Kasidit Chunhachatchawhankhun, Prarinya Siritanawan, Karin Sumongkayothin, K. Kotani
{"title":"ECB加密图像的深度学习视觉特征保护研究","authors":"Kasidit Chunhachatchawhankhun, Prarinya Siritanawan, Karin Sumongkayothin, K. Kotani","doi":"10.1109/KSE53942.2021.9648821","DOIUrl":null,"url":null,"abstract":"In this paper, we demonstrate that images encrypted with Advanced Encryption Standard (AES) in Electronic Code Book (ECB) mode retain some local properties of the original images that Deep Neural Networks (DNNs) can detect these properties and perform classification tasks on this encrypted data. The experiment with the ECB encrypted MNIST handwritten digit dataset revealed that models trained on this dataset have an accuracy of around 80%. It also demonstrated that the model trained using one secret key does not work with other secret keys or the original dataset; the prediction accuracy plummeted to less than 10%. As a result, malicious users who do not know the secret keys will find the model inefficient, and it may be difficult to manipulate or change the prediction results.","PeriodicalId":130986,"journal":{"name":"2021 13th International Conference on Knowledge and Systems Engineering (KSE)","volume":"68 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Investigating Protection of Deep Learning Visual Features on ECB Encrypted Images\",\"authors\":\"Kasidit Chunhachatchawhankhun, Prarinya Siritanawan, Karin Sumongkayothin, K. Kotani\",\"doi\":\"10.1109/KSE53942.2021.9648821\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this paper, we demonstrate that images encrypted with Advanced Encryption Standard (AES) in Electronic Code Book (ECB) mode retain some local properties of the original images that Deep Neural Networks (DNNs) can detect these properties and perform classification tasks on this encrypted data. The experiment with the ECB encrypted MNIST handwritten digit dataset revealed that models trained on this dataset have an accuracy of around 80%. It also demonstrated that the model trained using one secret key does not work with other secret keys or the original dataset; the prediction accuracy plummeted to less than 10%. As a result, malicious users who do not know the secret keys will find the model inefficient, and it may be difficult to manipulate or change the prediction results.\",\"PeriodicalId\":130986,\"journal\":{\"name\":\"2021 13th International Conference on Knowledge and Systems Engineering (KSE)\",\"volume\":\"68 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-11-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 13th International Conference on Knowledge and Systems Engineering (KSE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/KSE53942.2021.9648821\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 13th International Conference on Knowledge and Systems Engineering (KSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/KSE53942.2021.9648821","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Investigating Protection of Deep Learning Visual Features on ECB Encrypted Images
In this paper, we demonstrate that images encrypted with Advanced Encryption Standard (AES) in Electronic Code Book (ECB) mode retain some local properties of the original images that Deep Neural Networks (DNNs) can detect these properties and perform classification tasks on this encrypted data. The experiment with the ECB encrypted MNIST handwritten digit dataset revealed that models trained on this dataset have an accuracy of around 80%. It also demonstrated that the model trained using one secret key does not work with other secret keys or the original dataset; the prediction accuracy plummeted to less than 10%. As a result, malicious users who do not know the secret keys will find the model inefficient, and it may be difficult to manipulate or change the prediction results.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
