2
0
mirror of https://github.com/Shawn-Shan/fawkes.git synced 2024-11-09 13:41:31 +05:30
fawkes/README.md

82 lines
3.0 KiB
Markdown
Raw Normal View History

Fawkes
------
2021-03-07 12:09:19 +05:30
:warning: Check out our MacOS/Windows Software on our official [webpage](https://sandlab.cs.uchicago.edu/fawkes/#code).
2021-01-27 04:41:14 +05:30
2021-03-07 12:09:19 +05:30
Fawkes is a privacy protection system developed by researchers at [SANDLab](https://sandlab.cs.uchicago.edu/),
University of Chicago. For more information about the project, please refer to our
project [webpage](https://sandlab.cs.uchicago.edu/fawkes/). Contact us at fawkes-team@googlegroups.com.
2020-07-27 05:50:24 +05:30
2021-03-07 12:09:19 +05:30
We published an academic paper to summarize our
work "[Fawkes: Protecting Personal Privacy against Unauthorized Deep Learning Models](https://www.shawnshan.com/files/publication/fawkes.pdf)"
at *USENIX Security 2020*.
2020-07-15 06:04:51 +05:30
Copyright
---------
2021-03-07 12:09:19 +05:30
This code is intended only for personal privacy protection or academic research.
2020-07-15 06:04:51 +05:30
Usage
-----
`$ fawkes`
Options:
2021-03-07 12:09:19 +05:30
* `-m`, `--mode` : the tradeoff between privacy and perturbation size. Select from `low`, `mid`, `high`. The
higher the mode is, the more perturbation will add to the image and provide stronger protection.
2020-07-30 09:32:34 +05:30
* `-d`, `--directory` : the directory with images to run protection.
* `-g`, `--gpu` : the GPU id when using GPU for optimization.
2021-03-07 12:09:19 +05:30
* `--batch-size` : number of images to run optimization together. Change to >1 only if you have extremely powerful
compute power.
* `--format` : format of the output image (png or jpg).
2020-06-29 06:52:27 +05:30
### Example
2020-06-29 06:52:27 +05:30
2020-07-30 09:31:36 +05:30
`fawkes -d ./imgs --mode min`
### Tips
2021-03-07 12:09:19 +05:30
- The perturbation generation takes ~60 seconds per image on a CPU machine, and it would be much faster on a GPU
machine. Use `batch-size=1` on CPU and `batch-size>1` on GPUs.
- Run on GPU. The current Fawkes package and binary does not support GPU. To use GPU, you need to clone this repo, install
the required packages in `setup.py`, and replace tensorflow with tensorflow-gpu. Then you can run Fawkes
by `python3 fawkes/protection.py [args]`.
2020-07-14 05:36:33 +05:30
2020-08-01 22:47:10 +05:30
![](http://sandlab.cs.uchicago.edu/fawkes/files/obama.png)
2020-08-01 22:44:27 +05:30
2021-03-07 12:09:19 +05:30
### How do I know my images are secure?
We are actively working on this. Python scripts that can test the protection effectiveness will be ready shortly.
Quick Installation
------------------
2020-07-27 01:17:03 +05:30
Install from [PyPI](https://pypi.org/project/fawkes/):
```
pip install fawkes
```
If you don't have root privilege, please try to install on user namespace: `pip install --user fawkes`.
2020-09-30 08:31:54 +05:30
Academic Research Usage
-----------------------
2021-03-07 12:09:19 +05:30
For academic researchers, whether seeking to improve fawkes or to explore potential vunerability, please refer to the
following guide to test Fawkes.
2020-07-14 05:36:05 +05:30
2021-03-07 12:09:19 +05:30
To protect a class in a dataset, first move the label's image to a seperate location and run Fawkes. Please
use `--debug` option and set `batch-size` to a reasonable number (i.e 16, 32). If the images are already cropped and
aligned, then also use the `no-align` option.
2020-07-14 05:36:05 +05:30
2020-06-29 06:52:27 +05:30
### Citation
2021-03-07 12:09:19 +05:30
2020-06-29 06:52:27 +05:30
```
@inproceedings{shan2020fawkes,
title={Fawkes: Protecting Personal Privacy against Unauthorized Deep Learning Models},
author={Shan, Shawn and Wenger, Emily and Zhang, Jiayun and Li, Huiying and Zheng, Haitao and Zhao, Ben Y},
2021-01-31 13:58:02 +05:30
booktitle={Proc. of {USENIX} Security},
2020-06-29 06:52:27 +05:30
year={2020}
}
```