Many computer vision systems require users to upload image features to the cloud for processing and storage. Such image features can be exploited to recover sensitive information about the scene or subjects, e.g., by reconstructing the appearance of the original image. To address this privacy concern, we propose a new privacy-preserving feature representation. The core idea of our work is to drop constraints from each feature descriptor by embedding it within an affine subspace containing the original feature as well as adversarial feature samples. Feature matching on the privacy-preserving representation is enabled based on the notion of subspace-to-subspace distance. We experimentally demonstrate the effectiveness of our method and its high practical relevance for the applications of visual localization and mapping as well as face authentication. Compared to the original features, our approach has only marginal impact on performance but makes it significantly more difficult for an adversary to recover private information.
翻译:许多计算机视觉系统要求用户将图像特征上传到云层以供处理和存储。这些图像特征可以用来恢复关于现场或主题的敏感信息,例如通过重建原始图像的外观。为了解决这一隐私问题,我们提议了新的隐私保护特征代表。我们工作的核心理念是通过将每个特征描述符嵌入包含原始特征和对立特征样本的密室子空间,减少每个特征描述符的局限性。基于子空间对子空间对子空间的距离概念,可以启用隐私保护代表的匹配功能。我们实验性地展示了我们的方法的有效性及其对于视觉定位和绘图应用以及面部认证的高度实用相关性。与原始特征相比,我们的方法只能对性能产生边际影响,但使对手更难于恢复私人信息。