A Privacy Preserving Method with a Random Orthogonal Matrix for ConvMixer Models
This addresses privacy concerns for users of image classification systems, but it is incremental as it builds on existing ConvMixer models and encryption techniques.
The paper tackles privacy protection in image classification by encrypting test images with a random orthogonal matrix and transforming a ConvMixer model accordingly, achieving the same classification accuracy as non-private models and improved robustness against attacks.
In this paper, a privacy preserving image classification method is proposed under the use of ConvMixer models. To protect the visual information of test images, a test image is divided into blocks, and then every block is encrypted by using a random orthogonal matrix. Moreover, a ConvMixer model trained with plain images is transformed by the random orthogonal matrix used for encrypting test images, on the basis of the embedding structure of ConvMixer. The proposed method allows us not only to use the same classification accuracy as that of ConvMixer models without considering privacy protection but to also enhance robustness against various attacks compared to conventional privacy-preserving learning.