Access the full text.
Sign up today, get DeepDyve free for 14 days.
Kenta Chinomi, Naoko Nitta, Yoshimichi Ito, N. Babaguchi (2008)
PriSurv: Privacy Protected Video Surveillance System Using Adaptive Visual Abstraction
Shawn Shan, Emily Wenger, Jiayun Zhang, Huiying Li, Haitao Zheng, Ben Zhao (2020)
Fawkes: Protecting Personal Privacy against Unauthorized Deep Learning ModelsArXiv, abs/2002.08327
R. McPherson, R. Shokri, Vitaly Shmatikov (2016)
Defeating Image Obfuscation with Deep LearningArXiv, abs/1609.00408
Qianru Sun, A. Tewari, Weipeng Xu, Mario Fritz, C. Theobalt, B. Schiele (2018)
A Hybrid Model for Identity Obfuscation by Face ReplacementArXiv, abs/1804.04779
Seyed-Mohsen Moosavi-Dezfooli, Alhussein Fawzi, P. Frossard (2015)
DeepFool: A Simple and Accurate Method to Fool Deep Neural Networks2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR)
K. Simonyan, Andrew Zisserman (2014)
Very Deep Convolutional Networks for Large-Scale Image RecognitionCoRR, abs/1409.1556
Lior Wolf, Tal Hassner, I. Maoz (2011)
Face recognition in unconstrained videos with matched background similarityCVPR 2011
E. Reinhard, G. Ward, S. Pattanaik, P. Debevec, W. Heidrich, K. Myszkowski (2010)
High Dynamic Range Imaging: Acquisition, Display, and Image-Based Lighting
Christian Szegedy, Wojciech Zaremba, Ilya Sutskever, Joan Bruna, D. Erhan, I. Goodfellow, R. Fergus (2013)
Intriguing properties of neural networksCoRR, abs/1312.6199
Liyue Fan (2019)
Practical Image Obfuscation with Provable Privacy2019 IEEE International Conference on Multimedia and Expo (ICME)
A. Madry, Aleksandar Makelov, Ludwig Schmidt, Dimitris Tsipras, Adrian Vladu (2017)
Towards Deep Learning Models Resistant to Adversarial AttacksArXiv, abs/1706.06083
(2012)
Facebook can id faces, but using them grows tricky
S. Lawrence, C. Giles, A. Tsoi, A. Back (1997)
Face recognition: a convolutional neural-network approachIEEE transactions on neural networks, 8 1
Hossein Hosseini, Baicen Xiao, Andrew Clark, R. Poovendran (2017)
Attacking Automatic Video Analysis Algorithms: A Case Study of Google Cloud Video Intelligence APIProceedings of the 2017 on Multimedia Privacy and Security
A. Kokaram, R. Morris, W. Fitzgerald, P. Rayner (1995)
Interpolation of missing data in image sequencesIEEE transactions on image processing : a publication of the IEEE Signal Processing Society, 4 11
Yash Sharma, Pin-Yu Chen (2017)
Attacking the Madry Defense Model with L1-based Adversarial ExamplesArXiv, abs/1710.10733
G. Snedecor, R. Fisher, F. Yates (1939)
Statistical Tables for Biological, Agricultural and Medical Research.Journal of the Royal Statistical Society, 102
Kimia Tajik, Akshith Gunasekaran, Rhea Dutta, Brandon Ellis, R. Bobba, Mike Rosulek, C. Wright, W. Feng (2019)
Balancing Image Privacy and Usability with Thumbnail-Preserving EncryptionIACR Cryptol. ePrint Arch., 2019
Seong Oh, Rodrigo Benenson, Mario Fritz, B. Schiele (2016)
Faceless Person Recognition: Privacy Implications in Social MediaArXiv, abs/1607.08438
François Chollet (2016)
Xception: Deep Learning with Depthwise Separable Convolutions2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR)
J. Cardoso (1998)
Blind signal separation: statistical principlesProc. IEEE, 86
(1954)
Statistical Tables: For Biological, Agricultural and Medical ResearchMedical Journal of Australia, 1
C. Wright, W. Feng, Feng Liu (2015)
Thumbnail-Preserving Encryption for JPEGProceedings of the 3rd ACM Workshop on Information Hiding and Multimedia Security
Yan Shoshitaishvili, Christopher Krügel, G. Vigna (2015)
Portrait of a Privacy InvasionProceedings on Privacy Enhancing Technologies, 2015
S. Rajsbaum (2014)
Foundations of Cryptography
(2018)
Course 2: build deep learning neural networks in 5 days only
S. Baluja, Ian Fischer (2017)
Adversarial Transformation Networks: Learning to Generate Adversarial ExamplesArXiv, abs/1703.09387
Yann LeCun, Yoshua Bengio, Geoffrey Hinton (2015)
Deep LearningNature, 521
P. Cochat, L. Vaucoret, J. Sarles (2008)
Et alEvidence Based Mental Health, 11
Moo-Ryong Ra, R. Govindan, Antonio Ortega
Usenix Association 10th Usenix Symposium on Networked Systems Design and Implementation (nsdi '13) 515 P3: toward Privacy-preserving Photo Sharing
Dongyu Meng, Hao Chen (2017)
MagNet: A Two-Pronged Defense against Adversarial ExamplesProceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security
Nicholas Carlini, D. Wagner (2016)
Towards Evaluating the Robustness of Neural Networks2017 IEEE Symposium on Security and Privacy (SP)
Yi Sun, Xiaogang Wang, Xiaoou Tang (2013)
Deep Convolutional Network Cascade for Facial Point Detection2013 IEEE Conference on Computer Vision and Pattern Recognition
R. Gross, E. Airoldi, B. Malin, L. Sweeney (2005)
Integrating Utility into Face De-identification
Alexey Kurakin, I. Goodfellow, Samy Bengio (2016)
Adversarial examples in the physical worldArXiv, abs/1607.02533
Q. Zhao, J. Stasko (1998)
The Awareness-Privacy Tradeoff in Video Supported Informal Awareness: A Study of Image-Filtering Based Techniques
Rakshith Shetty, Marcus Rohrbach, Lisa Hendricks, Mario Fritz, B. Schiele (2017)
Towards a Visual Privacy Advisor: Understanding and Predicting Privacy Risks in Images2017 IEEE International Conference on Computer Vision (ICCV)
(2016)
and H
K. Lander, V. Bruce, H. Hill (2001)
Evaluating the effectiveness of pixelation and blurring on masking the identity of familiar facesApplied Cognitive Psychology, 15
Zhou Wang, A. Bovik, H. Sheikh, Eero Simoncelli (2004)
Image quality assessment: from error visibility to structural similarityIEEE Transactions on Image Processing, 13
H. Pouransari, Saman Ghili (2014)
Tiny ImageNet Visual Recognition Challenge
Z. Stone, Todd Zickler, Trevor Darrell (2008)
Autotagging Facebook: Social network context improves photo annotation2008 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops
R. Gross, L. Sweeney, J. Cohn, F. Torre, Simon Baker (2009)
Face De-identification
(2020)
The Secretive Company That Might End Privacy as We Know It, 1/182020
Nicolas Papernot, P. Mcdaniel, I. Goodfellow, S. Jha, Z. Celik, A. Swami (2016)
Practical Black-Box Attacks against Machine LearningProceedings of the 2017 ACM on Asia Conference on Computer and Communications Security
A. Abraham, A. Prabhavathy, J. Shree (2012)
A Survey on Video InpaintingInternational Journal of Computer Applications, 56
M. Bertalmío, G. Sapiro, V. Caselles, C. Ballester (2000)
Image inpaintingProceedings of the 27th annual conference on Computer graphics and interactive techniques
Oded Goldreich (2006)
Foundations of Cryptography: Volume 1
Eu-Jin Goh, H. Shacham, N. Modadugu, D. Boneh (2003)
SiRiUS: Securing Remote Untrusted Storage
Omkar Parkhi, A. Vedaldi, Andrew Zisserman (2015)
Deep Face Recognition
Chuhan Gao, Varun Chandrasekaran, Kassem Fawaz, S. Jha (2020)
Face-Off: Adversarial Face ObfuscationProceedings on Privacy Enhancing Technologies, 2021
Zhenyu Wu, Zhangyang Wang, Zhaowen Wang, Hailin Jin (2018)
Towards Privacy-Preserving Visual Recognition via Adversarial Training: A Pilot Study
Yuan Lin, Shengjin Wang, Qian Lin, Feng Tang (2012)
Face Swapping under Large Pose Variations: A 3D Model Based Approach2012 IEEE International Conference on Multimedia and Expo
L. Sweeney (2002)
k-Anonymity: A Model for Protecting PrivacyInt. J. Uncertain. Fuzziness Knowl. Based Syst., 10
Arezoo Rajabi, Mahdieh Abbasi, Christian Gagné, R. Bobba (2018)
Towards Dependable Deep Convolutional Neural Networks (CNNs) with Out-distribution LearningArXiv, abs/1804.08794
Yanpei Liu, Xinyun Chen, Chang Liu, D. Song (2016)
Delving into Transferable Adversarial Examples and Black-box AttacksArXiv, abs/1611.02770
Amin Jourabloo, Xi Yin, Xiaoming Liu (2015)
Attribute preserved face de-identification2015 International Conference on Biometrics (ICB)
Matt Tierney, Ian Spiro, C. Bregler, L. Subramanian (2013)
Cryptagram: photo privacy for online social media
I. Goodfellow, Jonathon Shlens, Christian Szegedy (2014)
Explaining and Harnessing Adversarial ExamplesCoRR, abs/1412.6572
Nitish Srivastava, Geoffrey Hinton, A. Krizhevsky, Ilya Sutskever, R. Salakhutdinov (2014)
Dropout: a simple way to prevent neural networks from overfittingJ. Mach. Learn. Res., 15
Nilaksh Das, Madhuri Shanbhogue, Shang-Tse Chen, Fred Hohman, Siwei Li, Li Chen, M. Kounavis, Duen Chau (2018)
SHIELD: Fast, Practical Defense and Vaccination for Deep Learning using JPEG CompressionProceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining
Naveed Akhtar, A. Mian (2018)
Threat of Adversarial Attacks on Deep Learning in Computer Vision: A SurveyIEEE Access, 6
Thomas Huang, G. Yang, G. Tang (1979)
A fast two-dimensional median filtering algorithmIEEE Transactions on Acoustics, Speech, and Signal Processing, 27
Anish Athalye, Nicholas Carlini, D. Wagner (2018)
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples
Byron Marohn, C. Wright, W. Feng, Mike Rosulek, R. Bobba (2017)
Approximate Thumbnail Preserving EncryptionProceedings of the 2017 on Multimedia Privacy and Security
Markus Mathias, Rodrigo Benenson, M. Pedersoli, L. Gool (2014)
Face Detection without Bells and Whistles
Tao Li, Lei Lin (2019)
AnonymousNet: Natural Face De-Identification With Measurable Privacy2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW)
Hossein Hosseini, R. Poovendran (2018)
Semantic Adversarial Examples2018 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW)
Hongwei Ng, Stefan Winkler (2014)
A data-driven approach to cleaning large face datasets2014 IEEE International Conference on Image Processing (ICIP)
E. Newton, L. Sweeney, B. Malin (2005)
Preserving privacy by de-identifying face imagesIEEE Transactions on Knowledge and Data Engineering, 17
Steven Hill, Zhimin Zhou, L. Saul, H. Shacham (2016)
On the (In)effectiveness of Mosaicing and Blurring as Tools for Document RedactionProceedings on Privacy Enhancing Technologies, 2016
W. Huang, Tony Wu (2014)
Face Swapping
Liyue Fan (2018)
Image Pixelization with Differential Privacy
Weilin Xu, David Evans, Yanjun Qi (2017)
Feature Squeezing: Detecting Adversarial Examples in Deep Neural NetworksArXiv, abs/1704.01155
Seong Oh, Mario Fritz, B. Schiele (2017)
Adversarial Image Perturbation for Privacy Protection A Game Theory Perspective2017 IEEE International Conference on Computer Vision (ICCV)
F. Carmo, Joaquim Assis, Vania Estrela, Alessandra Coelho (2009)
Blind signal separation and identification of mixtures of images2009 Conference Record of the Forty-Third Asilomar Conference on Signals, Systems and Computers
D. Bitouk, Neeraj Kumar, S. Dhillon, P. Belhumeur, S. Nayar (2008)
Face swapping: automatically replacing faces in photographsACM SIGGRAPH 2008 papers
Olga Russakovsky, Jia Deng, Hao Su, J. Krause, S. Satheesh, Sean Ma, Zhiheng Huang, A. Karpathy, A. Khosla, Michael Bernstein, A. Berg, Li Fei-Fei (2014)
ImageNet Large Scale Visual Recognition ChallengeInternational Journal of Computer Vision, 115
B. Driessen, Markus Dürmuth (2013)
Achieving Anonymity against Major Face Recognition Algorithms
Zongji Sun, Lily Meng, A. Ariyaeeinia (2015)
Distinguishable de-identified faces2015 11th IEEE International Conference and Workshops on Automatic Face and Gesture Recognition (FG), 04
Goldreich Oded (2004)
Foundations of Cryptography: Volume 2, Basic Applications
S. Tansuriyavong, S. Hanaki (2001)
Privacy protection by concealing persons in circumstantial video image
Seyed-Mohsen Moosavi-Dezfooli, Alhussein Fawzi, Omar Fawzi, P. Frossard (2016)
Universal Adversarial Perturbations2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR)
Ajit Pande, S. Prabha (2012)
Image Blind Signal Separation Algorithm based on Fast ICA
A. Krizhevsky, Ilya Sutskever, Geoffrey Hinton (2012)
ImageNet classification with deep convolutional neural networksCommunications of the ACM, 60
M. Kallahalla, Erik Riedel, Ram Swaminathan, Qian Wang, Kevin Fu (2003)
Plutus: Scalable Secure File Sharing on Untrusted Storage
AbstractImage hosting platforms are a popular way to store and share images with family members and friends. However, such platforms typically have full access to images raising privacy concerns. These concerns are further exacerbated with the advent of Convolutional Neural Networks (CNNs) that can be trained on available images to automatically detect and recognize faces with high accuracy.Recently, adversarial perturbations have been proposed as a potential defense against automated recognition and classification of images by CNNs. In this paper, we explore the practicality of adversarial perturbation-based approaches as a privacy defense against automated face recognition. Specifically, we first identify practical requirements for such approaches and then propose two practical adversarial perturbation approaches – (i) learned universal ensemble perturbations (UEP), and (ii) k-randomized transparent image overlays (k-RTIO) that are semantic adversarial perturbations. We demonstrate how users can generate effective transferable perturbations under realistic assumptions with less effort.We evaluate the proposed methods against state-of-theart online and offline face recognition models, Clarifai.com and DeepFace, respectively. Our findings show that UEP and k-RTIO respectively achieve more than 85% and 90% success against face recognition models. Additionally, we explore potential countermeasures that classifiers can use to thwart the proposed defenses. Particularly, we demonstrate one effective countermeasure against UEP.
Proceedings on Privacy Enhancing Technologies – de Gruyter
Published: Jan 1, 2021
Read and print from thousands of top scholarly journals.
Already have an account? Log in
Bookmark this article. You can see your Bookmarks on your DeepDyve Library.
To save an article, log in first, or sign up for a DeepDyve account if you don’t already have one.
Copy and paste the desired citation format or use the link below to download a file formatted for EndNote
Access the full text.
Sign up today, get DeepDyve free for 14 days.
All DeepDyve websites use cookies to improve your online experience. They were placed on your computer when you launched this website. You can change your cookie settings through your browser.