StegEdge: Privacy protection of unknown sensitive attributes in edge intelligence via deception

Jianfeng Zhang, Wensheng Zhang, Jingdong Xu
{"title":"StegEdge: Privacy protection of unknown sensitive attributes in edge intelligence via deception","authors":"Jianfeng Zhang, Wensheng Zhang, Jingdong Xu","doi":"10.3233/jcs-220042","DOIUrl":null,"url":null,"abstract":"Due to the limited capabilities of user devices, such as smart phones, and the Internet of Things (IoT), edge intelligence is being recognized as a promising paradigm to enable effective analysis of the data generated by these devices with complex artificial intelligence (AI) models, and it often entails either fully or partially offloading the computation of neural networks from user devices to edge computing servers. To protect users’ data privacy in the process, most existing researches assume that the private (sensitive) attributes of user data are known in advance when designing privacy-protection measures. This assumption is restrictive in real life, and thus limits the application of these methods. Inspired by the research in image steganography and cyber deception, in this paper, we propose StegEdge, a conceptually novel approach to this challenge. StegEdge takes as input the user-generated image and a randomly selected “cover” image that does not pose any privacy concern (e.g., downloaded from the Internet), and extracts the features such that the utility tasks can still be conducted by the edge computing servers, while potential adversaries seeking to reconstruct/recover the original user data or analyze sensitive attributes from the extracted features sent from users to the server, will largely acquire information of the cover image. Thus, users’ data privacy is protected via a form of deception. Empirical results conducted on the CelebA and ImageNet datasets show that, at the same level of accuracy for utility tasks, StegEdge reduces the adversaries’ accuracy of predicting sensitive attributes by up to 38% compared with other methods, while also defending against adversaries seeking to reconstruct user data from the extracted features.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"J. Comput. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3233/jcs-220042","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Due to the limited capabilities of user devices, such as smart phones, and the Internet of Things (IoT), edge intelligence is being recognized as a promising paradigm to enable effective analysis of the data generated by these devices with complex artificial intelligence (AI) models, and it often entails either fully or partially offloading the computation of neural networks from user devices to edge computing servers. To protect users’ data privacy in the process, most existing researches assume that the private (sensitive) attributes of user data are known in advance when designing privacy-protection measures. This assumption is restrictive in real life, and thus limits the application of these methods. Inspired by the research in image steganography and cyber deception, in this paper, we propose StegEdge, a conceptually novel approach to this challenge. StegEdge takes as input the user-generated image and a randomly selected “cover” image that does not pose any privacy concern (e.g., downloaded from the Internet), and extracts the features such that the utility tasks can still be conducted by the edge computing servers, while potential adversaries seeking to reconstruct/recover the original user data or analyze sensitive attributes from the extracted features sent from users to the server, will largely acquire information of the cover image. Thus, users’ data privacy is protected via a form of deception. Empirical results conducted on the CelebA and ImageNet datasets show that, at the same level of accuracy for utility tasks, StegEdge reduces the adversaries’ accuracy of predicting sensitive attributes by up to 38% compared with other methods, while also defending against adversaries seeking to reconstruct user data from the extracted features.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
边缘情报中未知敏感属性的欺骗隐私保护
由于智能手机等用户设备和物联网(IoT)的功能有限,边缘智能被认为是一种有前途的范例,可以通过复杂的人工智能(AI)模型对这些设备生成的数据进行有效分析,并且通常需要将神经网络的计算从用户设备全部或部分卸载到边缘计算服务器。为了在此过程中保护用户的数据隐私,现有的研究大多在设计隐私保护措施时假设用户数据的隐私(敏感)属性是预先已知的。这种假设在现实生活中是有限制的,因此限制了这些方法的应用。受图像隐写术和网络欺骗研究的启发,在本文中,我们提出了一种概念新颖的方法StegEdge来应对这一挑战。StegEdge将用户生成的图像和随机选择的不存在任何隐私问题的“封面”图像(例如从互联网上下载的)作为输入,并提取特征,使边缘计算服务器仍然可以执行实用任务,而潜在的攻击者试图重建/恢复原始用户数据或从用户发送给服务器的提取特征中分析敏感属性,将在很大程度上获取封面图像的信息。因此,用户的数据隐私通过欺骗的形式得到保护。在CelebA和ImageNet数据集上进行的实证结果表明,在相同的实用任务精度水平下,与其他方法相比,StegEdge将攻击者预测敏感属性的准确性降低了38%,同时还可以防止攻击者试图从提取的特征中重建用户数据。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Data privacy in the Internet of Things based on anonymization: A review A mutation-based approach for the formal and automated analysis of security ceremonies StegEdge: Privacy protection of unknown sensitive attributes in edge intelligence via deception IsaNet: A framework for verifying secure data plane protocols A review on cloud security issues and solutions
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1