Anonymization Defense GUARD

The automotive industry, like many other industries, relies heavily on data-hungry AI systems, such as object detection, for achieving their goal. However, acquiring sufficient data for these systems raises concerns about privacy and data integrity.

Consequently, the industry is exploring methods for directly anonymizing data and removing identity information while preserving attribute information. Research and services already exist to tackle this challenge. 

Guard aims to investigate vulnerabilities in using facial manipulation-based anonymization methods such as FaceDancer (Rosberg, 2023). There is evidence that malicious  actors can train adversarial AI models to reconstruct the original identity, in the event of adversarial attacks, causing the anonymization model to fail. In the context of cyber-security, we emphasize the need for identifying necessary defense measures against various types of attacks, such as reconstruction or adversarial attacks. 

The GUARD project builds on the results and findings from the MIDAS project.