Detect suspicious edits in digital photos using image forensics (not magic—statistics). This project scores images and highlights regions where compression looks inconsistent, which often appears when areas were pasted, heavily retouched, or re-saved.
Live demo: Open the Streamlit app
- Upload an image and get a suspicion score (0–1, higher = more suspicious for this baseline).
- View an ELA-based heatmap overlay (palette selectable) plus a scale-gap map: two ELA passes at different JPEG strengths; the gap highlights regions where recompression behaves differently.
- Read an auto-generated forensic brief (plain-language bullets, benign explanations, and a short case signature you can share with a report).
- Save each run to a SQLite database and browse history in the app, or use private session to skip the database.
- Optional: run from CLI or call a FastAPI endpoint for integrations.
Use case: education, cybersecurity awareness, and quick screening—not a court-grade forensic guarantee.
- Error Level Analysis (ELA): the image is re-compressed (JPEG). Differences between the original and re-compressed version reveal inconsistent compression—common near edits or mixed sources.
- Scale-gap: ELA is run at the chosen quality and at a lower quality; the absolute difference between them is a second map, with correlation/mean-diff features for context.
- Extra signals: simple statistics on the ELA map plus edge/texture energy (Laplacian variance).
- Score: a small heuristic combines these into one number (same ELA+Laplacian mix as before).
| Layer | Technology |
|---|---|
| Detection logic | Python, NumPy, Pillow, OpenCV (headless on servers) |
| Web UI | Streamlit |
| API | FastAPI + Uvicorn |
| Storage | SQLite (scan metadata + paths to artifacts) |
| Deploy | Streamlit Community Cloud |
digital-image-tampering-detection-ai/
├── streamlit_app.py # Web UI
├── requirements.txt # Dependencies (+ editable install: -e .)
├── pyproject.toml
├── src/tamperdetect/ # Core package
│ ├── core.py
│ ├── artifacts.py
│ ├── db.py
│ ├── cli.py
│ ├── api.py
│ ├── io_utils.py
│ ├── insights.py # Forensic brief + case signature
│ └── models/baseline.py # ELA + scoring
├── tests/
└── README.md
cd "C:\path\to\digital-image-tampering-detection-ai"python -m venv .venv
.\.venv\Scripts\Activate.ps1
pip install -r requirements.txt(requirements.txt includes -e . so the tamperdetect package is installed from this repo.)
streamlit run streamlit_app.pyOpen the URL shown in the terminal (usually http://localhost:8501).
Analyze a file and write JSON + images under outputs/:
python -m tamperdetect.cli --image "C:\path\to\photo.jpg" --out_dir outputsAlso log the run to SQLite:
python -m tamperdetect.cli --image "C:\path\to\photo.jpg" --out_dir outputs --db data\tamperdetect.sqlite3uvicorn tamperdetect.api:app --host 127.0.0.1 --port 8000- Health:
GET /health - Analyze:
POST /analyze(multipart file upload)
Optional query: db_path=... to record metadata in SQLite.
- Push this repo to GitHub.
- On Streamlit Community Cloud, create an app:
- Repository: your fork/repo
- Main file:
streamlit_app.py
requirements.txtmust include-e .andopencv-python-headlessfor Linux hosting.
- High scores can come from social re-compression, screenshots, filters, or sharp text—not only “Photoshop.”
- Best treated as a screening tool; serious investigations need trained models, chain-of-custody, and expert review.
See LICENSE (MIT unless you change it).
Built as a cybersecurity / digital forensics learning project for detecting likely image tampering.