Hiding Visual Information via Obfuscating Adversarial Perturbations

TL;DR

This paper introduces a novel method that uses adversarial perturbations to obscure visual information in data, enhancing privacy without compromising model performance.

Contribution

It proposes a flexible adversarial visual information hiding technique that does not alter model parameters, effectively protecting privacy while maintaining recognition accuracy.

Findings

Effectively hides visual information in data.

Maintains high recognition and classification performance.

Does not require modifying model parameters.

Abstract

Growing leakage and misuse of visual information raise security and privacy concerns, which promotes the development of information protection. Existing adversarial perturbations-based methods mainly focus on the de-identification against deep learning models. However, the inherent visual information of the data has not been well protected. In this work, inspired by the Type-I adversarial attack, we propose an adversarial visual information hiding method to protect the visual privacy of data. Specifically, the method generates obfuscating adversarial perturbations to obscure the visual information of the data. Meanwhile, it maintains the hidden objectives to be correctly predicted by models. In addition, our method does not modify the parameters of the applied model, which makes it flexible for different scenarios. Experimental results on the recognition and classification tasks demonstrate that the proposed method can effectively hide visual information and hardly affect the performances of models. The code is available in the supplementary material.