政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/157814

English | 正體中文 | 简体中文 | Post-Print筆數 : 27 | Items with full text/Total items : 116849/147881 (79%)
Visitors : 63824730 Online Users : 634

RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.

Scope

please add "double quotation mark" for query phrases to get precise results

please goto advance search for comprehansive author search

Adv. Search

Home ‧ Login ‧ Upload ‧ Help ‧ About ‧ Administer

Goto mobile version

政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 > Item 140.119/157814

Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/157814

Title:	應用圖像加密技術於隱私保護機器學習之研究 A Study on Privacy-Preserving Machine Learning Using Image Encryption Technology
Authors:	林怡婷 Lin, Yi-Ting
Contributors:	左瑞麟 Tso, Ray-Lin 林怡婷 Lin, Yi-Ting
Keywords:	AI資安機器學習圖像加密隱私保護影像處理隱私保護機器學習 AI Security Machine Learning Image Encryption Privacy Protection Image Processing Privacy-Preserving Machine Learning
Date:	2025
Issue Date:	2025-07-01 15:06:57 (UTC+8)
Abstract:	在圖像識別技術的快速發展下，圖像隱私保護已成為一項重要議題。隨著機器學習的不斷演進，越來越多的圖像被應用於模型開發，同時也帶來潛在的隱私風險。如何在確保圖像隱私與安全性的同時，維持模型的準確性與效能，已成為一大挑戰。傳統的圖像加密技術大多使用相同的鑰匙進行加密，不僅需要和其他用戶端共享鑰匙，還必須透過安全通道進行傳輸，這不僅增加鑰匙洩漏的風險，對鑰匙的存儲與管理上擁有更高的要求。此外，雖然傳統的加密技術能有效保護圖像隱私，卻往往大幅影響圖像識別的準確率，進而降低機器學習模型的表現。因此，如何在兼顧隱私保護與模型效能的前提下，開發更安全的圖像加密技術，已成為當前研究的重要方向。因此，本論文旨在探討圖像識別領域中隱私保護的問題，並提出相應的解決方案，透過本論文提出的加密方案，產生人類無法識別的圖像，但模型卻可以從加密圖像中識別圖像的特徵，解決了圖像隱私保護和識別準確率存在的兩難問題，並降低圖像在機器學習的隱私風險，而該方案可以運用於不同大小的圖像，使機器學習在圖像隱私保護運用上能擁有更多的彈性。透過這項研究，希望能夠提升機器學習隱私保護的水平，兼顧圖像識別準確率和安全性，並增加大眾對於圖像隱私和AI資安議題的關注。 With the rapid development of image recognition technology, image privacy protection has become a critical issue. As machine learning continues to advance, an increasing number of images are being utilized for model development, which also raises potential privacy risks. The key challenge lies in ensuring image privacy and security while maintaining model accuracy and performance. Traditional image encryption techniques mostly use the same key for encryption, requiring key sharing with other clients and secure transmission channels. This not only increases the risk of key leakage but also imposes higher demands on key storage and management. Moreover, although these encryption methods can protect image privacy, they often significantly degrade recognition accuracy, ultimately affecting the performance of machine learning models. Therefore, developing a more secure and efficient image encryption technique that balances privacy protection and model performance has become a crucial research direction. This paper proposes a novel encryption scheme to address privacy protection in image recognition. The proposed method generates encrypted images that are unrecognizable to humans but can still be accurately recognized by models. This approach effectively resolves the trade-off between image privacy protection and recognition accuracy while reducing privacy risks in machine learning. Moreover, the proposed method supports images of various sizes, offering greater flexibility for privacy-preserving machine learning applications. Through this research, we aim to enhance the level of privacy protection in image recognition, maintain model accuracy and security, and raise public awareness of image privacy and AI security.
Reference:	[1] LeCun, Y., Bengio, Y., & Hinton, G. (2015). Deep learning. nature, 521(7553), 436-444. [2] Guo, Y., Zhang, L., Hu, Y., He, X., & Gao, J. (2016). Ms-celeb-1m: Challenge of recognizing one million celebrities in the real world. Electronic imaging, 28, 1-6. [3] R. S. Siva Kumar et al., "Adversarial Machine Learning-Industry Perspectives," 2020 IEEE Security and Privacy Workshops (SPW), San Francisco, CA, USA, 2020, pp. 69-75 [4] W. Sirichotedumrong, T. Chuman, S. Imaizumi and H. Kiya, "Grayscale-Based Block Scrambling Image Encryption for Social Networking Services," 2018 IEEE International Conference on Multimedia and Expo (ICME), San Diego, CA, USA, 2018, pp. 1-6 [5] K. Iida and H. Kiya, "Image Identification of Grayscale-Based JPEG Images for Privacy-Preserving Photo Sharing Services," 2019 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC), Lanzhou, China, 2019, pp. 1750-1755 [6] T. Chuman, W. Sirichotedumrong and H. Kiya, "Encryption-then-compression systems using grayscale-based image encryption for jpeg images", IEEE Trans. on Information Forensics and Security, vol. 14, no. 6, pp. 1515-1525, 2019. [7] Q. N. Natsheh, B. Li, and A. G. Gale, ‘‘Security of multi-frame DICOM images using XOR encryption approach,’’ Proc. Comput. Sci., vol. 90, pp. 175–181, Jan. 2016. [8] M. Barni, G. Droandi and R. Lazzeretti, "Privacy Protection in Biometric-Based Recognition Systems: A marriage between cryptography and signal processing," in IEEE Signal Processing Magazine, vol. 32, no. 5, pp. 66-76, Sept. 2015 [9] R. L. Lagendijk, Z. Erkin and M. Barni, "Encrypted signal processing for privacy protection: Conveying the utility of homomorphic encryption and multiparty computation," in IEEE Signal Processing Magazine, vol. 30, no. 1, pp. 82-105, Jan. 2013 [10] Fabian Boemer, Yixing Lao, Rosario Cammarota, and Casimir Wierzynski. ngraph-he: a graph compiler for deep learning on homomorphically encrypted data. Proceedings of the 16th ACM International Conference on Computing Frontiers, pages 3–13, 2019. [11] Gilad-Bachrach, R., Dowlin, N., Laine, K., Lauter, K., Naehrig, M., & Wernsing, J. (2016, June). Cryptonets: Applying neural networks to encrypted data with high throughput and accuracy. In International conference on machine learning (pp. 201-210). PMLR. [12] Maekawa, A. Kawamura, Y. Kinoshita and H. Kiya, "Privacy-preserving svm computing in the encrypted domain", Proceedings of APSIPA Annual Summit and Conference, pp. 897-902, 2018. [13] Masayuki Tanaka. Learnable image encryption. 2018 IEEE International Conference on Consumer Electronics-Taiwan (ICCE-TW), pages 1–2, 2018. [14] Koki Madono, Masayuki Tanaka, Masaki Onishi, and Tetsuji Ogawa. Block-wise scrambled image recognition using adaptation network. In AAAI WS, 2020. [15] Sirichotedumrong, W., Kinoshita, Y., & Kiya, H. (2019). Pixel-based image encryption without key management for privacy-preserving deep neural networks. Ieee Access, 7, 177844-177855. [16] W. Sirichotedumrong, T. Maekawa, Y. Kinoshita, and H. Kiya, ‘‘Privacypreserving deep neural networks with pixel-based image encryption considering data augmentation in the encrypted domain,’’ in Proc. IEEE Int. Conf. Image Process. (ICIP), Sep. 2019, pp. 674–678. [17] W. Sirichotedumrong, Y. Kinoshita, and H. Kiya, ‘‘On the security of pixelbased image encryption for privacy-preserving deep neural networks,’’ in Proc. IEEE 8th Global Conf. Consum. Electron. (GCCE), Oct. 2019, pp.121–124 [18] W. Sirichotedumrong and H. Kiya, ‘‘Visual security evaluation of learnable image encryption methods against ciphertext-only attacks,’’ in Proc. Asia–Pacific Signal Inf. Process. Assoc. Annu. Summit Conf. (APSIPA ASC) Dec.2020, pp. 1304–1309. [19] Chang, A. H., & Case, B. M. (2020). Attacks on image encryption schemes for privacy-preserving deep neural networks. arXiv preprint arXiv:2004.13263. [20] Huang, Q. X., Yap, W. L., Chiu, M. Y., & Sun, H. M. (2022). Privacy-preserving deep learning with learnable image encryption on medical images. IEEE Access, 10, 66345-66355. [21] Krizhevsky, A., & Hinton, G. (2009). Learning multiple layers of features from tiny images. [22] 戴宏碩. (2006). 使用在彩色影像上的三邊雜訊濾波器之硬體架構設計. 臺灣師範大學應用電子科技研究所學位論文, 2006, 1-67. [23] Bromiley, P. (2003). Products and convolutions of Gaussian probability density functions. Tina-Vision Memo, 3(4), 1. [24] 繆紹綱. (2024). 數位影像處理, 全華圖書. [25] Schmidhuber, J. (2015). Deep learning in neural networks: An overview. Neural networks, 61, 85-117. [26] O'Shea, K. (2015). An introduction to convolutional neural networks. arXiv preprint arXiv:1511.08458. [27] K. He, X. Zhang, S. Ren and J. Sun, "Deep Residual Learning for Image Recognition," 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Las Vegas, NV, USA, 2016, pp. 770-778, doi:10.1109/CVPR.2016.90. [28] Tan, M., & Le, Q. (2019, May). Efficientnet: Rethinking model scaling for convolutional neural networks. In International conference on machine learning (pp. 6105-6114). PMLR. [29] Pishchik, E. (2023). Trainable Activations for Image Classification. Preprints. https://doi.org/10.20944/preprints202301.0463.v1 [30] Choi, Y., Uh, Y., Yoo, J., & Ha, J. W. (2020). Stargan v2: Diverse image synthesis for multiple domains. In Proceedings of the IEEE/CVF conference on computer vision and pattern recognition (pp. 8188-8197). [31] Deng, J., Dong, W., Socher, R., Li, L. J., Li, K., & Fei-Fei, L. (2009, June). Imagenet: A large-scale hierarchical image database. In 2009 IEEE conference on computer vision and pattern recognition (pp. 248-255). Ieee.
Description:	碩士國立政治大學資訊科學系 112971003
Source URI:	http://thesis.lib.nccu.edu.tw/record/#G0112971003
Data Type:	thesis
Appears in Collections:	[資訊科學系] 學位論文

Files in This Item:

File	Size	Format
100301.pdf	4426Kb	Adobe PDF	0	View/Open

All items in 政大典藏 are protected by copyright, with all rights reserved.

社群 sharing

著作權政策宣告 Copyright Announcement

1.本網站之數位內容為國立政治大學所收錄之機構典藏，無償提供學術研究與公眾教育等公益性使用，惟仍請適度，合理使用本網站之內容，以尊重著作權人之權益。商業上之利用，則請先取得著作權人之授權。
The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

2.本網站之製作，已盡力防止侵害著作權人之權益，如仍發現本網站之數位內容有侵害著作權人權益情事者，請權利人通知本網站維護人員(nccur@nccu.edu.tw)，維護人員將立即採取移除該數位著作等補救措施。
NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.

DSpace Software Copyright © 2002-2004 MIT & Hewlett-Packard / Enhanced by NTU Library IR team Copyright © - Feedback