Dual Protection for Image Privacy and Copyright via Traceable Adversarial Examples

被引:0
作者
Li, Ming [1 ,2 ]
Yang, Zhaoli [1 ]
Wang, Tao [3 ]
Zhang, Yushu [3 ]
Wen, Wenying [4 ]
机构
[1] Henan Normal Univ, Coll Comp & Informat Engn, Xinxiang 453007, Peoples R China
[2] Key Lab Artificial Intelligence & Personalized Lea, Xinxiang 453007, Peoples R China
[3] Nanjing Univ Aeronaut & Astronaut, Coll Comp Sci & Technol, Nanjing 211106, Peoples R China
[4] Jiangxi Univ Finance & Econ, Sch Comp & Artificial Intelligence, Nanchang 330032, Peoples R China
来源
IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS FOR VIDEO TECHNOLOGY | 2024年 / 34卷 / 12期
关键词
Watermarking; Privacy; Perturbation methods; Protection; Copyright protection; Robustness; Training; Adversarial examples; copyright; deep neural networks; privacy protection; robust watermarking; WATERMARKING;
D O I
10.1109/TCSVT.2024.3448351
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
In recent years, the uploading of massive personal images has increased the security risks, mainly including privacy breaches and copyright infringement. Adversarial examples provide a novel solution for protecting image privacy, as they can evade the detection by deep neural network (DNN)-based recognizers. However, the perturbations in the adversarial examples typically meaningless and therefore cannot be extracted as traceable information to support copyright protection. In this paper, we designed a dual protection scheme for image privacy and copyright via traceable adversarial examples. Specifically, a traceable adversarial model is proposed, which can be used to embed the invisible copyright information into images for copyright protection while fooling DNN-based recognizers for privacy protection. Inspired by the training method of generative adversarial networks (GANs), a new dynamic adversarial training strategy is designed, which allows our model for achieving stable multi-objective learning. Experimental results show that our scheme is exceptionally robust in the face of a variety of noise conditions and image processing methods, while exhibiting good model migration and defense robustness.
引用
收藏
页码:13401 / 13412
页数:12
相关论文
共 53 条
[1]  
Chen J., Konrad J., Ishwar P., VGAN-based image representation learning for privacy-preserving facial expression recognition, Proc IEEE/CVF Conf. Comput. Vis. Pattern Recognit. Workshops (CVPRW), pp. 1651-165109, (2018)
[2]  
Xu Y., Deng B., Wang J., Jing Y., Pan J., He S., Highresolution face swapping via latent semantics disentanglement, Proc IEEE/CVF Conf. Comput. Vis. Pattern Recognit. (CVPR), pp. 7632-7641, (2022)
[3]  
You J., Wang Y.-G., Zhu G., Kwong S., Truncated robust natural watermarking with Hungarian optimization, IEEE Trans. Circuits Syst. Video Technol, 32, 2, pp. 483-495, (2022)
[4]  
Wang X., Li X., Pei Q., Independent embedding domain based two-stage robust reversible watermarking, IEEE Trans. Circuits Syst. Video Technol, 30, 8, pp. 2406-2417, (2020)
[5]  
Sun W., Jin J., Lin W., Minimum noticeable difference-based adversarial privacy preserving image generation, IEEE Trans. Circuits Syst. Video Technol, 33, 3, pp. 1069-1081, (2023)
[6]  
Zhang J., Wang J., Wang H., Luo X., Self-recoverable adversarial examples: A new effective protection mechanism in social networks, IEEE Trans. Circuits Syst. Video Technol, 33, 2, pp. 562-574, (2023)
[7]  
Wang R., Huang Z., Chen Z., Liu L., Chen J., Wang L., Antiforgery: Towards A Stealthy and Robust DeepFake Disruption Attack Via Adversarial Perceptual-Aware Perturbations, (2022)
[8]  
Lin Y., Chen H., Maiorana E., Campisi P., Li B., Source-ID-Tracker: Source face identity protection in face swapping, Proc IEEE Int. Conf. Multimedia Expo (ICME), pp. 1-6, (2022)
[9]  
Su Z., Zhou D., Wang N., Liu D., Wang Z., Gao X., Hiding visual information via obfuscating adversarial perturbations, Proc IEEE/CVF Int. Conf. Comput. Vis. (ICCV), pp. 4356-4366, (2023)
[10]  
Xiao X., Zhang Y., Hua Z., Xia Z., Weng J., Client-side embedding of screen-shooting resilient image watermarking, IEEE Trans. Inf. Forensics Security, 19, pp. 5357-5372, (2024)
123456