Data visualization faces covert tampering threats from image editing—particularly data manipulation and visual encoding manipulation—undermining trustworthiness. To address this, we propose the first unified framework for tampering detection, localization, and intent interpretation. Our method employs a semi-fragile watermarking scheme to precisely localize tampered regions (96.3% localization accuracy) and integrates a multimodal large language model (MLLM) to perform semantic-level inference of misleading intent (>89% classification accuracy). We introduce a novel synergistic mechanism between watermark-derived localization maps and MLLM-based intent reasoning, enabling both spatial encoding of tampered positions and attribution analysis. Extensive experiments on diverse tampering benchmarks validate robustness and generalizability; user studies further demonstrate significant improvement in analysts’ ability to detect visual deception. This work establishes an interpretable, deployable technical pathway for ensuring visualization authenticity.

The integrity of data visualizations is increasingly threatened by image editing techniques that enable subtle yet deceptive tampering. Through a formative study, we define this challenge and categorize tampering techniques into two primary types: data manipulation and visual encoding manipulation. To address this, we present VizDefender, a framework for tampering detection and analysis. The framework integrates two core components: 1) a semi-fragile watermark module that protects the visualization by embedding a location map to images, which allows for the precise localization of tampered regions while preserving visual quality, and 2) an intent analysis module that leverages Multimodal Large Language Models (MLLMs) to interpret manipulation, inferring the attacker's intent and misleading effects. Extensive evaluations and user studies demonstrate the effectiveness of our methods.