面向加密数据的安全图像分类模型研究综述

A Survey on Encrypted Image Recognition Models

自2012年AlexNet模型提出以来,图像分类技术研究进入了深度学习时代.模型分类能力的提高使得技术的实际应用变得普及,许多企业将图像分类与云计算等技术结合,为用户提供各类便捷服务.但是模型的广泛使用带来了巨大的图像数据隐私泄漏风险.这一问题严重阻碍了图像分类技术的应用与发展.为此研究人员尝试将同态加密和安全多方计算等密码学技术与图像分类模型相结合,设计隐私保护方案.由于引入隐私保护会对模型的可用性(执行速度和分类精度)造成影响,因此兼顾安全性与可用性成为研究重点.本文对基于加密技术的图像分类模型隐私保护研究进行了全面调研,介绍了常用密码学技术的原理和适用性;依据模型使用场景的不同将问题分为模型推理和训练两类,对每一类问题当前的研究进展进行了详细介绍,比较了不同方案的特点和效果.最后基于当前研究的不足与难点,对本问题未来的研究方向做了展望.

Since the introduction of the AlexNet in 2012,the research for image recognition has entered the era of deep learning.The improvement of the model’s ability has made the application of image recognition popular.Many companies deploy image recognition models with cloud computing to provide users various convenient services.However,the widespread use of models has brought generous image data leakage risks,which seriously hinders the application and development of image recognition technology.To this end,researchers have tried to combine cryptography,such as homomorphic encryption and secure multi-party computation,with image recognition models to design privacy-preserving schemes.The introduction of privacy-preserving technology affects the usability of models(computational efficiency and classification accuracy),therefore,balancing security and usability becomes a research hotspot.In this paper,a comprehensive survey on encryption based privacy protection for image classification is given,and the principles and applicability of various cryptographic techniques are introduced.According to different application scenarios of the model,the problems are divided into two types:model inference and training.The current research progress is described in detail according to these two types of problems.Finally,according to the shortcomings and difficulties of the current research,several future research directions are proposed.