In the integrity checking context of multimedia contents, a malicious user aims at devising a forged content in order to fool a watermarker by making him use as a genuine content. By considering that the watermark acts as an integrity stamp, the false-alarm probability to recover the watermark signature in a forged content is the criterion of interest. We study and solve a game for this criterion between a watermarker and a falsifier which is allowed to perform a substitution attack, i.e. replace the watermarked signal by a non-watermarked content. As for the watermarker, we are concerned with additive spread-spectrum (SS) embedding. Signals are modeled by parallel colored gaussian processes. Due to the intractability of the false-alarm probability, we resort to Chernoff bound as an alternative cost. Our study confirms some common heuristics: the best attacker choice is to substitute the watermarked host signal using a signal which has very close statistics to the original host sign...