Privacy-Preserving Object Detection With Poisoning Recognition for Autonomous Vehicles

Object detection has achieved significant progress in attaining high-quality performance without leaking private messages. However, traditional approaches cannot defend the poisoning attacks. Poisoning attacks can make the predictive model unusable, which quickly causes recognition errors or even traffic accidents. In this paper, we propose a privacy-preserving object detection with poisoning recognition (PR-PPOD) framework via distributed training with the help of the CNN, ResNet18, and classical SSD network. Specifically, we design a poisoning model recognition algorithm to remove the uploaded local poisoning parameters to guarantee a trained model's availability based on given privacy-preserving progress. More importantly, the PR-PPOD framework can effectively prevent the threat of differential attacks and avoid privacy leakage caused by reverse model reasoning. Moreover, the effectiveness, efficiency, and security of PR-PPOD are demonstrated via comprehensive theoretical analysis. Finally, we simulate the performance of local poisoning model recognition based on the MNIST, CIFAR10, VOC2007, and VOC2012 datasets, which could achieve good performance compared with the case without poisoning recognition.