Abstract
We present a novel privacy-preserving scheme for deep neural networks (DNNs) that enables us not to only apply images without visual information to DNNs but to also consider the use of independent encryption keys for both training and testing images for the first time. In this paper, a novel pixel-based image encryption method that maintains important features of original images is proposed for privacy-preserving DNNs. For training, a DNN model is trained with images encrypted by using the proposed method with independent encryption keys. For testing, the model enables us to apply both encrypted images and plain images for image classification. Therefore, there is no need to manage keys. In addition, the proposed method allows us to perform data augmentation in the encrypted domain. In an experiment, the proposed method is applied to well-known networks, that is, deep residual networks and densely connected convolutional networks, for image classification. The experimental results demonstrate that the proposed method, under the use of independent encryption keys, can maintain a high classification performance, and it is robust against ciphertext-only attacks (COAs). Moreover, the results confirm that the proposed scheme is able to classify plain images as well as encrypted images, even when data augmentation is carried out in the encrypted domain.
Highlights
The spread of deep neural networks (DNNs) has greatly contributed to solving complex tasks for many applications [1]–[3], such as for computer vision, biomedical systems, and information technology
EXPERIMENTS To confirm that the proposed scheme is effective, we evaluated the performance of image classification accuracy and robustness against the DNN-based ciphertext-only attacks (COAs) attack under various conditions
The visual information was slightly recovered by the DNN-based COA when the model was trained by using encrypted images with the same key, and the test image was encrypted with the same key, as shown in Fig. 13(a), and 13(c)
Summary
The spread of deep neural networks (DNNs) has greatly contributed to solving complex tasks for many applications [1]–[3], such as for computer vision, biomedical systems, and information technology. Deep learning utilizes a large amount of data to extract representations of relevant features, so the performance is significantly improved [4], [5]. DNNs have been deployed in security-critical applications, such as facial recognition, biometric authentication, and medical image analysis. It is very popular for data owners to utilize cloud servers to compute and process a large amount of data instead of using local servers.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
