A Novel Data Encryption Method Inspired by Adversarial Attacks

Due to the advances of sensing and storage technologies, a tremendous amount of data becomes available and, it supports the phenomenal growth of artificial intelligence (AI) techniques especially, deep learning (DL), in various application domains. While the data sources become valuable assets for enabling the success of autonomous decision-making, they also lead to critical vulnerabilities in privacy and security. For example, data leakage can be exploited via querying and eavesdropping in the exploratory phase for black-box attacks against DL-based autonomous decision-making systems. To address this issue, in this work, we propose a novel data encryption method, called AdvEncryption, by exploiting the principle of adversarial attacks. Different from existing encryption technologies, the AdvEncryption method is not developed to prevent attackers from exploiting the dataset. Instead, our proposed method aims to trap the attackers in a misleading feature distillation of the data. To achieve this goal, our AdvEncryption method consists of two essential components: 1) an adversarial attack-inspired encryption mechanism to encrypt the data with stealthy adversarial perturbation, and 2) a decryption mechanism that minimizes the impact of the perturbations on the effectiveness of autonomous decision making. In the performance evaluation section, we evaluate the performance of our proposed AdvEncryption method through case studies considering different scenarios.