Towards Face Encryption by Generating Adversarial Identity Masks
- URL: http://arxiv.org/abs/2003.06814v2
- Date: Mon, 16 Aug 2021 05:52:55 GMT
- Title: Towards Face Encryption by Generating Adversarial Identity Masks
- Authors: Xiao Yang, Yinpeng Dong, Tianyu Pang, Hang Su, Jun Zhu, Yuefeng Chen,
Hui Xue
- Abstract summary: We propose a targeted identity-protection iterative method (TIP-IM) to generate adversarial identity masks.
TIP-IM provides 95%+ protection success rate against various state-of-the-art face recognition models.
- Score: 53.82211571716117
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: As billions of personal data being shared through social media and network,
the data privacy and security have drawn an increasing attention. Several
attempts have been made to alleviate the leakage of identity information from
face photos, with the aid of, e.g., image obfuscation techniques. However, most
of the present results are either perceptually unsatisfactory or ineffective
against face recognition systems. Our goal in this paper is to develop a
technique that can encrypt the personal photos such that they can protect users
from unauthorized face recognition systems but remain visually identical to the
original version for human beings. To achieve this, we propose a targeted
identity-protection iterative method (TIP-IM) to generate adversarial identity
masks which can be overlaid on facial images, such that the original identities
can be concealed without sacrificing the visual quality. Extensive experiments
demonstrate that TIP-IM provides 95\%+ protection success rate against various
state-of-the-art face recognition models under practical test scenarios.
Besides, we also show the practical and effective applicability of our method
on a commercial API service.
Related papers
- ID-Guard: A Universal Framework for Combating Facial Manipulation via Breaking Identification [60.73617868629575]
misuse of deep learning-based facial manipulation poses a potential threat to civil rights.
To prevent this fraud at its source, proactive defense technology was proposed to disrupt the manipulation process.
We propose a novel universal framework for combating facial manipulation, called ID-Guard.
arXiv Detail & Related papers (2024-09-20T09:30:08Z) - Privacy-preserving Optics for Enhancing Protection in Face De-identification [60.110274007388135]
We propose a hardware-level face de-identification method to solve this vulnerability.
We also propose an anonymization framework that generates a new face using the privacy-preserving image, face heatmap, and a reference face image from a public dataset as input.
arXiv Detail & Related papers (2024-03-31T19:28:04Z) - Privacy-Preserving Face Recognition Using Trainable Feature Subtraction [40.47645421424354]
Face recognition has led to increasing privacy concerns.
This paper explores face image protection against viewing and recovery attacks.
We distill our methodologies into a novel privacy-preserving face recognition method, MinusFace.
arXiv Detail & Related papers (2024-03-19T05:27:52Z) - Diff-Privacy: Diffusion-based Face Privacy Protection [58.1021066224765]
In this paper, we propose a novel face privacy protection method based on diffusion models, dubbed Diff-Privacy.
Specifically, we train our proposed multi-scale image inversion module (MSI) to obtain a set of SDM format conditional embeddings of the original image.
Based on the conditional embeddings, we design corresponding embedding scheduling strategies and construct different energy functions during the denoising process to achieve anonymization and visual identity information hiding.
arXiv Detail & Related papers (2023-09-11T09:26:07Z) - Face Encryption via Frequency-Restricted Identity-Agnostic Attacks [25.198662208981467]
Malicious collectors use deep face recognition systems to easily steal biometric information.
We propose a frequency-restricted identity-agnostic (FRIA) framework to encrypt face images from unauthorized face recognition.
arXiv Detail & Related papers (2023-08-11T07:38:46Z) - CLIP2Protect: Protecting Facial Privacy using Text-Guided Makeup via
Adversarial Latent Search [10.16904417057085]
Deep learning based face recognition systems can enable unauthorized tracking of users in the digital world.
Existing methods for enhancing privacy fail to generate naturalistic images that can protect facial privacy without compromising user experience.
We propose a novel two-step approach for facial privacy protection that relies on finding adversarial latent codes in the low-dimensional manifold of a pretrained generative model.
arXiv Detail & Related papers (2023-06-16T17:58:15Z) - Attribute-Guided Encryption with Facial Texture Masking [64.77548539959501]
We propose Attribute Guided Encryption with Facial Texture Masking to protect users from unauthorized facial recognition systems.
Our proposed method produces more natural-looking encrypted images than state-of-the-art methods.
arXiv Detail & Related papers (2023-05-22T23:50:43Z) - OPOM: Customized Invisible Cloak towards Face Privacy Protection [58.07786010689529]
We investigate the face privacy protection from a technology standpoint based on a new type of customized cloak.
We propose a new method, named one person one mask (OPOM), to generate person-specific (class-wise) universal masks.
The effectiveness of the proposed method is evaluated on both common and celebrity datasets.
arXiv Detail & Related papers (2022-05-24T11:29:37Z) - A Systematical Solution for Face De-identification [6.244117712209321]
In different tasks, people have various requirements for face de-identification (De-ID)
We propose a systematical solution compatible for these De-ID operations.
Our method can flexibly de-identify the face data in various ways and the processed images have high image quality.
arXiv Detail & Related papers (2021-07-19T02:02:51Z) - IdentityDP: Differential Private Identification Protection for Face
Images [17.33916392050051]
Face de-identification, also known as face anonymization, refers to generating another image with similar appearance and the same background, while the real identity is hidden.
We propose IdentityDP, a face anonymization framework that combines a data-driven deep neural network with a differential privacy mechanism.
Our model can effectively obfuscate the identity-related information of faces, preserve significant visual similarity, and generate high-quality images.
arXiv Detail & Related papers (2021-03-02T14:26:00Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.