Privacy-Preserving Representations are not Enough: Recovering Scene Content from Camera Poses

Result code in IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F23%3A00371977" target="_blank" >RIV/68407700:21230/23:00371977 - isvavai.cz</a>

Alternative codes found

RIV/68407700:21730/23:00371977

Result on the web

<a href="https://doi.org/10.1109/CVPR52729.2023.01262" target="_blank" >https://doi.org/10.1109/CVPR52729.2023.01262</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/CVPR52729.2023.01262" target="_blank" >10.1109/CVPR52729.2023.01262</a>

Result language

angličtina

Original language name

Privacy-Preserving Representations are not Enough: Recovering Scene Content from Camera Poses

Original language description

Visual localization is the task of estimating the camera pose from which a given image was taken and is central to several 3D computer vision applications. With the rapid growth in the popularity of AR/VR/MR devices and cloud based applications, privacy issues are becoming a very im portant aspect of the localization process. Existing work on privacy-preserving localization aims to defend against an attacker who has access to a cloud-based service. In this paper, we show that an attacker can learn about details of a scene without any access by simply querying a localization service. The attack is based on the observation that modern visual localization algorithms are robust to variations in ap pearance and geometry. While this is in general a desired property, it also leads to algorithms localizing objects that are similar enough to those present in a scene. An attacker can thus query a server with a large enough set of images of objects, e.g., obtained from the Internet, and some of them will be localized. The attacker can thus learn about object placements from the camera poses returned by the service (which is the minimal information returned by such a ser vice). In this paper, we develop a proof-of-concept version of this attack and demonstrate its practical feasibility. The attack does not place any requirements on the localization algorithm used, and thus also applies to privacy-preserving representations. Current work on privacy-preserving repre sentations alone is thus insufficient.

Czech name

—

Czech description

—

Type

D - Article in proceedings

CEP classification

—

OECD FORD branch

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Project

Result was created during the realization of more than one project. More information in the Projects tab.

Continuities

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Publication year

2023

Confidentiality

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Article name in the collection

Proceedings of 2023 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)

ISBN

979-8-3503-0129-8

ISSN

1063-6919

e-ISSN

2575-7075

Number of pages

10

Pages from-to

13132-13141

Publisher name

IEEE Computer Society

Place of publication

USA

Event location

Vancouver

Event date

Jun 18, 2023

Type of event by nationality

WRD - Celosvětová akce

UT code for WoS article

001062522105043