Privacy is an important issue raised from the diffusion of deep learning models. These models are able to extract unauthorized information from our data, especially from the images shared on Social Networks. In this work we present a nested evolutionary algorithm able to optimize sequences of Instagram-style image filters that, when applied to an image, are able to protect it by fooling classification systems: we turn adversarial attacks into a defence form. Differently from other adversarial techniques adding small perturbations that cannot be easily detected by human eyes but can be easily recognized by softwares, our filter composition cannot be distinguished from any other filter composition used extensively every day to enhance photos and images.
Enhance while protecting: privacy preserving image filtering
Baia A. E.;Milani A.;Poggioni V.
2021
Abstract
Privacy is an important issue raised from the diffusion of deep learning models. These models are able to extract unauthorized information from our data, especially from the images shared on Social Networks. In this work we present a nested evolutionary algorithm able to optimize sequences of Instagram-style image filters that, when applied to an image, are able to protect it by fooling classification systems: we turn adversarial attacks into a defence form. Differently from other adversarial techniques adding small perturbations that cannot be easily detected by human eyes but can be easily recognized by softwares, our filter composition cannot be distinguished from any other filter composition used extensively every day to enhance photos and images.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
