卷积神经网络的人脸隐私保护识别
摘 要
目的 近年来,随着人脸识别认证技术的发展及逐渐普及,大量人脸照片存放在第三方服务器上的现象十分普遍,如何对人脸进行隐私保护这个问题变得十分突出。方法 首先对人脸图像进行预处理,然后采用Arnold变换对人脸关键部位进行分块随机置乱,并将置乱结果图输入到深度卷积神经网络中。为了解决人脸照片在分块置乱时由于本身拍照角度的原因导致的分块不均等因素,在预处理时根据人眼进行特性点定位,再据此进行对齐处理,使得预处理后的照片人眼处于同一水平线。针对人脸隐私保护及加扰置乱后图像的识别,本文提出了基于分块随机加扰的深度卷积神经网络模型。不包含附加层,该模型网络结构由4个卷积层、3个池化层、1个全连接层和1个softmax回归层组成。服务器端通过深度神经网络模型直接对置乱后人脸图像进行验证识别。结果 该算法使服务器端全程不存储原始人脸模板,实现了对原始人脸图像的有效加扰保护。实验采用该T深度卷积神经网络对处理过后的ORL人脸库进行识别,最终识别准确率达到97.62%。同时通过多组对比实验,验证了本文方法的有效性。结论 与其他文献中手工提取特征并利用决策树和随机森林进行训练识别的方法相比,本文方法减少了人工提取特征的工作量,且具有高识别率。
关键词
Recognition of face privacy protection using convolutional neural networks
Zhang Jianwu1, Shen Wei1, Wu Zhendong2(1.School of Communication Engineering, Hangzhou Dianzi University, Hangzhou 310018, China;2.School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China) Abstract
Objective The development and popularization of face recognition authentication technology in recent years has made the storage of a large number of face photos in third-party servers highly common. Face recognition plays an important role in clothing, food, housing, and various industries, and moves from theoretical research to practical application of the "blowout period". However, faces are relatively open features compared to irises and fingerprints, and many people post selfies on various social platforms. Not only can you get face photos easily through the Internet, but you can also use a variety of image processing tools to fake faces. Thus, the protection of the privacy of face information has become prominent. At present, the research content in the field of face recognition focuses on directly recognizing face images, and there is a problem of privacy leakage; or the face image is encrypted and decrypted, but the encryption and decryption operation has the disadvantage of high computational complexity. Method To solve the problem of the unevenness of the face in a scrambled photo due to camera angles, this study preprocesses the face image as follows. First, we determine whether a given image contains a face. If a face does exist, then we find the border that contains the complete face. Next, we must locate the key points such as the nose and eyes, align the face images on the basis of these key point positions, and normalize them to the same size following the key mechanism of vision. That is, the human eye consistently sees the center of the photo first and then gradually moves to the last four corners. Then, the key parts of the face (eyes, ears, mouth, and nose) are scrambled and blocked by Arnold transform for a random number of times. Second, to achieve face privacy protection and image recognition after scrambling, this study proposes a deep convolutional neural network based on block random scrambling, which does not include an additional layer. The network structure of the model is composed of four convolutional layers, three pooling layers, one fully connected layer, and a softmax regression layer. The convolution kernel sizes of the four convolutional layers are 6×6, 3×3, 3×3, and 2×2. In the training phase, the preprocessed samples are divided into training sets and test sets. At the beginning of training, the convolution kernel parameters are randomly initialized to a small value, and small random numbers are used to ensure that the network does not enter a saturated state due to excessive weights. The training process is divided into the forward propagation and backward propagation phases. After the input passes by the multiple convolutional layers and pooling layers, it is transferred to the output layer. In the process, the input is actually multiplied by each layer of the weight matrix, and a calculation is performed to obtain the output result. The difference between the actual output and the ideal output is calculated in the backward propagation phase, and the weight is adjusted in reverse on the basis of the minimization error method. The server side directly verifies and recognizes the scrambled face image by the deep neural network model. Prior to transmission or storage on the server, the preprocessed and randomized scrambled images are encrypted, and the key is saved to further improve security. Then, the color histogram of the image will show a straight line. When identification is necessary and if a legal key is available, it can be correctly restored to the previous state to perform the identification operation. Result This algorithm enables the server to not store the original face template throughout the entire process, thereby achieving effective scrambling protection of the original face image. Using the block random scrambling proposed in this paper, a higher recognition rate can be obtained. Further considering the security problem, the image after random scrambling is twice encrypted and the key is saved before being transmitted or stored in the server. The experiment uses this deep convolutional neural network to identify the ORL face database, and the final recognition accuracy rate reaches 97.62%. Concurrently, the effectiveness of the proposed method is verified by multiple sets of comparative experiments. The face of the original image before processing has a strong correlation with adjacent pixels. After the pixel position is scrambled, the pixel points of the key positions of the face have a uniform distribution trend on the whole image, and the correlation is obviously weakened. Thus, the algorithm has a good effect on hiding the pixel points of the face. Conclusion Compared with other methods that are used to manually extract features and methods based on decision trees and random forest for training recognition in the literature, the proposed method reduces the workload of manually extracting features and retains a higher recognition rate. From the experimental results, the Arnold random parameter scrambling on the block image effectively reduces the correlation of the ciphertext image, and still maintains a high recognition rate for deep neural network recognition. This paper also uses the chaotic map encryption method for secondary encryption. The results show that the correlation of ciphertext images is further reduced, which not only enhances the protection of face privacy, but also has strong robustness to the image recognition after scrambling transformation.
Keywords
face recognition authentication convolutional neural network Arnold transform face alignment face privacy protection
|