In EDS ansehen

An approach to privacy-aware image analysis on edge devices using CNNs

Gespeichert in:

Bibliographische Detailangaben
Titel:	An approach to privacy-aware image analysis on edge devices using CNNs
Autoren:	Bendig Fabian, Naroska Edwin, Weberskirch Marcus
Quelle:	Current Directions in Biomedical Engineering, Vol 9, Iss 1, Pp 262-265 (2023)
Verlagsinformationen:	Walter de Gruyter GmbH, 2023.
Publikationsjahr:	2023
Schlagwörter:	03 medical and health sciences, 0302 clinical medicine, aal, 0206 medical engineering, vgg, Medicine, 02 engineering and technology, privacy awareness, 16. Peace & justice, cnn
Beschreibung:	This paper presents our approach to a privacy preserving person detection algorithm on edge computing devices. It utilizes a commonly used neural network architecture (VGG16) to encode an image by passing it through a fixed number of layers of the network on the edge device. The resulting feature vector can then be transmitted over the network to a more powerful computer (e.g. in the cloud) to be passed through the remaining layers of VGG16. As a result, the transmitted feature vector is only an abstract representation of the image. However, our research has shown that it is in fact possible to reconstruct most images by their respecting feature vectors if a potential attacker can tap into the network transmission by using a decoder network. Our approach to mitigate that risk is to preprocess the transmitted feature vector randomly by different manipulation methods. We used methods like mean filter or random null value insertion to manipulate the feature vector before it gets transmitted and show that those methods are able to counter the reconstruction capabilities of a decoder network while still preserving the capabilities of the original VGG16 network. The actual VGG16 network was used for object detection.We used the faces in the wild dataset and utilized two different approaches to confirm our approach. First, we used the VGGFace-Network on the decoded images and tried to let it identify people from the former mentioned dataset. The second approach used a group of 26 participants who had to match the decoder image to one of five images. In our experiments, we found different combinations of manipulation and number of layers on the edge device to preserve the detection capability of VGG16 (e.g. object detection) while preventing VGGFace and the participating group from identifying the shown people.
Publikationsart:	Article
Sprache:	English
ISSN:	2364-5504
DOI:	10.1515/cdbme-2023-1066
Zugangs-URL:	https://doaj.org/article/fb963c66f8544a488abb8b4ac43b7162
Rights:	CC BY
Dokumentencode:	edsair.doi.dedup.....d50b3b1f7ac0cab3a7c82033c0b9eb50
Datenbank:	OpenAIRE

View record at OpenAIRE

Full Text Finder

Nájsť tento článok vo Web of Science

Beschreibung
Abstract:	This paper presents our approach to a privacy preserving person detection algorithm on edge computing devices. It utilizes a commonly used neural network architecture (VGG16) to encode an image by passing it through a fixed number of layers of the network on the edge device. The resulting feature vector can then be transmitted over the network to a more powerful computer (e.g. in the cloud) to be passed through the remaining layers of VGG16. As a result, the transmitted feature vector is only an abstract representation of the image. However, our research has shown that it is in fact possible to reconstruct most images by their respecting feature vectors if a potential attacker can tap into the network transmission by using a decoder network. Our approach to mitigate that risk is to preprocess the transmitted feature vector randomly by different manipulation methods. We used methods like mean filter or random null value insertion to manipulate the feature vector before it gets transmitted and show that those methods are able to counter the reconstruction capabilities of a decoder network while still preserving the capabilities of the original VGG16 network. The actual VGG16 network was used for object detection.We used the faces in the wild dataset and utilized two different approaches to confirm our approach. First, we used the VGGFace-Network on the decoded images and tried to let it identify people from the former mentioned dataset. The second approach used a group of 26 participants who had to match the decoder image to one of five images. In our experiments, we found different combinations of manipulation and number of layers on the edge device to preserve the detection capability of VGG16 (e.g. object detection) while preventing VGGFace and the participating group from identifying the shown people.
ISSN:	23645504
DOI:	10.1515/cdbme-2023-1066