Privacy-Preserving Image Classification Using Isotropic Network

• URL: http://arxiv.org/abs/2204.07707v1
• Date: Sat, 16 Apr 2022 03:15:54 GMT
• Title: Privacy-Preserving Image Classification Using Isotropic Network
• Authors: AprilPyone MaungMaung and Hitoshi Kiya
• Abstract summary: We propose a privacy-preserving image classification method that uses encrypted images and an isotropic network such as the vision transformer. The proposed method allows us not only to apply images without visual information to deep neural networks (DNNs) for both training and testing but also to maintain a high classification accuracy.
• Score: 14.505867475659276
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: In this paper, we propose a privacy-preserving image classification method that uses encrypted images and an isotropic network such as the vision transformer. The proposed method allows us not only to apply images without visual information to deep neural networks (DNNs) for both training and testing but also to maintain a high classification accuracy. In addition, compressible encrypted images, called encryption-then-compression (EtC) images, can be used for both training and testing without any adaptation network. Previously, to classify EtC images, an adaptation network was required before a classification network, so methods with an adaptation network have been only tested on small images. To the best of our knowledge, previous privacy-preserving image classification methods have never considered image compressibility and patch embedding-based isotropic networks. In an experiment, the proposed privacy-preserving image classification was demonstrated to outperform state-of-the-art methods even when EtC images were used in terms of classification accuracy and robustness against various attacks under the use of two isotropic networks: vision transformer and ConvMixer.

Related papers

• Efficient Fine-Tuning with Domain Adaptation for Privacy-Preserving Vision Transformer [6.476298483207895]
  We propose a novel method for privacy-preserving deep neural networks (DNNs) with the Vision Transformer (ViT) The method allows us not only to train models and test with visually protected images but to also avoid the performance degradation caused from the use of encrypted images. A domain adaptation method is used to efficiently fine-tune ViT with encrypted images.
  arXiv  Detail & Related papers  (2024-01-10T12:46:31Z)
• Transferable Learned Image Compression-Resistant Adversarial Perturbations [66.46470251521947]
  Adversarial attacks can readily disrupt the image classification system, revealing the vulnerability of DNN-based recognition tasks. We introduce a new pipeline that targets image classification models that utilize learned image compressors as pre-processing modules.
  arXiv  Detail & Related papers  (2024-01-06T03:03:28Z)
• Recoverable Privacy-Preserving Image Classification through Noise-like Adversarial Examples [26.026171363346975]
  Cloud-based image related services such as classification have become crucial. In this study, we propose a novel privacypreserving image classification scheme. encrypted images can be decrypted back into their original form with high fidelity (recoverable) using a secret key.
  arXiv  Detail & Related papers  (2023-10-19T13:01:58Z)
• Fine-grained Recognition with Learnable Semantic Data Augmentation [68.48892326854494]
  Fine-grained image recognition is a longstanding computer vision challenge. We propose diversifying the training data at the feature-level to alleviate the discriminative region loss problem. Our method significantly improves the generalization performance on several popular classification networks.
  arXiv  Detail & Related papers  (2023-09-01T11:15:50Z)
• Human-imperceptible, Machine-recognizable Images [76.01951148048603]
  A major conflict is exposed relating to software engineers between better developing AI systems and distancing from the sensitive training data. This paper proposes an efficient privacy-preserving learning paradigm, where images are encrypted to become human-imperceptible, machine-recognizable'' We show that the proposed paradigm can ensure the encrypted images have become human-imperceptible while preserving machine-recognizable information.
  arXiv  Detail & Related papers  (2023-06-06T13:41:37Z)
• Traditional Classification Neural Networks are Good Generators: They are Competitive with DDPMs and GANs [104.72108627191041]
  We show that conventional neural network classifiers can generate high-quality images comparable to state-of-the-art generative models. We propose a mask-based reconstruction module to make semantic gradients-aware to synthesize plausible images. We show that our method is also applicable to text-to-image generation by regarding image-text foundation models.
  arXiv  Detail & Related papers  (2022-11-27T11:25:35Z)
• Privacy-Preserving Image Classification Using ConvMixer with Adaptive Permutation Matrix [13.890279045382623]
  We propose a privacy-preserving image classification method using encrypted images under the use of the ConvMixer structure. Images with a large size cannot be applied to the conventional method with an adaptation network. We propose a novel method, which allows us not only to apply block-wise scrambled images to ConvMixer for both training and testing without the adaptation network.
  arXiv  Detail & Related papers  (2022-08-04T09:55:31Z)
• Privacy-Preserving Image Classification Using Vision Transformer [16.679394807198]
  We propose a privacy-preserving image classification method that is based on the combined use of encrypted images and the vision transformer (ViT) ViT utilizes patch embedding and position embedding for image patches, so this architecture is shown to reduce the influence of block-wise image transformation. In an experiment, the proposed method for privacy-preserving image classification is demonstrated to outperform state-of-the-art methods in terms of classification accuracy and robustness against various attacks.
  arXiv  Detail & Related papers  (2022-05-24T12:51:48Z)
• Image Transformation Network for Privacy-Preserving Deep Neural Networks and Its Security Evaluation [17.134566958534634]
  We propose a transformation network for generating visually-protected images for privacy-preserving DNNs. The proposed network enables us not only to strongly protect visual information but also to maintain the image classification accuracy that using plain images achieves.
  arXiv  Detail & Related papers  (2020-08-07T12:58:45Z)
• I Am Going MAD: Maximum Discrepancy Competition for Comparing Classifiers Adaptively [135.7695909882746]
  We name the MAximum Discrepancy (MAD) competition. We adaptively sample a small test set from an arbitrarily large corpus of unlabeled images. Human labeling on the resulting model-dependent image sets reveals the relative performance of the competing classifiers.
  arXiv  Detail & Related papers  (2020-02-25T03:32:29Z)
• Discernible Image Compression [124.08063151879173]
  This paper aims to produce compressed images by pursuing both appearance and perceptual consistency. Based on the encoder-decoder framework, we propose using a pre-trained CNN to extract features of the original and compressed images. Experiments on benchmarks demonstrate that images compressed by using the proposed method can also be well recognized by subsequent visual recognition and detection models.
  arXiv  Detail & Related papers  (2020-02-17T07:35:08Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.