DeepClean: A Robust Deep Learning Technique for Autonomous Vehicle Camera Data Privacy

Abstract

Autonomous Vehicles (AVs) are equipped with several sensors which produce various forms of data, such as geo-location, distance, and camera data. The volume and utility of these data, especially camera data, have contributed to the advancement of high-performance self-driving applications. However, these vehicles and their collected data are prone to several security and privacy attacks. One of the main attacks against the AV-generated camera data is location inference, in which camera data is used to extract knowledge for tracking the users. A few research studies have proposed privacy-preserving approaches for analysing AV-generated camera data using powerful generative models, such as Variational Auto Encoder (VAE) and Generative Adversarial Network (GAN). However, the related work considers a weak geo-localisation attack model, which leads to weak privacy protection against stronger attack models. In this paper, we propose DeepClean, a robust deep learning model that combines VAE and a private clustering technique. DeepClean learns distinct labelled object structures of the image data as a cluster, and generates a more visual representation of the non-private object clusters, e.g., roads. It then distorts the private object areas using a private Gaussian Mixture Model (GMM) to learn distinct cluster structures of the labelled object areas. The synthetic images generated from our model guarantee privacy and resist against a robust location inference attack by less than 4% localisation accuracy. This implies that using DeepClean for synthetic data generation, it is less likely for a subject to be localised by an attacker even when using a robust geo-localisation attack. The overall image utility level of the generated synthetic images by DeepClean is comparable to the benchmark studies.