On Privacy Preserving Anonymization of Finger-Selfies
14 Jun 2020-pp 120-128
TL;DR: It is demonstrated that this could potentially lead to matching finger-selfies with livescan fingerprints, and a new publicly available Social-Media Posted Finger-selfie (SMPF) Database, containing 1,000 finger- selfie images posted on Instagram is proposed.
Abstract: With the availability of smartphone cameras, high speed internet, and connectivity to social media, users post content on the go including check-ins, text, and images. Privacy leaks due to posts related to check-ins and text is an issue in itself, however, this paper discusses the potential leak of one’s biometric information via images posted on social media. While posting photos of themselves or highlighting miniature objects, users end up posting content that leads to an irreversible loss of biometric information such as ocular region, fingerprint, knuckle print, and ear print. In this paper, we discuss the effect of the loss of the finger-selfie details from social media. We demonstrate that this could potentially lead to matching finger-selfies with livescan fingerprints. Further, to prevent the leak of the finger-selfie details, we propose privacy preserving adversarial learning algorithm. The algorithm learns a perturbation to prevent the misuse of finger-selfie towards recognition, yet keeping the visual quality intact to highlight the minuscule object. The experiments are presented on the ISPFDv1 database. Further, we propose a new publicly available Social-Media Posted Finger-selfie (SMPF) Database, containing 1,000 finger-selfie images posted on Instagram.
Citations
More filters
TL;DR: In this article, the state-of-the-art in the field of touchless 2D fingerprint recognition at each stage of the recognition process is summarized and technical considerations and trade-offs of the presented methods along with open issues and challenges.
Abstract: Touchless fingerprint recognition represents a rapidly growing field of research which has been studied for more than a decade Through a touchless acquisition process, many issues of touch-based systems are circumvented, eg, the presence of latent fingerprints or distortions caused by pressing fingers on a sensor surface However, touchless fingerprint recognition systems reveal new challenges In particular, a reliable detection and focusing of a presented finger as well as an appropriate preprocessing of the acquired finger image represent the most crucial tasks Also, further issues, eg, interoperability between touchless and touch-based fingerprints or presentation attack detection, are currently investigated by different research groups Many works have been proposed so far to put touchless fingerprint recognition into practice Published approaches range from self identification scenarios with commodity devices, eg, smartphones, to high performance on-the-move deployments paving the way for new fingerprint recognition application scenariosThis work summarizes the state-of-the-art in the field of touchless 2D fingerprint recognition at each stage of the recognition process Additionally, technical considerations and trade-offs of the presented methods are discussed along with open issues and challenges An overview of available research resources completes the work
27 citations
03 Jun 2020
TL;DR: An algorithm which comprises segmentation, enhancement, Deep Scattering Network based feature extraction, and Random Decision Forest to authenticate finger-selfies is proposed and results and comparison with existing algorithms show the efficacy of the proposed algorithm.
Abstract: With the advancements in technology, smartphones’ capabilities have increased immensely. For instance, the smartphone cameras are being used for face and ocular biometric-based authentication. This research proposes finger-selfie based authentication mechanism, which uses a smartphone camera to acquire a selfie of a finger. In addition to personal device-level authentication, finger-selfies may also be matched with livescan fingerprints present in the legacy/national ID databases for remote or touchless authentication. We propose an algorithm which comprises segmentation, enhancement, Deep Scattering Network based feature extraction, and Random Decision Forest to authenticate finger-selfies. This paper also presents one of the largest finger-selfie database with over 19, 400 images. The images in the IIIT-D Smartphone Finger-selfie Database v2 are captured using multiple smartphones and include variations due to background, illumination, resolution, and sensors. Results and comparison with existing algorithms show the efficacy of the proposed algorithm which yields equal error rates in the range of 2.1 – 5.2% for different experimental protocols.
23 citations
Cites background from "On Privacy Preserving Anonymization..."
...[26] showed the need for privacy preservation of finger-selfies on social media....
[...]
TL;DR: This systematic literature mapping study indicates that anonymization of EHR data is theoretically achievable; yet, it requires more research efforts in practical implementations to balance privacy preservation and usability to ensure more reliable health care applications.
Abstract: Background: Data science offers an unparalleled opportunity to identify new insights into many aspects of human life with recent advances in health care. Using data science in digital health raises significant challenges regarding data privacy, transparency, and trustworthiness. Recent regulations enforce the need for a clear legal basis for collecting, processing, and sharing data, for example, the European Union’s General Data Protection Regulation (2016) and the United Kingdom’s Data Protection Act (2018). For health care providers, legal use of the electronic health record (EHR) is permitted only in clinical care cases. Any other use of the data requires thoughtful considerations of the legal context and direct patient consent. Identifiable personal and sensitive information must be sufficiently anonymized. Raw data are commonly anonymized to be used for research purposes, with risk assessment for reidentification and utility. Although health care organizations have internal policies defined for information governance, there is a significant lack of practical tools and intuitive guidance about the use of data for research and modeling. Off-the-shelf data anonymization tools are developed frequently, but privacy-related functionalities are often incomparable with regard to use in different problem domains. In addition, tools to support measuring the risk of the anonymized data with regard to reidentification against the usefulness of the data exist, but there are question marks over their efficacy.
Objective: In this systematic literature mapping study, we aim to alleviate the aforementioned issues by reviewing the landscape of data anonymization for digital health care.
Methods: We used Google Scholar, Web of Science, Elsevier Scopus, and PubMed to retrieve academic studies published in English up to June 2020. Noteworthy gray literature was also used to initialize the search. We focused on review questions covering 5 bottom-up aspects: basic anonymization operations, privacy models, reidentification risk and usability metrics, off-the-shelf anonymization tools, and the lawful basis for EHR data anonymization.
Results: We identified 239 eligible studies, of which 60 were chosen for general background information; 16 were selected for 7 basic anonymization operations; 104 covered 72 conventional and machine learning–based privacy models; four and 19 papers included seven and 15 metrics, respectively, for measuring the reidentification risk and degree of usability; and 36 explored 20 data anonymization software tools. In addition, we also evaluated the practical feasibility of performing anonymization on EHR data with reference to their usability in medical decision-making. Furthermore, we summarized the lawful basis for delivering guidance on practical EHR data anonymization.
Conclusions: This systematic literature mapping study indicates that anonymization of EHR data is theoretically achievable; yet, it requires more research efforts in practical implementations to balance privacy preservation and usability to ensure more reliable health care applications.
15 citations
TL;DR: An overview of research in the context of authentication applications spanning physiological, behavioral, and social-behavioral biometric systems and their privacy considerations is discussed, and three categories of biometric de-identification are introduced.
Abstract: Biometric de-identification is an emerging topic of research within the information security domain that integrates privacy considerations with biometric system development. A comprehensive overview of research in the context of authentication applications spanning physiological, behavioral, and social-behavioral biometric systems and their privacy considerations is discussed. Three categories of biometric de-identification are introduced, namely complete de-identification, auxiliary biometric preserving de-identification, and traditional biometric preserving de-identification. An overview of biometric de-identification in emerging domains such as sensor-based biometrics, social behavioral biometrics, psychological user profile identification, and aesthetic-based biometrics is presented. The article concludes with open questions and provides a rich avenue for subsequent explorations of biometric de-identification in the context of information privacy.
11 citations
Cites background from "On Privacy Preserving Anonymization..."
...[46] proposed an adversarial learning-based perturbation algorithm, which modified the fingerprint of the finger-selfie....
[...]
...[46] 2020 Fingerprint Shape Prevent fingerprint recognition but shape preserved ISPFDv1, SMPF Fully unrecognizable...
[...]
TL;DR: In this paper, a method based on generative adversarial networks (GANs) was proposed to generate novel images with high visual realism, in which all the biometric information associated with an individual in the iris region has been removed and replaced.
Abstract: The very high recognition accuracy of iris-based biometric systems and the increasing distribution of high-resolution personal images on websites and social media are creating privacy risks that users and the biometric community have not yet addressed properly. Biometric information contained in the iris region can be used to automatically recognize individuals even after several years, potentially enabling pervasive identification, recognition, and tracking of individuals without explicit consent. To address this issue, this paper presents two main contributions. First, we demonstrate, through practical examples, that the risk associated with iris-based identification by means of images collected from public websites and social media is real. Second, we propose an innovative method based on generative adversarial networks (GANs) that can automatically generate novel images with high visual realism, in which all the biometric information associated with an individual in the iris region has been removed and replaced. We tested the proposed method on an image dataset composed of high-resolution portrait images collected from the web. The results show that the generated deidentified images significantly reduce the privacy risks and, in most cases, are indistinguishable from real samples.
5 citations
References
More filters
TL;DR: The solution provided in this paper includes a formal protection model named k-anonymity and a set of accompanying policies for deployment and examines re-identification attacks that can be realized on releases that adhere to k- anonymity unless accompanying policies are respected.
Abstract: Consider a data holder, such as a hospital or a bank, that has a privately held collection of person-specific, field structured data. Suppose the data holder wants to share a version of the data with researchers. How can a data holder release a version of its private data with scientific guarantees that the individuals who are the subjects of the data cannot be re-identified while the data remain practically useful? The solution provided in this paper includes a formal protection model named k-anonymity and a set of accompanying policies for deployment. A release provides k-anonymity protection if the information for each person contained in the release cannot be distinguished from at least k-1 individuals whose information also appears in the release. This paper also examines re-identification attacks that can be realized on releases that adhere to k- anonymity unless accompanying policies are respected. The k-anonymity protection model is important because it forms the basis on which the real-world systems known as Datafly, µ-Argus and k-Similar provide guarantees of privacy protection.
7,925 citations
"On Privacy Preserving Anonymization..." refers background in this paper
...Majority of these algorithms are based on the concept of k−anonymity [23] where the attributes of an individual cannot be distinguished from at least k − 1 other individuals....
[...]
23 Jun 2014
TL;DR: This work revisits both the alignment step and the representation step by employing explicit 3D face modeling in order to apply a piecewise affine transformation, and derive a face representation from a nine-layer deep neural network.
Abstract: In modern face recognition, the conventional pipeline consists of four stages: detect => align => represent => classify. We revisit both the alignment step and the representation step by employing explicit 3D face modeling in order to apply a piecewise affine transformation, and derive a face representation from a nine-layer deep neural network. This deep network involves more than 120 million parameters using several locally connected layers without weight sharing, rather than the standard convolutional layers. Thus we trained it on the largest facial dataset to-date, an identity labeled dataset of four million facial images belonging to more than 4, 000 identities. The learned representations coupling the accurate model-based alignment with the large facial database generalize remarkably well to faces in unconstrained environments, even with a simple classifier. Our method reaches an accuracy of 97.35% on the Labeled Faces in the Wild (LFW) dataset, reducing the error of the current state of the art by more than 27%, closely approaching human-level performance.
6,132 citations
"On Privacy Preserving Anonymization..." refers methods in this paper
...The idea is inspired from DeepFace, where the locally connected layer learns different set of filters for every location in the feature map [25]....
[...]
20 Jun 2005
TL;DR: The idea is to learn a function that maps input patterns into a target space such that the L/sub 1/ norm in the target space approximates the "semantic" distance in the input space.
Abstract: We present a method for training a similarity metric from data. The method can be used for recognition or verification applications where the number of categories is very large and not known during training, and where the number of training samples for a single category is very small. The idea is to learn a function that maps input patterns into a target space such that the L/sub 1/ norm in the target space approximates the "semantic" distance in the input space. The method is applied to a face verification task. The learning process minimizes a discriminative loss function that drives the similarity metric to be small for pairs of faces from the same person, and large for pairs from different persons. The mapping from raw to the target space is a convolutional network whose architecture is designed for robustness to geometric distortions. The system is tested on the Purdue/AR face database which has a very high degree of variability in the pose, lighting, expression, position, and artificial occlusions such as dark glasses and obscuring scarves.
3,870 citations
"On Privacy Preserving Anonymization..." refers background in this paper
...Siamese CNNs [3] have shown excellent performance on image [14] and biometric recognition [22]....
[...]
...It has two CNNs sharing the same network structure and weights, and input consists of match and non-match image pairs....
[...]
Posted Content•
TL;DR: In this paper, the Deep IDentification-verification features (DeepID2) are learned with carefully designed deep convolutional networks to reduce intra-personal variations while enlarging inter-personal differences.
Abstract: The key challenge of face recognition is to develop effective feature representations for reducing intra-personal variations while enlarging inter-personal differences. In this paper, we show that it can be well solved with deep learning and using both face identification and verification signals as supervision. The Deep IDentification-verification features (DeepID2) are learned with carefully designed deep convolutional networks. The face identification task increases the inter-personal variations by drawing DeepID2 extracted from different identities apart, while the face verification task reduces the intra-personal variations by pulling DeepID2 extracted from the same identity together, both of which are essential to face recognition. The learned DeepID2 features can be well generalized to new identities unseen in the training data. On the challenging LFW dataset, 99.15% face verification accuracy is achieved. Compared with the best deep learning result on LFW, the error rate has been significantly reduced by 67%.
1,556 citations
TL;DR: A new privacy-enabling algorithm is presented, named k-Same, that guarantees face recognition software cannot reliably recognize deidentified faces, even though many facial details are preserved.
Abstract: In the context of sharing video surveillance data, a significant threat to privacy is face recognition software, which can automatically identify known people, such as from a database of drivers' license photos, and thereby track people regardless of suspicion. This paper introduces an algorithm to protect the privacy of individuals in video surveillance data by deidentifying faces such that many facial characteristics remain but the face cannot be reliably recognized. A trivial solution to deidentifying faces involves blacking out each face. This thwarts any possible face recognition, but because all facial details are obscured, the result is of limited use. Many ad hoc attempts, such as covering eyes, fail to thwart face recognition because of the robustness of face recognition methods. This work presents a new privacy-enabling algorithm, named k-Same, that guarantees face recognition software cannot reliably recognize deidentified faces, even though many facial details are preserved. The algorithm determines similarity between faces based on a distance metric and creates new faces by averaging image components, which may be the original image pixels (k-Same-Pixel) or eigenvectors (k-Same-Eigen). Results are presented on a standard collection of real face images with varying k.
504 citations
"On Privacy Preserving Anonymization..." refers background in this paper
...In the literature, researchers have proposed several algorithms [2, 7, 8, 12, 18] to anonymize private and sensitive data....
[...]