SocialGuard: An adversarial example based privacy-preserving technique for social images

People are always interested in sharing photos on social platforms. However, undesirable privacy leakage may occur due to such online photo sharing. Advanced deep neural network (DNN) based object detectors can easily steal users’ personal information exposed in shared photos. In this paper, we propose a novel adversarial example based privacy-preserving technique for social images against object detectors-based privacy stealing. Specifically, we propose an Object Disappearance Algorithm to craft two kinds of adversarial social images to fool the object detector. One can hide all the objects in the social images from being detected by an object detector, and the other can make the customized sensitive objects be misclassified by the object detector. Experimental results show that, the proposed method can effectively protect the privacy of social images, while the quality of these images is not affected. The privacy-preserving success rates of the proposed method on MS-COCO and PASCAL VOC 2007 datasets are high up to 96.1% and 99.3%, respectively, and the privacy leakage rates on these two datasets are as low as 0.57% and 0.07%, respectively. Compared with common image processing methods (low brightness, noise, blur, mosaic and JPEG compression) and the existing work, the proposed method can achieve much more powerful performance in protecting the privacy of social images, while not affecting the quality of social images.