<p>This page displays the records of the person named above and is not linked to a unique person identifier. This record may need to be merged to a profile.</p>
Event cameras are bio-inspired sensors that asynchronously measure per-pixel brightness changes, offering lower power consumption and higher temporal resolution than conventional frame cameras. These properties make them suitable for privacy-sensitive applications, such as visual localisation in AR/VR systems, where client-server architectures are used to offload computationally expensive processing from resource-limited edge devices. However, transmitting visual data to a service provider introduces privacy risks. Kim et al. propose a privacy-preserving visual localisation method that assumes an honest-but-curious service provider, but acknowledge that their approach is insufficient against a more capable attacker that can, for example, extract raw event data directly. This paper addresses this limitation by encrypting raw event camera data using the algorithm described by Zhang et al., for which no implementation was previously available. The algorithm is implemented within the visual localisation pipeline of Kim et al. and evaluated on the EvRooms dataset. The theoretical and practical effectiveness of the encryption is analysed, and improvements to the original algorithm are proposed and tested. The impact on both privacy preservation and localisation performance is measured. The paper shows that the polarity-mapping step in the implemented encryption algorithm is a powerful event data obfuscation process while still allowing retrieval of the original data. However, this process is currently not dependent on a key, which makes the algorithm not secure according to Kerckhoffs's principle. Further research should explore encryption algorithms that employ key-dependent polarity mapping. The code used in this research can be found on GitHub.
...
Event cameras are bio-inspired sensors that asynchronously measure per-pixel brightness changes, offering lower power consumption and higher temporal resolution than conventional frame cameras. These properties make them suitable for privacy-sensitive applications, such as visual localisation in AR/VR systems, where client-server architectures are used to offload computationally expensive processing from resource-limited edge devices. However, transmitting visual data to a service provider introduces privacy risks. Kim et al. propose a privacy-preserving visual localisation method that assumes an honest-but-curious service provider, but acknowledge that their approach is insufficient against a more capable attacker that can, for example, extract raw event data directly. This paper addresses this limitation by encrypting raw event camera data using the algorithm described by Zhang et al., for which no implementation was previously available. The algorithm is implemented within the visual localisation pipeline of Kim et al. and evaluated on the EvRooms dataset. The theoretical and practical effectiveness of the encryption is analysed, and improvements to the original algorithm are proposed and tested. The impact on both privacy preservation and localisation performance is measured. The paper shows that the polarity-mapping step in the implemented encryption algorithm is a powerful event data obfuscation process while still allowing retrieval of the original data. However, this process is currently not dependent on a key, which makes the algorithm not secure according to Kerckhoffs's principle. Further research should explore encryption algorithms that employ key-dependent polarity mapping. The code used in this research can be found on GitHub.
Facial recognition systems pose significant privacy risks, encouraging the development of generative adversarial evasion methods, such as AMT-GAN and Adv-CPG. While effective on clean, high-resolution RGB images, it remains unknown whether facial protection methods are still effective under the reconstruction pipeline of event-based cameras. This research investigates the privacy-naturalness trade-off of applying adversarial makeup to event-reconstructed faces. CelebV-HQ video clips were converted to event streams, reconstructed into grayscale images using E2VID under different thresholds, and evaluated for Attack Success Rate (ASR) and Structural Similarity (SSIM). The results reveal the following: the event-reconstruction process reduced AMT-GAN’s protection effectiveness, dropping mean ASR across four white-box models. A contrast-threshold ablation indicated this reduction is a direct result of the event-generation process itself, rather than just data loss from sparse event streams. Furthermore, a qualitative evaluation of Adv-CPG showed serious identity over-shifting and mode collapse, failing to maintain the structural diversity of the reconstructed face-image inputs. Finally, this research shows that current RGB-based adversarial protections are highly sensitive to domain shifts and fail to provide appropriate privacy for event-reconstructed vision. The scripts and jobs used in this paper can be found in the public repository: https://github.com/MateiOpr/research-project
...
Facial recognition systems pose significant privacy risks, encouraging the development of generative adversarial evasion methods, such as AMT-GAN and Adv-CPG. While effective on clean, high-resolution RGB images, it remains unknown whether facial protection methods are still effective under the reconstruction pipeline of event-based cameras. This research investigates the privacy-naturalness trade-off of applying adversarial makeup to event-reconstructed faces. CelebV-HQ video clips were converted to event streams, reconstructed into grayscale images using E2VID under different thresholds, and evaluated for Attack Success Rate (ASR) and Structural Similarity (SSIM). The results reveal the following: the event-reconstruction process reduced AMT-GAN’s protection effectiveness, dropping mean ASR across four white-box models. A contrast-threshold ablation indicated this reduction is a direct result of the event-generation process itself, rather than just data loss from sparse event streams. Furthermore, a qualitative evaluation of Adv-CPG showed serious identity over-shifting and mode collapse, failing to maintain the structural diversity of the reconstructed face-image inputs. Finally, this research shows that current RGB-based adversarial protections are highly sensitive to domain shifts and fail to provide appropriate privacy for event-reconstructed vision. The scripts and jobs used in this paper can be found in the public repository: https://github.com/MateiOpr/research-project
Event-based cameras are often considered more privacy preserving than conventional RGB cameras because they don’t capture full image frames, colour, or texture. Nonetheless, their raw event streams might still encode structural information about the recorded scene. This paper questions this assumption and investigates this privacy concern experimentally by converting raw events into direct event representations and evaluating whether machine-learning models can recover semantic, spatial, and motion structure without explicit image reconstruction. Three forms of leakage are studied: semantic leakage through segmentation, spatial layout leakage through depth estimation, and motion leakage through optical flow estimation. All experiments are mainly based on DSEC dataset. As an extension dataset, PEDRo is used to investigate human-specific semantic leakage. The segmentation experiments show that semantic leakage is present but uneven: large and persistent driving scene regions such as road and background are recovered more reliably than sparse human regions in DSEC, while PEDRo shows clearer leakage of approximate human location through human-box segmentation. The depth estimation experiment shows that event representations preserve enough geometric information for a pretrained model to recover coarse scene depth. The optical flow experiment further outlines that event streams preserve recoverable motion information, since a pretrained event-based model can estimate dense motion patterns from the data. These findings highlight that event cameras don’t guarantee privacy by sensor design alone and that privacy in event-based vision depends on the representation, temporal window, task, model, and dataset. The segmentation code used in this project is available at https://github.com/ilincamaria03/event_camera_segmentation.
...
Event-based cameras are often considered more privacy preserving than conventional RGB cameras because they don’t capture full image frames, colour, or texture. Nonetheless, their raw event streams might still encode structural information about the recorded scene. This paper questions this assumption and investigates this privacy concern experimentally by converting raw events into direct event representations and evaluating whether machine-learning models can recover semantic, spatial, and motion structure without explicit image reconstruction. Three forms of leakage are studied: semantic leakage through segmentation, spatial layout leakage through depth estimation, and motion leakage through optical flow estimation. All experiments are mainly based on DSEC dataset. As an extension dataset, PEDRo is used to investigate human-specific semantic leakage. The segmentation experiments show that semantic leakage is present but uneven: large and persistent driving scene regions such as road and background are recovered more reliably than sparse human regions in DSEC, while PEDRo shows clearer leakage of approximate human location through human-box segmentation. The depth estimation experiment shows that event representations preserve enough geometric information for a pretrained model to recover coarse scene depth. The optical flow experiment further outlines that event streams preserve recoverable motion information, since a pretrained event-based model can estimate dense motion patterns from the data. These findings highlight that event cameras don’t guarantee privacy by sensor design alone and that privacy in event-based vision depends on the representation, temporal window, task, model, and dataset. The segmentation code used in this project is available at https://github.com/ilincamaria03/event_camera_segmentation.
Event-based cameras—sensors that asynchronously record pixel-level brightness changes rather than full image frames—are often assumed to be privacy-preserving due to their sparse visual output. This thesis investigates how physical sensor configurations, including temporal bandwidth, contrast thresholds, leak noise, and spatial resolution, affect the trade-off between data utility and biometric privacy risk. We introduce a cross-domain evaluation framework that measures identity leakage using reconstructed event streams and a frozen pre-trained face recognition model. Our results show that event streams retain sufficient facial structure for accurate identification. We further identify a privacy paradox in which reducing temporal bandwidth increases attacker performance by denoising the signal, while background leak noise effectively disrupts reconstruction and lowers identification accuracy. Privacy effectiveness also varies substantially with subject motion, and the apparent benefits of resolution scaling are largely explained by domain mismatch. Overall, the findings suggest that static sensor configurations cannot guarantee anonymity, highlighting the need for threat-aware sensor design and adaptive privacy safeguards. The code used in this research is available at: [https://github.com/Stunner070/research-project-bsc-cse-tudelft](https://github.com/Stunner070/research-project-bsc-cse-tudelft).
...
Event-based cameras—sensors that asynchronously record pixel-level brightness changes rather than full image frames—are often assumed to be privacy-preserving due to their sparse visual output. This thesis investigates how physical sensor configurations, including temporal bandwidth, contrast thresholds, leak noise, and spatial resolution, affect the trade-off between data utility and biometric privacy risk. We introduce a cross-domain evaluation framework that measures identity leakage using reconstructed event streams and a frozen pre-trained face recognition model. Our results show that event streams retain sufficient facial structure for accurate identification. We further identify a privacy paradox in which reducing temporal bandwidth increases attacker performance by denoising the signal, while background leak noise effectively disrupts reconstruction and lowers identification accuracy. Privacy effectiveness also varies substantially with subject motion, and the apparent benefits of resolution scaling are largely explained by domain mismatch. Overall, the findings suggest that static sensor configurations cannot guarantee anonymity, highlighting the need for threat-aware sensor design and adaptive privacy safeguards. The code used in this research is available at: [https://github.com/Stunner070/research-project-bsc-cse-tudelft](https://github.com/Stunner070/research-project-bsc-cse-tudelft).
Event cameras are increasingly deployed in privacy-sensitive applications such as surveillance, autonomous vehicles, and human-computer interaction. Unlike conventional cameras, they record only per-pixel brightness changes as a sparse, asynchronous stream of events, making them efficient and potentially privacy-preserving. However, reconstruction models such as E2VID can recover recognizable facial images from event streams, undermining this assumption. This paper investigates whether simple perturbations applied directly to raw event streams can reduce face identifiability while preserving reconstruction quality. Three perturbation methods are compared: polarity flipping, spatial jitter, and event insertion and deletion. Each method is evaluated across multiple strength levels on 300 face video clips from the CelebV-HQ dataset, converted to synthetic events using v2e. Reconstruction quality is measured using PSNR, SSIM, and LPIPS, while face identifiability is measured using FaceNet re-identification. The implementation is available at GitHub repository.
...
Event cameras are increasingly deployed in privacy-sensitive applications such as surveillance, autonomous vehicles, and human-computer interaction. Unlike conventional cameras, they record only per-pixel brightness changes as a sparse, asynchronous stream of events, making them efficient and potentially privacy-preserving. However, reconstruction models such as E2VID can recover recognizable facial images from event streams, undermining this assumption. This paper investigates whether simple perturbations applied directly to raw event streams can reduce face identifiability while preserving reconstruction quality. Three perturbation methods are compared: polarity flipping, spatial jitter, and event insertion and deletion. Each method is evaluated across multiple strength levels on 300 face video clips from the CelebV-HQ dataset, converted to synthetic events using v2e. Reconstruction quality is measured using PSNR, SSIM, and LPIPS, while face identifiability is measured using FaceNet re-identification. The implementation is available at GitHub repository.