MozJPEG is a server-side JPEG encoder used by image compression platforms and social media platforms to reduce image file sizes.
One way MozJPEG makes life difficult for forensic experts is that, instead of rounding image data to the nearest whole number (the standard method that leaves a predictable “fingerprint”), it uses an optimization algorithm to selectively alter pixel values. It chooses whichever values save the most file space without visibly changing the image. This process removes or alters important image information, including metadata (EXIF, XMP, and IPTC data).
If you analyze images processed by MozJPEG, you will notice that the JFIF header contains very minimal information, which is not helpful for forensic investigation.
MozJPEG also includes an algorithm designed to remove the faint “ghosts” that appear around sharp edges in compressed images. Many forgery detection algorithms rely on these artifacts to identify where an object has been spliced into a photo. By smoothing them out, MozJPEG acts as a natural “forgery hider,” making it difficult to detect sharp mathematical boundaries between manipulated objects and real backgrounds.
Even if you try to reverse, for instance, a PNG image that has been processed by MozJPEG back to its original form, it becomes mathematically impossible, because much of the original image data is lost during processing.
Ongoing Research
At ForensicGrid, we are still conducting further research on how to predict original images processed by MozJPEG. Currently, we are analyzing structural gaps in such images to determine whether it is possible to mathematically reconstruct or approximate the original image data before MozJPEG processing.