Human-imperceptible, Machine-recognizable Images

Fusheng Hao; Fengxiang He; Yikai Wang; Fuxiang Wu; Jing Zhang; Jun; Cheng; Dacheng Tao

arXiv:2306.03679·cs.CV·June 7, 2023·1 cites

Human-imperceptible, Machine-recognizable Images

Fusheng Hao, Fengxiang He, Yikai Wang, Fuxiang Wu, Jing Zhang, Jun, Cheng, Dacheng Tao

PDF

Open Access 1 Repo

TL;DR

This paper introduces a privacy-preserving learning method where images are encrypted to be human-imperceptible yet still recognizable by machines, enabling effective vision tasks without exposing sensitive data.

Contribution

It proposes a novel encryption strategy and minimal model adaptations allowing vision transformers to learn from encrypted images, ensuring privacy and maintaining accuracy.

Findings

01

Achieves comparable accuracy to traditional methods on ImageNet and COCO.

02

Encrypted images are intractable to decrypt by attackers, including vision transformer-based ones.

03

Ensures privacy by making images human-imperceptible while machine-recognizable.

Abstract

Massive human-related data is collected to train neural networks for computer vision tasks. A major conflict is exposed relating to software engineers between better developing AI systems and distancing from the sensitive training data. To reconcile this conflict, this paper proposes an efficient privacy-preserving learning paradigm, where images are first encrypted to become ``human-imperceptible, machine-recognizable'' via one of the two encryption strategies: (1) random shuffling to a set of equally-sized patches and (2) mixing-up sub-patches of the images. Then, minimal adaptations are made to vision transformer to enable it to learn on the encrypted images for vision tasks, including image classification and object detection. Extensive experiments on ImageNet and COCO show that the proposed paradigm achieves comparable accuracy with the competitive methods. Decrypting the encrypted…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Code & Models

Repositories

fushenghao/privacypreservingml
noneOfficial

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsDigital Media Forensic Detection · Chaos-based Image/Signal Encryption · Adversarial Robustness in Machine Learning

MethodsAttention Is All You Need · Residual Connection · Linear Layer · Layer Normalization · Softmax · Dense Connections · Multi-Head Attention · Vision Transformer · Jigsaw