Crafter: Facial Feature Crafting against Inversion-based Identity Theft on Deep Models
CoRR(2024)
摘要
With the increased capabilities at the edge (e.g., mobile device) and more
stringent privacy requirement, it becomes a recent trend for deep
learning-enabled applications to pre-process sensitive raw data at the edge and
transmit the features to the backend cloud for further processing. A typical
application is to run machine learning (ML) services on facial images collected
from different individuals. To prevent identity theft, conventional methods
commonly rely on an adversarial game-based approach to shed the identity
information from the feature. However, such methods can not defend against
adaptive attacks, in which an attacker takes a countermove against a known
defence strategy. We propose Crafter, a feature crafting mechanism deployed at
the edge, to protect the identity information from adaptive model inversion
attacks while ensuring the ML tasks are properly carried out in the cloud. The
key defence strategy is to mislead the attacker to a non-private prior from
which the attacker gains little about the private identity. In this case, the
crafted features act like poison training samples for attackers with adaptive
model updates. Experimental results indicate that Crafter successfully defends
both basic and possible adaptive attacks, which can not be achieved by
state-of-the-art adversarial game-based methods.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要