S. Cheung

Abstract:Wide-area visual sensor networks are becoming more and more common. They have wide-range of commercial and military applications from video surveillance to smart home and from traffic monitoring to anti-terrorism. The design of such a visual sensor network is a challenging problem due to the complexity of the environment, self and mutual occlusion of moving objects, diverse sensor properties and a myriad of performance metrics for different applications. As such, there is a need to develop a flexible sensor-planning framework that can incorporate all the aforementioned modeling details, and derive the sensor configuration that simultaneously optimizes the target performance and minimizes the cost. We have been tackling this optimal sensor problem by developing a general visibility model for visual sensor networks and solving the optimization problem via Binary Integer Programming (BIP) [1], [2]. Our proposed visibility model supports arbitrary-shaped 3D environments and incorporates realistic camera models, occupant traffic models, self occlusion and mutual occlusion. Another area of growing concerns in widespread deployment and increased sophistication of video sensor networks is their threat to individuals right of privacy. Privacy protection technologies developed thus far have focused mainly on different visual obfuscation techniques but no comprehensive solution has yet been proposed. We have been developing a prototype system for privacy-protected video sensor networks that advances the state-of-the-art in three different areas: First, after identifying the individuals whose privacy needs to be protected, a fast and effective video in-painting algorithm is applied to erase individuals images as a means of privacy protection [3]. Second, to authenticate this modification, a novel rate-distortion optimized datahiding scheme is used to embed the extracted private information into the modified video [4]. While keeping the modified video standard-compliant, our data hiding scheme allows the original data to be retrieved with proper authentication. Third, we view the original video as a private property of the individuals in it and develop a secure infrastructure similar to a Digital Rights Management system that allows individuals to selectively grant access to their privacy information [5], [6]. The security of the distributed computation itself within a video sensor network is also highly important, especially if it is deployed in hostile environments such as battlefields or correctional facilities. Individual sensors can be comprised by attackers to obtain useful information or even disrupt the normal operations of the network. While simple scrambling or encryption can protect the signal in transit, the signal must be fully decrypted before any processing can be performed and a malicious receiver can easily obtain sensitive information. We have considered a number of linear algorithmic building blocks for secure distributed image processing that partition information into sensitive and non-sensitive components, and only non-sensitive components are shared with other sensors [7], [8]. While these techniques are computationally efficient, there is a leakage of information which might not be tolerable in some applications. Recently, we have begun to apply cryptographical primitives to enhance security in many signal processing algorithms [9]. The proper use of cryptographical primitives can provide provable guarantee on privacy in the processing of multimedia data. On the other hand, this is a very challenging problem because typical video sensor applications are characterized by the need of processing high-dimensional data at a very high data rate with real or close to real-time response. In [10], we have developed a distributed iris biometric access control system with the matching process carried out entirely in encrypted domain. Using our system, the server can verify if the input probe is similar to any entries in the gallery but will not be able to pinpoint which entries so as to protect user anonymity. In [11], we further extend the concept and incorporate a new framework based on k-anonymity to provide a controllable trade-off of privacy and computational efficiency.