Least privilege learning for attribute obfuscation

Research output: Chapter in Book/Report/Conference proceedingConference contribution

32 Downloads (Pure)

Abstract

As machine learning systems become ever more prevalent in everyday life, the need to secure such systems is becoming a critically important area in cybersecurity research. In this work, we address the “feature misuse” attack vector, where the features output by a model are abused to perform a function that they were not originally designed for, such as determining a person’s gender in a facial verification system. To mitigate this, we take the security concept of “least privilege”, where a system can only access resources it explicitly needs to complete its task, and apply it to training deep neural networks. This “least privilege learning” ensures features do not contain information regarding protected attributes that are superfluous to the primary task, reducing the potential attack surface for feature misuse and reducing undesired information leakage. In this paper, we present two main contributions. Firstly, a novel training paradigm that enables least privilege learning by obfuscating protected attributes in verification and re-identification scenarios. Secondly, a comprehensive evaluation framework for models trained with least privilege learning, encompassing multiple datasets and three application settings: verification, re-identification, and attribute prediction.
Original languageEnglish
Title of host publicationProceedings of the 6th Asian Conference on Pattern Recognition
PublisherSpringer
Pages142-156
Number of pages15
ISBN (Electronic)9783031024443
ISBN (Print)9783031024436
DOIs
Publication statusPublished - 10 May 2022
EventAsian Conference on Pattern Recognition - Jeju Island, Korea, Democratic People's Republic of
Duration: 09 Nov 202112 Nov 2021
Conference number: 6
http://brain.korea.ac.kr/acpr/

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume13189
ISSN (Print)0302-9743

Conference

ConferenceAsian Conference on Pattern Recognition
Abbreviated titleACPR
Country/TerritoryKorea, Democratic People's Republic of
Period09/11/202112/11/2021
Internet address

Fingerprint

Dive into the research topics of 'Least privilege learning for attribute obfuscation'. Together they form a unique fingerprint.

Cite this