The Bright and Dark Sides of Computer Vision:
Challenges and Opportunities for Privacy and Security
(CV-COPS 2018)


Salt Lake City, Utah — Friday June 22, 2018

In conjunction with the 2018 IEEE Conference on Computer Vision and Pattern Recognition

News and Updates

  • May 15: We are now accepting student travel grant applications. Please see the application for details.
  • May 1: Preliminary program is posted! We are delighted to welcome Terrance Boult, Ian Goodfellow, and Jacob Steinhardt as invited speakers.
  • Mar 31: Extended abstract deadline is now April 15.
  • Mar 7: Due to several requests, we've extended the full paper submission deadline until March 20.
  • Feb 9: Call for papers released! Please consider submitting a full paper or extended abstract.
  • Dec 4: Workshop accepted at CVPR! We'll post more details here soon.

Overview

Computer vision is finally working in the real world, but what are the consequences on privacy and security? For example, recent work shows that vision algorithms can spy on smartphone keypresses from meters away, steal information from inside homes via hacked cameras, exploit social media to de-anonymize blurred faces, and reconstruct images from features like SIFT. Vision could also enhance privacy and security, for example through assistive devices for people with disabilities, phishing detection techniques that incorporate visual features, and image forensic tools. Some technologies present both challenges and opportunities: biometrics techniques could enhance security but may be spoofed, while surveillance systems enhance safety but create potential for abuse.

We need to understand the potential threats and opportunities of vision to avoid creating detrimental societal effects and/or facing public backlash. Following up on last year's very successful workshop at CVPR 2017, this workshop will continue to explore the intersection between computer vision and security and privacy to address these issues.

Call for Papers and Extended Abstracts

We welcome original research papers and extended abstracts on topics including, but not limited to:

  • Computer vision-based security and privacy attacks
  • Biometric spoofing, defenses and liveness detection
  • Impact of ubiquitous cameras on society
  • Captchas and other visual Turing tests for online security
  • Privacy of visual data
  • Privacy-preserving visual features and representations
  • Reversibility of image transformations
  • Secure/encrypted computer vision and image processing
  • Wearable camera privacy
  • Attacks against computer vision systems
  • Copyright violation detection
  • Counterfeit and forgery detection
  • Privacy implications of large-scale visual social media
  • Other relevant topics


Research papers should contain original, unpublished research, and be 4-8 pages (excluding references). Research papers will be published in the CVPR Workshop Proceedings and archived on IEEE eXplore and the Computer Vision Foundation websites.

Extended abstracts about preliminary, ongoing or published work should be up to 2 pages (including references). Extended abstracts will be published and archived on this website.

All submissions should be anonymized and will undergo double-blind peer review. Papers and abstracts must be formatted according to the CVPR guidelines and submitted via the Conference Management Toolkit website. Accepted submissions will be invited for oral or poster presentation at the workshop.

Full Paper Submission Deadline: March 9 March 20, 11:59PM Pacific Daylight Time (PDT), via CMT.
Author Notification Date: April 2
Extended Abstract Deadline: April 1 April 15, 11:59PM Pacific Daylight Time (PDT), via CMT.
Camera ready deadline: April 15, 11:59PM PDT

Invited Speakers

Terrance Boult

Terrance Boult
University of Colorado - Colorado Springs

Ian Goodfellow

Ian Goodfellow
Google Brain

Jacob Steinhardt

Jacob Steinhardt
Stanford University

Program

  • 9:00 - Welcome
  • 9:10 - Invited Talk: Provably Secure Machine Learning, Jacob Steinhardt (Stanford University)
  • 9:50 - Counterfeit and Forgery Detection
    • Discrete Cosine Transform Residual Feature based Filtering Forgery and Splicing Detection in JPEG Images
      Aniket Roy, Diangarti Tariang, Rajat Subhra Chakraborty, Ruchira Naskar
    • Forgery Detection in 3D-Sensor Images
      Noa Privman Horesh, Azmi Haider, Hagit Hel-Or
  • 10:30 - Break
  • 11:00 - Invited Talk: Avoiding the dark side: Enhancing privacy from faces to adversarial examples, Terrance Boult (UCCS)
  • 11:40 - Poster Spotlights
    • Towards Reverse-Engineering Black-Box Neural Networks
      Seong Joon Oh, Max Augustin, Bernt Schiele, Mario Fritz
      [ Extended Abstract ]
    • Generating Adversarial Images using Genetic Algorithm
      Keeyoung Kim, Simon S Woo
    • Chaos Theory meets deep learning: On Lyapunov exponents and adversarial perturbations
      Vinay Uday Prabhu
      [ Extended Abstract ]
    • (Almost) Data Agnostic Universal Adversarial Perturbations
      Valentin Khrulkov
    • On the Robustness of Semantic Segmentation Models to Adversarial Attacks
      Anurag Arnab, Ondrej Miksik, Philip Torr
      [ Extended Abstract ]
    • On the Robustness of the CVPR 2018 White-Box Adversarial Example Defenses
      Anish Athalye, Nicholas Carlini
      [ Extended Abstract ]
    • Boosting Adversarial Attacks with Momentum
      Yinpeng Dong, Fangzhou Liao, Tianyu Pang, Hang Su, Jun Zhu, Xiaolin Hu, Jianguo Li
      [ Extended Abstract ]
    • Deflecting Adversarial Attacks with Pixel Deflection
      Aaditya Prakash, Nick Moran, Solomon Garber, Antonella DiLillo, James Storer
      [ Extended Abstract ]
    • Robust Discriminative Localization Maps
      Aaditya Prakash, Nick Moran, Solomon Garber, Antonella DiLillo, James Storer
      [ Extended Abstract ]
    • Robust Physical-World Attacks on Deep Learning Visual Classification
      Kevin Eykholt, Ivan Evtimov, Earlence Fernandes, Bo Li, Amir Rahmati, Chaiowei Xiao, Atul Prakash, Tadayoshi Kohno, Dawn Song
    • Art-attack! On style transfers with textures, label categories and adversarial examples
      Vinay Uday Prabhu
      [ Extended Abstract ]
    • Seeing Voices and Hearing Faces: Cross-modal biometric matching
      Samuel Albanie, Arsha Nagrani, Andrew Zisserman
    • Learning to Anonymize Faces for Privacy Preserving Action Detection
      Zhongzheng Ren, Yong Jae Lee, Michael Ryoo
    • Siamese Generative Adversarial Privatizer for Biometric Data
      Witold Oleszkiewicz, Tomasz Włodarczyk, Karol Piczak, Tomasz Trzcinski, Peter Kairouz, Ram Rajagopal
      [ Extended Abstract ]
    • Fully-Coupled Two-Stream Spatiotemporal Networks for Extremely Low Resolution Action Recognition
      Mingze Xu, Aidean Sharghi, Xin Chen, David Crandall
      [ Extended Abstract ]
    • Fighting Fake News: Image Splice Detection via Learned Self-Consistency
      Jacob Huh, Andrew Liu, Andrew Owens, Alexei A. Efros
  • 12:10 - Break
  • 13:30 - Invited Talk: Ian Goodfellow (Google Brain)
  • 14:10 - Privacy
    • VGAN-Based Image Representation Learning for Privacy-Preserving Facial Expression Recognition
      Jiawei Chen, Janusz Konrad, Prakash Ishwar
    • Privacy-Preserving Indoor Localization via Active Scene Illumination
      Jinyuan Zhao, Natalia Frumkin, Janusz Konrad, Prakash Ishwar
    • Human perceptions of sensitive content in photos
      Yifang Li, Wyatt Troutman, Bart Knijnenburg, Kelly Caine
  • 15:10 - Poster Session and Afternoon Break
  • 16:00 - Attacks Against Computer Vision Systems
    • On Visible Adversarial Perturbations & Digital Watermarking
      Jaime Hayes
    • On the Suitability of Lp-norms for Creating and Preventing Adversarial Examples
      Mahmood Sharif, Lujo Bauer, Michael K. Reiter
    • Semantic Adversarial Examples
      Hossein Hosseini, Radha Poovendran
    • Convolutional Neural Networks for Iris Presentation Attack Detection: Toward Cross-Dataset and Cross-Sensor Generalization
      Steven Hoffman, Renu Sharma, Arun Ross
  • 17:20 - Closing Remarks

Organizers

David Crandall

David Crandall
Indiana University

Jan-Michael Frahm

Jan-Michael Frahm
University of North Carolina at Chapel Hill

Mario Fritz

Mario Fritz
CISPA Helmholtz Center i.G.

Apu Kapadia

Apu Kapadia
Indiana University

Vitaly Shmatikov

Vitaly Shmatikov
Cornell Tech

Program Committee

Eshan Adeli

Ehsan Adeli
Stanford University

Tousif Ahmed

Tousif Ahmed
Indiana University

Lujo Bauer

Lujo Bauer
Carnegie Mellon University

Vishnu Boddeti

Vishnu Boddeti
Michigan State University

Terrance Boult

Terrance Boult
University of Colorado - Colorado Springs

Karla Brkić

Karla Brkić
University of Zagreb

Ayan Chakrabarti

Ayan Chakrabarti
Washington University in St. Louis

Cunjian Chen

Cunjian Chen
Michigan State University

Moustapha Cissé

Moustapha Cissé
Facebook Artificial Intelligence Research

Anupam Das

Anupam Das
Carnegie Mellon University

Bill Freeman

Bill Freeman
Massachusetts Institute of Technology

Timnit Gebru

Timnit Gebru
Microsoft Research

Roberto Hoyle

Roberto Hoyle
Oberlin College

Suman Jana

Suman Jana
Columbia University

Sanjeev Koppal

Sanjeev Koppal
University of Florida

Ashwin Machanavajjhala

Ashwin Machanavajjhala
Duke University

Emanuela Marasco

Emanuela Marasco
George Mason University

Fabian Monrose

Fabian Monrose
University of North Carolina at Chapel Hill

Seong Joon Oh

Seong Joon Oh
MPI Informatics

Nicolas Papernot

Nicolas Papernot
Pennsylvania State University

True Price

True Price
University of North Carolina at Chapel Hill

Raymond Ptucha

Raymond Ptucha
Rochester Institute of Technology

Gang Qian

Gang Qian
ObjectVideo Labs

Michael Ryoo

Michael Ryoo
Indiana University

Karl Ricanek Jr.

Karl Ricanek Jr.
University of North Carolina at Wilmington

Yoichi Sato

Yoichi Sato
University of Tokyo

Luke Stark

Luke Stark
Dartmouth College

Qianru Sun

Qianru Sun
MPI Informatics

Robert Templeman

Robert Templeman
U.S. Navy

Tom Yeh

Tom Yeh
University of Colorado at Boulder

Ryo Yonetani

Ryo Yonetani
University of Tokyo