LH 1 , HL 1 , and HH 1 ). LL 1 , LH 1 and HL 1 sub-bands are considered for extraction since, robust watermarks are embedded in LL, LH and HL sub-bands. Further, SVD decomposition is applied on HL 1 sub-bands to get corresponding unitary and singular matrices, i.e. HL 1 (U 1 HL , S 1 HL , V 1 HL ). S 1 HL is partitioned into 4 × 4 non-overlapping blocks. QR code of hospital logo is extracted from the 4 × 4 non-overlapping blocks of S 1 HL using following relation: . S HL (i,i) and scaling factor (α) are the side information.
QR code of hospital logo is extracted and converted into corresponding hospital logo. Extracted hospital logo is used for authentication verification. If authentication is successful then further extraction of ROIRB and EPR enc is carried out otherwise extraction process is aborted. After, successful authentication, EPR extraction and tamper detection and recovery process is carried out by applying SVD on LL 1 and LH 1 sub-bands to obtain corresponding unitary and singular matrices, i.e. LL 1 . Singular matrices S 1 LL and S 1 LH are partitioned into 4 × 4 non-overlapping blocks. The two watermarks i.e. ROIRB and EPR enc are extracted from diagonal position of 4 × 4 non-overlapping blocks in S 1 LL and S 1 LH respectively using scaling factor (α) to extract two watermarks by using following equation: ROIRB = S 1 LL (i,i) -S LL (i,i)/α EPR enc = S 1 LH (i,i) -S LH (i,i)/α Further, ROIRB is used for tamper recovery to ensure integrity of RoI. EPR enc is decrypted to obtain extracted EPR. The proposed scheme is blind watermarking because the watermark can be extracted without requiring the original cover image. Algorithmic steps for RoNI extraction are shown in Algorithm 3.

IV. SIMULATION RESULTS AND DISCUSSION
Simulation has been performed to investigate the performance and relevance of the proposed scheme in the current state of the art. Simulation results and discussion is presented in this section. Grayscale and color cover images (512 × 512) of various modalities have been taken from OPENi [55], USC-SIPI [56], Kaggle [57], [58] and STARE [59] dataset as shown in Figure 15 and Figure 17. EPR and hospital logo images are taken as binary watermark each of size 64 × 64.

A. IMPERCEPTIBILITY TEST
In telemedicine, diagnosis depends largely on the visual quality of a medical image. Thus, higher imperceptibility is one of the important requirements for MIW. Subjective

Algorithm 3 RoNI Extration Process
Here, l(C, C 1 ), b(C, C 1 ), and s(C, C 1 ) can be represented as Eq. 8, Eq. 9, and Eq. 10, respectively. Where C is the cover image, C 1 is the watermarked image, µ c , µ c 1 is mean of C, C 1 respectively. σ c 2 , σ c 1 2 is the variance of C and C 1 , σ cc 1 is the co-variance of C and C 1 , p1 = (x1, v) 2 , p2 = (x2, v) 2 , p3 = p2/2, x1 = 0.001 and x2 = 0.003, v = (2M − 1), α, β, γ = 1 [19].  Imperceptibility performance of the proposed MIW scheme is studied for different types of medical images as shown in Figure 15 and the corresponding watermarked images ( α = 0.001) and extracted watermarks (EPR and hospital logo) are shown in Figure 16. Watermarked images have no significant distortion perceived by HVS. The extracted watermarks under zero attack is distinctly visible as in Figure 16. Also, the imperceptibility performance is studied in terms of PSNR and SSIM, with different scaling factor (α = 0.001, 0.01 and 0.1) and the results are tabulated in Table 1. It can be studied from Table 1    of variation in scaling factor on imperceptibility was also studied. PSNR and SSIM values for different scaling factor (α = 0.001, 0.01 and 0.1) has been presented in Table 1. The average PSNR value is 45.92 dB, and the average SSIM is 0.9188 for grayscale medical images when α = 0.01. Similarly, the average PSNR and SSIM values are 51.17 dB and 0.9708 for colour medical images. Average PSNR values for grayscale and color images are 45.95 dB and 47.42 dB respectively, whereas average SSIM for grayscale and color images are 0.9195 and 0.9505 respectively when α = 0.1. Hence, the proposed scheme demonstrates higher imperceptibility even with the high scaling factor (α = 0.1). From Table 1, it can be stated that there is no significant variation in PSNR and SSIM values with the increase in scaling factor. Imperceptibility performance evaluation was further extended for five images each of brain MRI, CT scan, ultrasound, Doppler, X-ray chest, Mammograph, skin, retina, PET brain and general images as shown in Figure 17 and results are presented in Table 2. PSNR and SSIM values for all the images of different modalities shown in Table 2 are more than 35 dB indicating good visual quality of watermarked images. From Table 1 and Table 2 it can be observed that the proposed scheme has good visual quality for medical images of various modalities.
Further, subjective evaluation of imperceptibility performance is also done for the proposed MIW scheme using Mean Opinion Score (MOS) [45]. To provide MOS, watermarked images are manually compared with the original images from various angles by a set of observers (using HVS). Each observer provides a score to the watermarked image between 0 and 10. The lowest score is 0 representing the lowest visual quality and 10 representing the highest visual quality. For each watermarked image, a normalised MOS is calculated as the average score given by the observers by using Eq. 11.
where MOS i is the mean opinion score of i th image, N Ob is the number of observers and MOS score (i.j) is the score for i th image given by N j Ob observer. Twenty persons compared the visual difference between original and watermarked images and provided individual score (between 0 and 10) for each image. MOS score is calculated using Eq.11 and is tabulated in Table 1 and Table 2. MOS is greater than 9.5 for all images with variation in scaling factor, indicating higher imperceptibility is achieved by the proposed scheme. Subjective evaluation of watermarked images shows that no observable distortion is induced by the proposed MIW scheme. The proposed MIW scheme ensures higher imperceptibility for medical images of different modalities is substantiated by subjective and objective evaluation.

B. ROBUSTNESS TEST
In the proposed MIW, the authentication, authorization, patient's record and RoI recovery information are embedded as a watermark in the medical image. Thus, higher watermark robustness becomes indispensable for MIW to facilitate correct diagnosis. Robustness of the proposed scheme has been simulated and studied under various common attacks for different scaling factors. Normalized Correlation (NC) and Bit Error Rate (BER) are taken as robustness metrics. NC represents the similarity between embedded and extracted watermarks, whereas; BER estimates the number of bits by which the embedded and extracted watermark differs. The mathematical representation for NC and BE are shown in Eq. 12 and Eq. 13 respectively.
where Wt(r,c) t and Wt 1 (r, c) are original and extracted watermarks. where where EB represents incorrectly decoded bits in an extracted watermark, TB is the total number of bits and the initial value of counter=0.
Extracted watermark from watermarked medical images under zero attacks is shown in Fig. 16. As discussed earlier, from the subjective evaluation of extracted watermark from Fig. 16, it is observed that the embedded and extracted watermarks are similar. Robustness of the proposed scheme for 50 images of different modalities under zero attack when α = 0.001 is presented in Table 2. It can be observed from Table 2 that for EPR and hospital logo, NC 1 and BER 0 i.e. close to the ideal values, for all images. This observation indicates that the proposed scheme is robust for different image modalities under zero attack when α = 0.001. Robustness performance of the proposed scheme for different scaling factors (α = 0.001, 0.01 and 0.1) under zero attack is also examined and NC and BER values are presented Table 3. From Table 3, it is observed that there is no significant variation in NC and BER values for the extracted EPR and hospital logo with different scaling factors. Watermarks are extracted successfully (under zero attack) with high scaling factor values.
Further, the robustness of the proposed scheme is evaluated under different attacks such as noising, filtering, compression and geometrical attacks on different medical images. NC and BER values of EPR and hospital logo, for MRI Chest, X-ray Arm and CT Brain images under different attacks are shown in Table 4. Results for MRI Chest, X-ray Arm and CT Brain images are only presented in Table 4 for ease of reference. From Table 4, it can be observed that the proposed scheme is highly robust against Gaussian filter, Weiner filter, Unmask filter, Butter Worth filter, sharpening translate, and JPEG compression (QF = 30, 50, 70 and 90) attack as NC and BER values are close to the ideal value. Also, it shows fair robustness against Salt & Pepper noise, Median filter, shearing, rotation, translate, resize and histogram equalization as NC and BER values are more than the threshold values. It is observed from Table 4 that for all the compression, QF, NC and BER are near to the ideal value. Robustness of the proposed scheme under different attacks with the variation in scaling factor is also analyzed, and results for MRI chest image are presented in Table 5. Analysis of NC and BER values for EPR and hospital logo from Table 5 reveals that the suggested MIW scheme is robust against the most of attacks. There is no significant degradation in the robustness performance of the suggested scheme when α = 0.1. Simulation results for different attacks affirm that the proposed scheme shows higher robustness against most attacks.

C. SECURITY KEY TEST
Confidentiality of EPR is a very important requirement for telemedicine applications. As discussed in the previous section, the original EPR is encrypted using a pseudo-random key to ensure higher confidentiality and security. The security performance of the proposed scheme has been evaluated in terms of SSIM and NC for encrypted and decrypted watermark. In Figure. 18 test binary watermark images, corresponding encrypted and decrypted image along with their SSIM and NC value has been presented. It is observed from Figure. 18 that SSIM and NC values of encrypted images are almost equal to 0, indicating that the encrypted image is very different from the original one. In contrast, SSIM and NC values of decrypted images are 1 (ideal value), indicating that the decrypted image is exactly similar to the original image. Hence, it is difficult to guess the original watermark even if the attacker is able to extract the encrypted watermark.
Further, security performance has been evaluated in terms of Correlation Coefficient (CC). The CC values (horizontal, vertical and diagonal direction) of the encrypted and decrypted image has been tabulated in Table 6. The correlation between the original watermark image and encrypted VOLUME 10, 2022 watermark image is less than 0.4, and for decrypted watermark image, correlation is 1 for all test images as shown in Table 6. It further validates that the proposed scheme has very high and effective watermark security.
The sensitivity of generated PRK is also evaluated by changing bits of PRK . Even a 1-bit difference in PRK leads to unsuccessful decryption of the encrypted watermark. Correlation between encrypted images obtained by using a generated PRK and with a 1-bit difference in the generated PRK has been computed and presented in Table 7. It is observed from Table 7 that CC values, on average, is lesser than 0.4, indicating that even a change in 1 bit will give an   entirely different encrypted image. Also, if there is even a single bit change in the pseudo-random key, decryption is unsuccessful. In Figure 19. it is seen that with the correct pseudo-random key, an exact watermark can be obtained by decryption indicated by subjective and objective evaluation as SSIM and NC is 1 for all test watermark images. Whereas VOLUME 10, 2022 FIGURE 17. 50 Medical cover images (brain MRI, CT scan, ultrasound, Doppler, X-ray chest, Mammograph, skin, retina, PET brain and general images) taken from OPENi [55], USC-SIPI [56], Kaggle [57], [58] and STARE [59].
decryption is unsuccessful even if there is a variation of 1 bit in pseudo-random key as indicated by SSIM and NC values almost equal to 0 as in Figure 19.  Further, the security performance of the proposed scheme has been tested using differential measures like Number of Pixel Changing Rate (NPCR), Unified Averaged Changed Intensity (UACI). NPCR and UACI can be mathematically expressed as follows: where EI 1 , EI 2 are cipher images with one bit difference in PRK . TP is the total number of pixels in encrypted image, and FP is the highest supported pixel value(for grayscale images, it is 255). NPCR and UACI for the proposed scheme are shown in Table 8. For five test images, the average NPCR value is 96.61, and the UACI value is 32.30, nearly equal to the ideal value. Hence, it concluded that the proposed random key approach is highly secure.

D. TAMPER DETECTION AND RECOVERY
The integrity of the medical images, especially for RoI, is very important for correct diagnosis. The effectiveness of the proposed scheme in tamper detection and recovery has been examined. Copy-paste tampering has been applied on 10% of the watermarked image (considering it as RoI).    Figure 21 that the tampered area is accurately detected, localized and recovered. The effectiveness of tamper detection and recovery of the proposed scheme has been measured in terms of accuracy rate and PSNR, respectively, and the results are shown in Table 9. The tamper detection accuracy rate is more than 97%. PSNR of the watermarked and recovered image with respect to the original image is almost equal indicating high visual quality of recovered images. Hence, it is claimed that the proposed scheme can detect and recover tampering for different image modalities.

E. COMPRESSION PERFORMANCE TEST
In the proposed scheme, Huffman coding is used for EPR compression. Compression ratio and saving% is calculated using equations Eq. 14 and Eq. 15 respectively, for LZW, RLE, and Huffman coding and presented in Table 10.
where S uc and S c are EPR before and after compression respectively. Compression ratio and saving% of commonly used lossless compression technique i.e. LZW, RLE and Huffman coding is computed and compared in Table 10 to study the effectiveness of Huffman coding for EPR compression in the proposed scheme. From Table 10, it can be studied that Huffman coding reduces more number of pixels as compared to LZW and RLE. Compression ratio and saving% of Huffman coding is higher for all the three test cases. This observation supports the effectiveness of Huffman coding for EPR compression.

F. COMPUTATIONAL COST
In this section the computational cost of the proposed scheme is analysed. For a medical cover image (M × N ) and EPR (X × X ), the computational cost ( ) of major expensive steps involved, are shown in Table 11. Considering only expensive steps, the computational cost of the proposed scheme is calculated as follows: The computational cost of the proposed MIW scheme is O(MN 2 ) as shown in Eq. 16. The proposed EPR encryp- tion and decryption scheme has low computational cost of O(XlogX ) and O(XlogX ). Run-time of the proposed EPR encryption and decryption was studied using an Intel i5 processor, 2.00 GHz, 4 GB RAM and tabulated in Table 12.
It can be observed that encryption and decryption time is quite low, nearly 0.03s and 0.01s respectively for all test cases. Also, the run-time for watermark embedding in grayscale and color images are less than 0.16s and 0.5s respectively. Similarly extraction time for grayscale and color image is nearly 0.09s and 0.13s respectively as shown in Table 13. From the analysis, it is observed that the proposed scheme has acceptable computational cost.

G. COMPARATIVE ANALYSIS
To further establish the relevance of the proposed scheme in the current state of the art, a comparative analysis of the proposed schemes is done with some of the recent and popular MIW schemes proposed by Swaraja et al. [11], Hanan [6], and Kumar & Jha [18]. Swaraja et al. [11] have proposed a blind MIW using DWT+ Schur and PSBFO optimization. They have used LZW compression to achieve high embedding capacity and security. Hanan [6] has also proposed a blind MIW scheme using DWT+SVD and LZW compression. Whereas Kumar & Jha [18] have used DCT and fractional differentiator (FD) in their blind MIW scheme. The overview of the schemes in comparison is shown in Table 14. It is observed from Table 14 that the scheme proposed in [18] has not taken authentication and tamper detection into account, which is very important in MIW. Security of the proposed scheme is higher as than [6], [11], [18] which is further discussed in detail in this section. Embedding capacity is also higher than [6], [18] as shown in Figure 22. Comparison of imperceptibility and robustness under zero attack for different medical images, i.e. MRI Chest, X-ray and CT Brain and Ultrasound, is presented in Table 15. It can be observed from Table 15 that the PSNR values of the proposed scheme are higher than Swaraja et al. [11] and Kumar & Jha [18] schemes, but ler tan Hanan [6] scheme. It is also be observed from Figure 23. Table 15 shows that the proposed scheme has a higher NC value than other schemes in comparison. Cparison of NC value for all schemes has also been shown in Figure 24. From this observation, it is concluded that the proposed scheme has higher robustness and imperceptibility for different image modalities than its counterparts. Hanan [6] scheme has higher imperceptibility than the proposed scheme but under performs in terms of robustness. The robustness of the proposed scheme is compared with the schemes under comparison for various attacks on the X-ray image and shown in Table 16. The proposed scheme has higher robustness than schemes in [6], [11], [18] under JPEG compression, Gaussian filtering and Weiner filtering. From Table 16, it is observed that the performance of the proposed scheme under the median filter is at par with its counterparts. The proposed scheme can resist salt & pepper noise and shearing attacks as the NC values are 0.87 and 0.89,  [6], [11], [18] and the proposed scheme under different attacks.
respectively, more than the threshold value but lagging behind the schemes in comparison, which can be seen as the scope of improvement in future work.
Further, the security of the proposed scheme is compared with related schemes in comparison. Swaraja et al. [11], and Hanan. [6] have used LZW (Lempel-Ziv-Welch) compression algorithm for watermark compression and confidentiality. Generally, compression is used to reduce file size and increase the data transfer rate through the internet. Compression techniques do not meet security parameters such as secret, authentication, integrity and non-rejection. In addition to that, LZW compression approach has some limitations, such as high computational latency, dictionary overhead. Hence, watermark security and confidentiality in the schemes proposed in [6], [11] is limited. Kumar & Jha. [18] proposed a cryptography based secure scheme. Here the pseudo-random key is generated using DSSS (Direct Spread Spectrum Sequence) with an initial seed value. Based on this seed value entire key sequence is generated, this is the bottleneck of Kumar & Jha. [18], and it is quite easy for the attacker to break the sequence. Cryptography approaches are good for security, that prevent data from tapping. In the proposed scheme, security is achieved by a cryptography approach using mathematical theory and algorithms to generate the pseudo-random key. It is difficult for attackers to guess the PRK generated by the proposed scheme. This discussion asserts that the proposed MIW scheme is more secure than the counterpart schemes.
Comparative analysis shows that the proposed scheme has higher imperceptibility for gray-scales and colour medical images than its counterparts. The proposed scheme has higher / similar robustness against common attacks. The security of the proposed scheme is very high as compared to other schemes. Also, the proposed scheme surpasses other schemes in terms of tamper detection and recovery accuracy. Hence, from simulation results and comparative analysis, it is claimed that the proposed scheme has superior performance to the existing schemes.

V. CONCLUSION
In this study, a MIW scheme is proposed to facilitate medical image and EPR communication in IoMT. The RoI recovery bits, encrypted EPR and hospital logo QR code is embedded into the RoNI to ensure integrity of RoI, confidentiality of ERP and ownership authentication. The scheme is successful at maintaining imperceptibility of the medical image, robustness, tamper detection and security. The proposed scheme is tested with various attacks such as filtering, compression, geometric and noising and the experimental results demonstrate that robustness is achieved for majority of attacks. The proposed tamper detection and recovery algorithm is able to achieve more than 97% accuracy for efficient tamper detection and recovery in RoI. High confidentiality and payload of EPR with low computational cost is provided by pseudo random key and Huffman coding. The proposed scheme can be used for grayscale as well as color medical images of different modalities as indicated by the experimental results. Robustness for attacks such as salt and pepper noise, rotation and shear can be improved in future work. Further, in future we wish to optimize scaling factor using optimization approaches like Soft Computing, Nature inspired optimizations techniques.