《電子技術(shù)應(yīng)用》
您所在的位置:首頁 > 通信與網(wǎng)絡(luò) > 設(shè)計(jì)應(yīng)用 > 基于差分隱私的面部圖像安全傳播方法研究
基于差分隱私的面部圖像安全傳播方法研究
網(wǎng)絡(luò)安全與數(shù)據(jù)治理
賀春祿1,唐琪2
1.中國科學(xué)院文獻(xiàn)情報(bào)中心,;2.湖南大學(xué)
摘要: 人臉數(shù)據(jù)蘊(yùn)含豐富身份信息,,其隱私泄露問題備受關(guān)注。傳統(tǒng)差分隱私方法直接對(duì)像素或特征向量整體添加噪聲,,導(dǎo)致識(shí)別性能下降且缺乏可解釋性,。為此,提出一種新型差分隱私方法,,將特征嵌入向量結(jié)合分類方法設(shè)計(jì),,創(chuàng)新性地將響應(yīng)數(shù)據(jù)轉(zhuǎn)換為徑向半徑與切向角度兩種形式,更好適配分類中的角度與距離度量,。在此基礎(chǔ)上,,構(gòu)建了基于角度與半徑的差分隱私噪聲生成機(jī)制,并通過差分隱私組合定理定義隱私預(yù)算并進(jìn)行數(shù)學(xué)證明,。此外,,設(shè)計(jì)了隱私圖像生成方法,通過優(yōu)化評(píng)價(jià)函數(shù)實(shí)現(xiàn)隱私性與可用性的平衡,。實(shí)驗(yàn)結(jié)果基于三個(gè)公開數(shù)據(jù)集,,表明所提方法在徑向與切向方向的組合應(yīng)用中表現(xiàn)優(yōu)異,在相同隱私預(yù)算下顯著提升了識(shí)別性能,。該方法實(shí)現(xiàn)了隱私保護(hù)與分類可用性的兼顧,,并在解釋性與性能上展現(xiàn)出顯著優(yōu)勢,。
中圖分類號(hào):TP309文獻(xiàn)標(biāo)識(shí)碼:ADOI:10.19358/j.issn.2097-1788.2025.03.002
引用格式:賀春祿,唐琪. 基于差分隱私的面部圖像安全傳播方法研究[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,,2025,,44(3):8-16.
Research on security dissemination method of facial images based on differential privacy
He Chunlu1,Tang Qi2
1. National Science Library,, Chinese Academy of Sciences; 2. Hunan University
Abstract: Face data contains rich identity information, and its privacy leakage has attracted much attention. Traditional differential privacy methods directly add noise to pixels or feature vectors as a whole, resulting in decreased recognition performance and lack of interpretability. Therefore, this paper proposes a new differential privacy method, which combines the feature embedding vector with the classification method design, and innovatively converts the response data into two forms of radial radius and tangential angle, so as to better adapt the angle and distance measurement in classification. On this basis, a differential privacy noise generation mechanism based on angle and radius is constructed, and the privacy budget is defined and mathematically proved by the differential privacy combination theorem. In addition, this paper designs a privacy image generation method to achieve a balance between privacy and availability by optimizing the evaluation function. The experimental results based on three public datasets show that the proposed method performs well in the combined application of radial and tangential directions, and significantly improves the recognition performance under the same privacy budget. This method achieves both privacy protection and classification availability, and shows significant advantages in interpretability and performance.
Key words : differential privacy; face recognition; feature embedding; privacy-preserve

引言

人臉數(shù)據(jù)包含獨(dú)特的身份信息,,如瞳距、輪廓和尺寸等生物特征,,機(jī)器學(xué)習(xí)技術(shù)能夠通過訓(xùn)練人臉圖像實(shí)現(xiàn)精準(zhǔn)識(shí)別,。然而,若人臉數(shù)據(jù)泄露,,不法分子可能重構(gòu)面部圖像,、生成虛擬視頻或規(guī)避活體檢測,導(dǎo)致嚴(yán)重的隱私風(fēng)險(xiǎn)和經(jīng)濟(jì)損失,。隨著人臉識(shí)別技術(shù)的發(fā)展,,隱私保護(hù)問題日益受到重視。2023年8月,,國家網(wǎng)信辦發(fā)布《人臉識(shí)別技術(shù)應(yīng)用安全管理規(guī)定(試行)(征求意見稿)》[1],,對(duì)人臉識(shí)別的應(yīng)用場景提出具體要求,尤其是針對(duì)遠(yuǎn)距離,、無感式識(shí)別技術(shù)設(shè)定了明確界限,。在政策監(jiān)管加強(qiáng)的背景下,技術(shù)層面的隱私保護(hù)研究逐漸受到關(guān)注,。為了有效應(yīng)對(duì)個(gè)人信息泄露和數(shù)據(jù)濫用的風(fēng)險(xiǎn),不同學(xué)者從多元化的角度提出了創(chuàng)新的理論框架與技術(shù)手段,,包括差分隱私[2-4],、聯(lián)邦學(xué)習(xí)[5]、同態(tài)加密[6],、安全多方計(jì)算[7]等,。這些方法在保障數(shù)據(jù)隱私的同時(shí),推動(dòng)了數(shù)據(jù)共享與協(xié)作的實(shí)踐進(jìn)步,。其中,,差分隱私作為一項(xiàng)重要的隱私保護(hù)技術(shù),在防御推理攻擊和模型提取攻擊方面展現(xiàn)了顯著的潛力,。然而,,在面部圖像保護(hù)領(lǐng)域,其應(yīng)用仍面臨諸多挑戰(zhàn)?,F(xiàn)有方法在隱私性與可用性之間難以有效平衡,,主要包括像素處理方法和特征向量處理方法的局限性,。

本文基于差分隱私機(jī)制,提出一種契合圖像識(shí)別特點(diǎn)的隱私保護(hù)方法,,主要貢獻(xiàn)包括:(1)提出基于徑向距離與切向方向的差分隱私方法,,并設(shè)計(jì)噪聲生成機(jī)制以適配角度度量和歐式距離度量的分類需求;(2)提出隱私圖像生成方法,,通過簡單的圖像遮罩操作,,將特征嵌入向量轉(zhuǎn)化為滿足差分隱私的特征表示;(3)構(gòu)建隱私預(yù)算的度量方法,,結(jié)合數(shù)學(xué)證明驗(yàn)證算法的隱私性及有效性,,并在公開數(shù)據(jù)集上進(jìn)行實(shí)驗(yàn)驗(yàn)證。

 

本文詳細(xì)內(nèi)容請(qǐng)下載:

http://forexkbc.com/resource/share/2000006371


作者信息:

賀春祿1,,唐琪2

(1.中國科學(xué)院文獻(xiàn)情報(bào)中心,,北京100190;

2.湖南大學(xué),,湖南長沙410082)


Magazine.Subscription.jpg

此內(nèi)容為AET網(wǎng)站原創(chuàng),,未經(jīng)授權(quán)禁止轉(zhuǎn)載。