527 research outputs found
DP-Image: Differential Privacy for Image Data in Feature Space
The excessive use of images in social networks, government databases, and
industrial applications has posed great privacy risks and raised serious
concerns from the public. Even though differential privacy (DP) is a widely
accepted criterion that can provide a provable privacy guarantee, the
application of DP on unstructured data such as images is not trivial due to the
lack of a clear qualification on the meaningful difference between any two
images. In this paper, for the first time, we introduce a novel notion of
image-aware differential privacy, referred to as DP-image, that can protect
user's personal information in images, from both human and AI adversaries. The
DP-Image definition is formulated as an extended version of traditional
differential privacy, considering the distance measurements between feature
space vectors of images. Then we propose a mechanism to achieve DP-Image by
adding noise to an image feature vector. Finally, we conduct experiments with a
case study on face image privacy. Our results show that the proposed DP-Image
method provides excellent DP protection on images, with a controllable
distortion to faces
Separating Two-Round Secure Computation From Oblivious Transfer
We consider the question of minimizing the round complexity of protocols for secure multiparty computation (MPC) with security against an arbitrary number of semi-honest parties. Very recently, Garg and Srinivasan (Eurocrypt 2018) and Benhamouda and Lin (Eurocrypt 2018) constructed such 2-round MPC protocols from minimal assumptions. This was done by showing a round preserving reduction to the task of secure 2-party computation of the oblivious transfer functionality (OT). These constructions made a novel non-black-box use of the underlying OT protocol. The question remained whether this can be done by only making black-box use of 2-round OT. This is of theoretical and potentially also practical value as black-box use of primitives tends to lead to more efficient constructions.
Our main result proves that such a black-box construction is impossible, namely that non-black-box use of OT is necessary. As a corollary, a similar separation holds when starting with any 2-party functionality other than OT.
As a secondary contribution, we prove several additional results that further clarify the landscape of black-box MPC with minimal interaction. In particular, we complement the separation from 2-party functionalities by presenting a complete 4-party functionality, give evidence for the difficulty of ruling out a complete 3-party functionality and for the difficulty of ruling out black-box constructions of 3-round MPC from 2-round OT, and separate a relaxed "non-compact" variant of 2-party homomorphic secret sharing from 2-round OT
Privacy Intelligence: A Survey on Image Sharing on Online Social Networks
Image sharing on online social networks (OSNs) has become an indispensable
part of daily social activities, but it has also led to an increased risk of
privacy invasion. The recent image leaks from popular OSN services and the
abuse of personal photos using advanced algorithms (e.g. DeepFake) have
prompted the public to rethink individual privacy needs when sharing images on
OSNs. However, OSN image sharing itself is relatively complicated, and systems
currently in place to manage privacy in practice are labor-intensive yet fail
to provide personalized, accurate and flexible privacy protection. As a result,
an more intelligent environment for privacy-friendly OSN image sharing is in
demand. To fill the gap, we contribute a systematic survey of 'privacy
intelligence' solutions that target modern privacy issues related to OSN image
sharing. Specifically, we present a high-level analysis framework based on the
entire lifecycle of OSN image sharing to address the various privacy issues and
solutions facing this interdisciplinary field. The framework is divided into
three main stages: local management, online management and social experience.
At each stage, we identify typical sharing-related user behaviors, the privacy
issues generated by those behaviors, and review representative intelligent
solutions. The resulting analysis describes an intelligent privacy-enhancing
chain for closed-loop privacy management. We also discuss the challenges and
future directions existing at each stage, as well as in publicly available
datasets.Comment: 32 pages, 9 figures. Under revie
A Study of Face Obfuscation in ImageNet
Face obfuscation (blurring, mosaicing, etc.) has been shown to be effective
for privacy protection; nevertheless, object recognition research typically
assumes access to complete, unobfuscated images. In this paper, we explore the
effects of face obfuscation on the popular ImageNet challenge visual
recognition benchmark. Most categories in the ImageNet challenge are not people
categories; however, many incidental people appear in the images, and their
privacy is a concern. We first annotate faces in the dataset. Then we
demonstrate that face obfuscation has minimal impact on the accuracy of
recognition models. Concretely, we benchmark multiple deep neural networks on
obfuscated images and observe that the overall recognition accuracy drops only
slightly (<= 1.0%). Further, we experiment with transfer learning to 4
downstream tasks (object recognition, scene recognition, face attribute
classification, and object detection) and show that features learned on
obfuscated images are equally transferable. Our work demonstrates the
feasibility of privacy-aware visual recognition, improves the highly-used
ImageNet challenge benchmark, and suggests an important path for future visual
datasets. Data and code are available at
https://github.com/princetonvisualai/imagenet-face-obfuscation.Comment: Accepted to ICML 202
Survey: Leakage and Privacy at Inference Time
Leakage of data from publicly available Machine Learning (ML) models is an
area of growing significance as commercial and government applications of ML
can draw on multiple sources of data, potentially including users' and clients'
sensitive data. We provide a comprehensive survey of contemporary advances on
several fronts, covering involuntary data leakage which is natural to ML
models, potential malevolent leakage which is caused by privacy attacks, and
currently available defence mechanisms. We focus on inference-time leakage, as
the most likely scenario for publicly available models. We first discuss what
leakage is in the context of different data, tasks, and model architectures. We
then propose a taxonomy across involuntary and malevolent leakage, available
defences, followed by the currently available assessment metrics and
applications. We conclude with outstanding challenges and open questions,
outlining some promising directions for future research
White-box implementation to advantage DRM
Digital Rights Management (DRM) is a popular approach for secure content distribution. Typically, DRM encrypts the content before delivers it. Most DRM applications use secure algorithms to protect content. However, executing these algorithms in an insecure environment may allow adversaries to compromise the system and obtain the key. To withstand such attack, algorithm implementation is modified in such a way to make the implementation unintelligible, namely obfuscation approach. White-box cryptography (WBC) is an obfuscation technique intended to protect secret keys from being disclosed in a software implementation using a fully transparent methodology. This mechanism is appropriate for DRM applications and able to enhance security for the content provider. However, DRM is required to provide a balanced protection for the content provider and users. We construct a protocol on implementing WBC to improve DRM system. The system does not only provide security for the content provider but also preserves privacy for users
- …