Person re-identification (re-ID) has attracted much attention recently due to its great importance in video surveillance. In general, distance metrics used to identify two person images are expected to be robust under various appearance changes. However, our work observes the extreme vulnerability of existing distance metrics to adversarial examples, generated by simply adding human-imperceptible perturbations to person images. Hence, the security danger is dramatically increased when deploying commercial re-ID systems in video surveillance. Although adversarial examples have been extensively applied for classification analysis, it is rarely studied in metric analysis like person re-identification. The most likely reason is the natural gap between the training and testing of re-ID networks, that is, the predictions of a re-ID network cannot be directly used during testing without an effective metric. In this work, we bridge the gap by proposing Adversarial Metric Attack, a parallel methodology to adversarial classification attacks. Comprehensive experiments clearly reveal the adversarial effects in re-ID systems. Meanwhile, we also present an early attempt of training a metric-preserving network, thereby defending the metric against adversarial attacks. At last, by benchmarking various adversarial settings, we expect that our work can facilitate the development of adversarial attack and defense in metric-based applications.
Download full-text PDF |
Source |
---|---|
http://dx.doi.org/10.1109/TPAMI.2020.3031625 | DOI Listing |
Radiography (Lond)
January 2025
Department of Radiology, Charité Universitätsmedizin Berlin, Berlin, Germany; Berlin Institute of Health, Berlin, Germany.
Background: Facial recognition technology in medical imaging, particularly with head scans, poses privacy risks due to identifiable facial features. This study evaluates the use of facial recognition software in identifying facial features from head CT scans and explores a defacing pipeline using TotalSegmentator to reduce re-identification risks while preserving data integrity for research.
Methods: 1404 high-quality renderings from the UCLH EIT Stroke dataset, both with and without defacing were analysed.
Comput Methods Programs Biomed
December 2024
Data Science and Artificial Intelligence Lab, Singapore General Hospital, Singapore. Electronic address:
Background: Data sharing in healthcare is vital for advancing research and personalized medicine. However, the process is hindered by privacy, ethical, and legal challenges associated with patient data. Synthetic data generation emerges as a promising solution, replicating statistical properties of real data while enhancing privacy protection.
View Article and Find Full Text PDFBMC Med Inform Decis Mak
December 2024
Uppsala Monitoring Centre, Uppsala, Sweden.
Background: Automated recognition and redaction of personal identifiers in free text can enable organisations to share data while protecting privacy. This is important in the context of pharmacovigilance since relevant detailed information on the clinical course of events, differential diagnosis, and patient-reported reflections may often only be conveyed in narrative form. The aim of this study is to develop and evaluate a method for automated redaction of person names in English narrative text on adverse event reports.
View Article and Find Full Text PDFMed Image Anal
December 2024
University of Strasbourg, CAMMA, ICube, CNRS, INSERM, France; IHU Strasbourg, Strasbourg, France.
Accurate tool tracking is essential for the success of computer-assisted intervention. Previous efforts often modeled tool trajectories rigidly, overlooking the dynamic nature of surgical procedures, especially tracking scenarios like out-of-body and out-of-camera views. Addressing this limitation, the new CholecTrack20 dataset provides detailed labels that account for multiple tool trajectories in three perspectives: (1) intraoperative, (2) intracorporeal, and (3) visibility, representing the different types of temporal duration of tool tracks.
View Article and Find Full Text PDFSensors (Basel)
November 2024
Tsinghua Shenzhen International Graduate School, Tsinghua University, Shenzhen 518055, China.
Video-based pedestrian re-identification (Re-ID) is used to re-identify the same person across different camera views. One of the key problems is to learn an effective representation for the pedestrian from video. However, it is difficult to learn an effective representation from one single modality of a feature due to complicated issues with video, such as background, occlusion, and blurred scenes.
View Article and Find Full Text PDFEnter search terms and have AI summaries delivered each week - change queries or unsubscribe any time!