Face recognition technology has been used in many fields due to its high recognition accuracy, including the face unlocking of mobile devices, community access control systems, and city surveillance. As the current high accuracy is guaranteed by very deep network structures, facial images often need to be transmitted to third-party servers with high computational power for inference. However, facial images visually reveal the user's identity information. In this process, both untrusted service providers and malicious users can significantly increase the risk of a personal privacy breach. Current privacy-preserving approaches to face recognition are often accompanied by many side effects, such as a significant increase in inference time or a noticeable decrease in recognition accuracy. This paper proposes a privacy-preserving face recognition method using differential privacy in the frequency domain. Due to the utilization of differential privacy, it offers a guarantee of privacy in theory. Meanwhile, the loss of accuracy is very slight. This method first converts the original image to the frequency domain and removes the direct component termed DC. Then a privacy budget allocation method can be learned based on the loss of the back-end face recognition network within the differential privacy framework. Finally, it adds the corresponding noise to the frequency domain features. Our method performs very well with several classical face recognition test sets according to the extensive experiments.
翻译:在许多领域都使用了面部识别技术,原因是它具有高度的识别精确度,包括移动装置的面部解锁、社区出入控制系统和城市监视。由于目前的高度准确性得到非常深的网络结构的保障,面部图像往往需要传送给具有高计算能力的第三方服务器,进行推断。但是,面部图像可以直观地显示用户的身份信息。在这个过程中,未经信任的服务供应商和恶意用户都可以大大增加个人隐私被侵犯的风险。目前对面的隐私保护方法往往伴随着许多副作用,例如大幅提高推断时间或明显降低识别准确性。本文建议采用使用不同频率领域隐私的保密面部识别方法。由于使用不同隐私,它提供了理论上的隐私保障。与此同时,准确性损失非常轻微。这种方法首先将原始图像转换为频率域,并删除直接称为DC的构成部分。然后根据不同隐私框架内后端识别网络的丢失情况学习隐私预算分配方法。最后,它建议使用不同频率域域内差异的保密面部识别方法。它又增加了使用不同的隐私保护面部识别方法进行相应的语音测试。