Adversarial Data Encryption
This addresses the dilemma of data sharing for organizations, particularly in medical scenarios, by enabling secure communication while preventing machine learning-based data leakage.
The paper tackles the problem of secure data sharing by proposing an adversarial data encryption method that makes encrypted data appear identical to the original for humans but misleading for machine learning, with results showing that encrypted medical images can be used for diagnosis by doctors but not by ML methods.
In the big data era, many organizations face the dilemma of data sharing. Regular data sharing is often necessary for human-centered discussion and communication, especially in medical scenarios. However, unprotected data sharing may also lead to data leakage. Inspired by adversarial attack, we propose a method for data encryption, so that for human beings the encrypted data look identical to the original version, but for machine learning methods they are misleading. To show the effectiveness of our method, we collaborate with the Beijing Tiantan Hospital, which has a world leading neurological center. We invite $3$ doctors to manually inspect our encryption method based on real world medical images. The results show that the encrypted images can be used for diagnosis by the doctors, but not by machine learning methods.