The Bright and Dark
Sides of Computer Vision:
Challenges and Opportunities for Privacy and Security
(CV-COPS 2019)
Long Beach, CA — Sunday June 16, 2019
In conjunction with the 2019 IEEE Conference on Computer Vision and Pattern Recognition
Overview
Computer vision is finally working in the real world, but what are the consequences on privacy and security? For example, recent work shows that vision algorithms can spy on smartphone keypresses from meters away, steal information from inside homes via hacked cameras, exploit social media to de-anonymize blurred faces, and reconstruct images from features like SIFT. Vision could also enhance privacy and security, for example through assistive devices for people with disabilities, phishing detection techniques that incorporate visual features, and image forensic tools. Some technologies present both challenges and opportunities: biometrics techniques could enhance security but may be spoofed, while surveillance systems enhance safety but create potential for abuse.
We need to understand the potential threats and opportunities of vision to avoid creating detrimental societal effects and/or facing public backlash. Following up on last year's very successful workshops at CVPR 2017, and CVPR 2018, this workshop will continue to explore the intersection between computer vision and security and privacy to address these issues.
Call for Papers and Extended Abstracts
We welcome original research papers and extended abstracts on topics including, but not limited to:
- Computer vision-based security and privacy attacks
- Biometric spoofing, defenses and liveness detection
- Impact of ubiquitous cameras on society
- Captchas and other visual Turing tests for online security
- Privacy of visual data
- Privacy-preserving visual features and representations
- Reversibility of image transformations
- Secure/encrypted computer vision and image processing
- Wearable camera privacy
- Attacks against computer vision systems
- Copyright violation detection
- Counterfeit and forgery detection
- Privacy implications of large-scale visual social media
- Other relevant topics
Research papers should contain original, unpublished research,
and be 4-8 pages (excluding
references).
Research papers will be published in the CVPR Workshop
Proceedings and archived on IEEE eXplore and the Computer Vision Foundation websites.
Extended abstracts about preliminary, ongoing or published work should be up to 2 pages (including references). Extended abstracts will be published and archived on this website.
All submissions should be anonymized and will undergo double-blind peer review. Papers and abstracts must be formatted according to the CVPR guidelines and submitted via the Conference Management Toolkit website. Accepted submissions will be invited for oral or poster presentation at the workshop.
Full Paper Submission Deadline: March 28th (firm deadline - no extensions possible).
Full Paper Author Notification Date: April 15th.
Full Paper Camera Ready Deadline: April 18th.
Extended Abstract Submission Deadline:
April 12th. April 14th.
Invited Speakers
Nicolas Papernot
Google
Brain, Vector Institute
Emiliano De Cristofaro
University College London
Suman Jana
Columbia University
Program
- 7:30 - Breakfast
- 8:55 - Welcome
- 9:00 - Invited Talk: Membership and Property Inference Attacks against Machine Learning Models, Emiliano De Cristofaro (UCL)
- 9:40 - Oral Presentations
- RRU-Net: The Ringed Residual U-Net for Image Splicing Forgery
Detection (poster #131)
Xiuli Bi, Yang Wei, Bin Xiao, Weisheng Li - Bag-of-Lies: A Multimodal Dataset for Deception Detection (poster #132)
Viresh Gupta, Mohit Agarwal, Manik Arora, Tanmoy Chakraborty, Richa Singh, Mayank Vatsa
- RRU-Net: The Ringed Residual U-Net for Image Splicing Forgery
Detection (poster #131)
- 10:10 - Coffee Break
- 10:45 - Oral Presentations
- Privacy-Preserving Action Recognition using Coded Aperture Videos (poster #133)
Zihao Wang, Vibhav Vineet, Francesco Pittaluga, Sudipta Sinha, Oliver Cossairt, Sing Bing Kang
- AnonymousNet: Natural Face De-Identification with Measurable Privacy (poster #134)
Tao Li, Lei Lin, Fengqing Maggie Zhu, Chris Clifton
- Privacy-Preserving Annotation of Face Images through Attribute-Preserving Face Synthesis (poster #135)
Sola Shirai, Jacob Whitehill
- Privacy Preserving Group Membership Verification and Identification (poster #136)
Marzieh Gheisari, Teddy Furon, Laurent Amsaleg
- DP-CGAN : Differentially Private Synthetic Data and Label Generation (poster #137)
Reihaneh Torkzadeh Mahani, Peter Kairouz, Benedict Paten
- Privacy-Preserving Action Recognition using Coded Aperture Videos (poster #133)
- 12:00 - Lunch
- 13:30 - Invited Talk: Towards formally verifying neural networks, Suman Jana (Columbia University)
- 14:10 - Poster Session: Extended Abstracts
- Decentralized Learning of GANs from Multi-Client Non-iid Data [pdf] (poster #138)
Ryo Yonetani, Atsushi Hashimoto, Yoshitaka Ushiku
- On the Robustness Human Pose Estimation [pdf] (poster #139)
Naman Jain, Sahil H Shah, Abhishek Sharma, Arjun Jain
- Blind Visual Motif Removal from a Single Image [pdf] (poster #140)
Amir Hertz, Sharon Fogel, Rana Hanocka, Raja Giryes, Daniel Cohen-Or
- Towards Self-Enforcing Privacy Protection for Surveillance System [pdf] (poster #141)
Kok Seng Wong, Anuar Maratkhan, Tu Nguyen, Fatih M Demirci
- VizWiz-Priv: A Dataset for Recognizing the Presence and Purpose of Private Visual Information in Images Taken by Blind People [pdf] (poster #142)
Danna Gurari, Chi Lin, Yinan Zhao, Anhong Guo, Abigale Stangl, Jeffrey Bigham
- Hiding in Plain Strokes: Handwriting and Applications to Steganography [pdf] (poster #143)
James Hahn, Adriana Kovashka
- Reconstructing Network Inputs with Additive Perturbation Signatures [pdf] (poster #144)
Nick Moran, Chiraag Juvekar
- Image Obfuscation with Quantifiable Privacy [pdf] (poster #145)
Liyue Fan
- Knockoff Nets: Stealing Functionality of Black-Box Models [pdf] (poster #146)
Tribhuvanesh Orekondy, Bernt Schiele, Mario Fritz
- On the Sensitivity of Adversarial Robustness to Input Data Distributions [pdf] (poster #147)
Gavin Weiguang Ding
- Secure Face Matching Using Fully Homomorphic Encryption [pdf] (poster #148)
Vishnu Boddeti
- MaxEnt-ARL: Mitigating Information Leakage in Image Representations [pdf] (poster #149)
Proteek Roy, Vishnu Boddeti
- Understanding Adversarial Robustness Through Loss Landscape Geometries [pdf] (poster #150)
Joyce Xu, Dian Ang Yap, Vinay Uday Prabhu
- Detection of Adversarial Inputs through Entropy of Saliency Maps [pdf] (poster #151)
Dian Ang Yap, Joyce Xu, Vinay Uday Prabhu
- Updates-Leak: Data Set Inference and Reconstruction Attacks in Online Learning [pdf] (poster #152)
Ahmed Salem, Apratim Bhattacharyya, Michael Backes, Mario Fritz, Yang Zhang
- Decentralized Learning of GANs from Multi-Client Non-iid Data [pdf] (poster #138)
- 15:00 - Oral Presentations
- Defending Against Adversarial Attacks Using Random Forest (poster #153)
Yifan Ding, Liqiang Wang, Huan Zhang, Jinfeng Yi, Deliang Fan, Boqing Gong
- Towards Deep Neural Network Training based on Encrypted Data (poster #154)
Karthik Nandakumar, Nalini Ratha, Sharath Pankanti, Shai Halevi
- Defending Against Adversarial Attacks Using Random Forest (poster #153)
- 15:30 - Coffee Break
- 16:00 - Invited Talk: A Marauder's Map of Security and Privacy in Machine Learning, Nicolas Papernot (Google Brain, Vector Institute)
- 16:40 - Oral Presentations
- Fooling automated surveillance cameras: adversarial patches to attack person detection (poster #155)
Simen Thys, Wiebe Van Ranst, Toon Goedemé
- Dropping Pixels for Adversarial Robustness (poster #156)
Hossein Hosseini, Sreeram Kannan, Radha Poovendran
- Evading Face Recognition via Partial Adversarial Tampering (poster #157)
Puspita Majumdar, Akshay Agarwal, Richa Singh, Mayank Vatsa
- Regularizer to Mitigate Gradient Masking Effect during Single-Step Adversarial Training (poster #158)
Vivek B S, Arya Baburaj, Venkatesh Babu Radhakrishnan
- Fooling automated surveillance cameras: adversarial patches to attack person detection (poster #155)
- 17:40 - Closing Remarks
Organizers
David Crandall
Indiana University
Jan-Michael Frahm
University
of North Carolina at Chapel Hill
Mario Fritz
CISPA
Helmholtz Center for Information Security
Apu Kapadia
Indiana University
Vitaly Shmatikov
Cornell Tech
Program Committee
Ehsan Adeli
Stanford
University
Tousif Ahmed
Indiana
University
Vishnu Boddeti
Michigan
State University
Karla Brkić
University of Zagreb
Ayan Chakrabarti
Washington University in St. Louis
Cunjian Chen
Michigan
State University
Kathrin Grosse
CISPA
Rakibul
Hasan
Indiana University
Roberto Hoyle
Oberlin College
Sanjeev
Koppal
University of Florida
Emanuela
Marasco
George Mason University
Tempestt Neal
University
of South Florida
Seong
Joon Oh
Clova AI Research, Naver
Tribhuvanesh
Orekondy
Max Planck Institute for Informatics
True Price
University
of North Carolina at Chapel Hill
Raymond Ptucha
Rochester
Institute of Technology
Gang
Qian
ObjectVideo Labs
Michael Ryoo
Google
Brain and Indiana
University
Yoichi Sato
University of Tokyo
David
Stutz
Max Planck Institute for Informatics
Qianru
Sun
National University of Singapore
Tomasz
Trzcinski
Warsaw University of Technology
Tom Yeh
University of
Colorado at Boulder
Ryo Yonetani
OMRON
SINIC X