A Privacy Preserving Method with a Random Orthogonal Matrix for ConvMixer Models

• URL: http://arxiv.org/abs/2301.03843v1
• Date: Tue, 10 Jan 2023 08:21:19 GMT
• Title: A Privacy Preserving Method with a Random Orthogonal Matrix for ConvMixer Models
• Authors: Rei Aso, Tatsuya Chuman and Hitoshi Kiya
• Abstract summary: A privacy preserving image classification method is proposed under the use of ConvMixer models. The proposed method allows us to use the same classification accuracy as that of ConvMixer models without considering privacy protection.
• Score: 13.653940190782146
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: In this paper, a privacy preserving image classification method is proposed under the use of ConvMixer models. To protect the visual information of test images, a test image is divided into blocks, and then every block is encrypted by using a random orthogonal matrix. Moreover, a ConvMixer model trained with plain images is transformed by the random orthogonal matrix used for encrypting test images, on the basis of the embedding structure of ConvMixer. The proposed method allows us not only to use the same classification accuracy as that of ConvMixer models without considering privacy protection but to also enhance robustness against various attacks compared to conventional privacy-preserving learning.

Related papers

• Enhancing User-Centric Privacy Protection: An Interactive Framework through Diffusion Models and Machine Unlearning [54.30994558765057]
  The study pioneers a comprehensive privacy protection framework that safeguards image data privacy concurrently during data sharing and model publication. We propose an interactive image privacy protection framework that utilizes generative machine learning models to modify image information at the attribute level. Within this framework, we instantiate two modules: a differential privacy diffusion model for protecting attribute information in images and a feature unlearning algorithm for efficient updates of the trained model on the revised image dataset.
  arXiv  Detail & Related papers  (2024-09-05T07:55:55Z)
• Privacy-Preserving Vision Transformer Using Images Encrypted with Restricted Random Permutation Matrices [5.311735227179715]
  We propose a novel method for privacy-preserving fine-tuning vision transformers (ViTs) with encrypted images. Conventional methods using encrypted images degrade model performance compared with that of using plain images due to the influence of image encryption.
  arXiv  Detail & Related papers  (2024-08-16T04:57:21Z)
• PRO-Face S: Privacy-preserving Reversible Obfuscation of Face Images via Secure Flow [69.78820726573935]
  We name it PRO-Face S, short for Privacy-preserving Reversible Obfuscation of Face images via Secure flow-based model. In the framework, an Invertible Neural Network (INN) is utilized to process the input image along with its pre-obfuscated form, and generate the privacy protected image that visually approximates to the pre-obfuscated one.
  arXiv  Detail & Related papers  (2023-07-18T10:55:54Z)
• Not All Image Regions Matter: Masked Vector Quantization for Autoregressive Image Generation [78.13793505707952]
  Existing autoregressive models follow the two-stage generation paradigm that first learns a codebook in the latent space for image reconstruction and then completes the image generation autoregressively based on the learned codebook. We propose a novel two-stage framework, which consists of Masked Quantization VAE (MQ-VAE) Stack model from modeling redundancy.
  arXiv  Detail & Related papers  (2023-05-23T02:15:53Z)
• Improving Masked Autoencoders by Learning Where to Mask [65.89510231743692]
  Masked image modeling is a promising self-supervised learning method for visual data. We present AutoMAE, a framework that uses Gumbel-Softmax to interlink an adversarially-trained mask generator and a mask-guided image modeling process. In our experiments, AutoMAE is shown to provide effective pretraining models on standard self-supervised benchmarks and downstream tasks.
  arXiv  Detail & Related papers  (2023-03-12T05:28:55Z)
• Masked Images Are Counterfactual Samples for Robust Fine-tuning [77.82348472169335]
  Fine-tuning deep learning models can lead to a trade-off between in-distribution (ID) performance and out-of-distribution (OOD) robustness. We propose a novel fine-tuning method, which uses masked images as counterfactual samples that help improve the robustness of the fine-tuning model.
  arXiv  Detail & Related papers  (2023-03-06T11:51:28Z)
• MaskSketch: Unpaired Structure-guided Masked Image Generation [56.88038469743742]
  MaskSketch is an image generation method that allows spatial conditioning of the generation result using a guiding sketch as an extra conditioning signal during sampling. We show that intermediate self-attention maps of a masked generative transformer encode important structural information of the input image. Our results show that MaskSketch achieves high image realism and fidelity to the guiding structure.
  arXiv  Detail & Related papers  (2023-02-10T20:27:02Z)
• Privacy-Preserving Image Classification Using ConvMixer with Adaptive Permutation Matrix [13.890279045382623]
  We propose a privacy-preserving image classification method using encrypted images under the use of the ConvMixer structure. Images with a large size cannot be applied to the conventional method with an adaptation network. We propose a novel method, which allows us not only to apply block-wise scrambled images to ConvMixer for both training and testing without the adaptation network.
  arXiv  Detail & Related papers  (2022-08-04T09:55:31Z)
• An Encryption Method of ConvMixer Models without Performance Degradation [14.505867475659276]
  We propose an encryption method for ConvMixer models with a secret key. The effectiveness of the proposed method is evaluated in terms of classification accuracy and model protection.
  arXiv  Detail & Related papers  (2022-07-25T07:09:16Z)
• Privacy-Preserving Image Classification Using Vision Transformer [16.679394807198]
  We propose a privacy-preserving image classification method that is based on the combined use of encrypted images and the vision transformer (ViT) ViT utilizes patch embedding and position embedding for image patches, so this architecture is shown to reduce the influence of block-wise image transformation. In an experiment, the proposed method for privacy-preserving image classification is demonstrated to outperform state-of-the-art methods in terms of classification accuracy and robustness against various attacks.
  arXiv  Detail & Related papers  (2022-05-24T12:51:48Z)
• Privacy-Preserving Image Classification Using Isotropic Network [14.505867475659276]
  We propose a privacy-preserving image classification method that uses encrypted images and an isotropic network such as the vision transformer. The proposed method allows us not only to apply images without visual information to deep neural networks (DNNs) for both training and testing but also to maintain a high classification accuracy.
  arXiv  Detail & Related papers  (2022-04-16T03:15:54Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.