Privacy-Preserving Face Recognition in the Frequency Domain
Keywords:Computer Vision (CV), Data Mining & Knowledge Management (DMKM)
AbstractSome applications may require performing face recognition (FR) on third-party servers, which could be accessed by attackers with malicious intents to compromise the privacy of users’ face information. This paper advocates a practical privacy-preserving FR scheme without key management realized in the frequency domain. The new scheme first collects the components of the same frequency from different blocks of a face image to form component channels. Only part of the channels are retained and fed into the analysis network that performs an interpretable privacy-accuracy trade-off analysis to identify channels important for face image visualization but not crucial for maintaining high FR accuracy. For this purpose, the loss function of the analysis network consists of the empirical FR error loss and a face visualization penalty term, and the network is trained in an end-to-end manner. We find that with the developed analysis network, more than 94% of the image energy can be dropped while the face recognition accuracy stays almost undegraded. In order to further protect the remaining frequency components, we propose a fast masking method. Effectiveness of the new scheme in removing the visual information of face images while maintaining their distinguishability is validated over several large face datasets. Results show that the proposed scheme achieves a recognition performance and inference time comparable to ArcFace operating on original face images directly.
How to Cite
Wang, Y., Liu, J., Luo, M., Yang, L., & Wang, L. (2022). Privacy-Preserving Face Recognition in the Frequency Domain. Proceedings of the AAAI Conference on Artificial Intelligence, 36(3), 2558-2566. https://doi.org/10.1609/aaai.v36i3.20157
AAAI Technical Track on Computer Vision III