A Privacy Preserving Method with a Random Orthogonal Matrix for ConvMixer Models
Rei Aso, Tatsuya Chuman, Hitoshi Kiya
TL;DR
This paper introduces a privacy-preserving image classification method using random orthogonal matrices with ConvMixer models, maintaining accuracy and improving robustness against attacks.
Contribution
It presents a novel encryption approach for test images and a model transformation technique that preserves accuracy and enhances security in image classification.
Findings
Maintains classification accuracy comparable to standard ConvMixer models.
Enhances robustness against various privacy attacks.
Uses encryption and model transformation to protect visual information.
Abstract
In this paper, a privacy preserving image classification method is proposed under the use of ConvMixer models. To protect the visual information of test images, a test image is divided into blocks, and then every block is encrypted by using a random orthogonal matrix. Moreover, a ConvMixer model trained with plain images is transformed by the random orthogonal matrix used for encrypting test images, on the basis of the embedding structure of ConvMixer. The proposed method allows us not only to use the same classification accuracy as that of ConvMixer models without considering privacy protection but to also enhance robustness against various attacks compared to conventional privacy-preserving learning.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsDigital Media Forensic Detection · Chaos-based Image/Signal Encryption · Biometric Identification and Security
MethodsTest