Secure Dual Network for Reversible Facial Image Anonymization Through the Latent Space Manipulation
<p>The schematic diagram of the proposed SDN for re-ID.</p> "> Figure 2
<p>SDN’s systematic structure looked at from the viewpoints of subnetworks and functional modules.</p> "> Figure 3
<p>The detailed structures and hyperparameters of each layer within the SDN’s subnetworks are depicted in <a href="#electronics-13-04398-f002" class="html-fig">Figure 2</a>.</p> "> Figure 4
<p>The conceptual schematic diagram of the operational logic and the information flows of the proposed Dual Inference Process.</p> "> Figure 5
<p>The comparison of the anonymization process’s quantitative evolution results between the SDN and benchmarked works regarding ID-distance concerning various testing datasets [<a href="#B15-electronics-13-04398" class="html-bibr">15</a>,<a href="#B21-electronics-13-04398" class="html-bibr">21</a>,<a href="#B22-electronics-13-04398" class="html-bibr">22</a>,<a href="#B38-electronics-13-04398" class="html-bibr">38</a>,<a href="#B39-electronics-13-04398" class="html-bibr">39</a>].</p> "> Figure 6
<p>The comparison of the anonymization process’s quantitative evolution results between the SDN and benchmarked works regarding SPR concerning various testing datasets [<a href="#B15-electronics-13-04398" class="html-bibr">15</a>,<a href="#B21-electronics-13-04398" class="html-bibr">21</a>,<a href="#B22-electronics-13-04398" class="html-bibr">22</a>,<a href="#B38-electronics-13-04398" class="html-bibr">38</a>,<a href="#B39-electronics-13-04398" class="html-bibr">39</a>].</p> "> Figure 7
<p>The SDN generated surrogate faces’ snapshots using the style-related attribute Hair color and the password as the evaluated multi-attribute combinations.</p> "> Figure 8
<p>The visual comparison of polluted situations in the synthesized images between competing systems, including CIAGAN [<a href="#B43-electronics-13-04398" class="html-bibr">43</a>], MfM [<a href="#B25-electronics-13-04398" class="html-bibr">25</a>], Cao et al. [<a href="#B44-electronics-13-04398" class="html-bibr">44</a>], and our SDN.</p> "> Figure 9
<p>The successful de-ID/re-ID Rates.</p> "> Figure 10
<p>The above snapshots examine the impacts of 1-bit difference passwords on a given anonymized image with varying degrees of smiling attributes, which “a<sub>1</sub>–a<sub>6</sub>” are the abbreviations for “anonymized image 1–anonymized image 6”.</p> "> Figure 11
<p>Block diagram of the proposed Latent Space Manipulation Module and how it is used to find the shifting guidance for a target latent space manipulation.</p> "> Figure 12
<p>Block diagram of the proposed Latent Space Manipulation Module and how it is used to complete the desired manipulation by adding the shifting guidance in the latent space.</p> "> Figure 13
<p>The snapshots of the SDN manipulated results concerning varying degrees of style-related attributes (upper: Smiling, middle: Mustache, and bottom: Mouth Open).</p> "> Figure 14
<p>The snapshots of the SDN manipulated results concerning varying degrees of the identity-face-related attributes, and we take gender as a testing target.</p> "> Figure 15
<p>Using the same input image, the visual comparison of polluted situations in the synthesized images among competing systems, including CIAGAN, MfM, and SDN.</p> "> Figure 16
<p>Total time consumption across three different datasets: (<b>a</b>) FaceScrub [<a href="#B4-electronics-13-04398" class="html-bibr">4</a>], (<b>b</b>) CASIA [<a href="#B5-electronics-13-04398" class="html-bibr">5</a>], and (<b>c</b>) CelebA-HQ [<a href="#B6-electronics-13-04398" class="html-bibr">6</a>].</p> ">
Abstract
:1. Introduction
2. Related Work
2.1. Facial De-Identification and Facial Re-Identification
2.2. The Deep Face Generation
3. The Proposed Approach
- The characteristics of the network architecture.
- The disentangled efficacy of the designed algorithm and the adopted loss functions.
- The analysis of cost function design from the information-theoretic point of view.
3.1. The SDN’s Architecture
3.1.1. The Components of SDN
3.1.2. The Architecture Perspective of SDN
3.1.3. The Dual Inference Process of SDN
Algorithm 1: The procedures and the pseudo-codes of the proposed SDN. |
Input: A set of face images with face identity labels and multiple face-related attributes Network Architecture: The Encoder , Decoder , Discriminator , and the Feature Extractor/Classifier Operation: Conduct network training for iterations Output: the SDN Model
|
3.2. The Disentangle Efficacy of the Designed Algorithm
- (a)
- Anonymization process
- (b)
- De-anonymization process
4. Analyzing the Cost Functions Involved in SDN Using Information Theory
5. Experimental Materials and the Chosen Benchmarking Methods
5.1. The Training Datasets and Evaluation Metrics
5.2. The Benchmarking Methods
6. Experimental Results and Latent Space Manipulation Analysis
6.1. The Anonymization and De-Anonymization Performances of the SDN
6.2. Latent Space Manipulation Analyses
7. The Ablation Study
8. Conclusions
- Introducing an NN-based privacy protection solution that is both reversible and controllable, allowing for facial images to be anonymized and de-anonymized as needed;
- Using dual inference theory to ensure better realism of the de-ID image without any pre-trained/auxiliary model to enhance its applicability in practice;
- Providing techniques to handle unseen images (which need to be de-ID’d and have never appeared in the training dataset) during the inference process;
- Enforcing the protective function of the agent face generator to output different anonymized facial identities associated with different passwords;
- Achieving maximum feature distance between an anonymized face and its de-anonymized version, even when multi-attribute combinations are incorrect;
- Based on information theory, we analyze the physical meanings of the cost functions used in our development.
Author Contributions
Funding
Data Availability Statement
Conflicts of Interest
References
- Fabrègue, B.F.G.; Bogoni, A. Privacy and Security Concerns in the Smart City. Smart Cities 2023, 6, 586–613. [Google Scholar] [CrossRef]
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the Protection of Natural Persons with Regard to the Processing of Personal Data and on the Free Movement of Such Data, and Repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA Relevance) (OJ L 119 04.05.2016). p. 1. Available online: http://data.europa.eu/eli/reg/2016/679/oj (accessed on 18 May 2018).
- Morić, Z.; Dakic, V.; Djekic, D.; Regvart, D. Protection of Personal Data in the Context of E-Commerce. J. Cybersecur. Priv. 2024, 4, 731–761. [Google Scholar] [CrossRef]
- Ng, H.W.; Winkler, S. A Data-driven Approach to Cleaning Large Face Datasets. In Proceedings of the IEEE International Conference on Image Processing (ICIP), Paris, France, 27–30 October 2014; pp. 343–347. [Google Scholar]
- Yi, D.; Lei, Z.; Liao, S.; Li, S.Z. Learning Face Representation from Scratch. arXiv 2014, arXiv:1411.7923. [Google Scholar]
- Liu, Z.; Luo, P.; Wang, X.; Tang, X. Deep Learning Face Attributes in the Wild. In Proceedings of the International Conference on Computer Vision (ICCV), Santiago, Chile, 7–13 December 2015. [Google Scholar]
- Ren, Z.; Lee, Y.J.; Ryoo, M.S. Learning to anonymize faces for privacy-preserving action detection. In Proceedings of the European Conference on Computer Vision (ECCV), Munich, Germany, 8–14 September 2018; pp. 620–636. [Google Scholar]
- Boyle, M.; Edwards, C.; Greenberg, S. The Effects of Filtered Video on Awareness and Privacy. In Proceedings of the ACM Conference on Computer Supported Cooperative Work, Philadelphia, PA, USA, 2–6 December 2000; pp. 1–10. [Google Scholar]
- Neustaedter, C.; Greenberg, S.; Boyle, M. Blur Filtration Fails to Preserve Privacy for Home-Based Video Conferencing. ACM Trans. Comput. Hum. Interact. 2006, 13, 1–36. [Google Scholar] [CrossRef]
- Phillips, P. Privacy Operating Characteristic for Privacy Protection in Surveillance Applications. In Audio- and Video-Based Biometric Person Authentication; Kanade, T., Jain, A., Ratha, N., Eds.; Lecture Notes in Computer Science; Springer: Berlin/Heidelberg, Germany, 2005; pp. 869–878. [Google Scholar]
- Seo, J.; Hwang, S.; Suh, Y.-H. A Reversible Face De-Identification Method based on Robust Hashing. In Proceedings of the 2008 International Conference on Consumer Electronics (ICCE), Las Vegas, NV, USA, 9–13 January 2008. [Google Scholar] [CrossRef]
- Gross, R.; Sweeney, L.; Cohn, J.; de la Torre, F.; Baker, S. Face De-identification. In Protecting Privacy in Video Surveillance; Senior, A., Ed.; Springer: London, UK, 2009. [Google Scholar] [CrossRef]
- Padilla-López, J.R.; Chaaraoui, A.A.; Flórez-Revuelta, F. Visual Privacy Protection Methods: A Survey. Expert Syst. Appl. 2015, 42, 4177–4195. [Google Scholar] [CrossRef]
- Sweeney, L. K-anonymity: A Model for Protecting Privacy. Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 2002, 10, 557–570. [Google Scholar] [CrossRef]
- Meden, B.; Emeršič, Ž.; Štruc, V.; Peer, P. K-same-net: K-anonymity with Generative Deep Neural Networks for Face Deidentification. Entropy 2018, 20, 60. [Google Scholar] [CrossRef] [PubMed]
- Newton, E.M.; Sweeney, L.; Malin, B. Preserving privacy by de-identifying face images. IEEE Trans. Knowl. Data Eng. 2005, 17, 232–243. [Google Scholar] [CrossRef]
- Jourabloo, A.; Yin, X.; Liu, X. Attribute Preserved Face De-identification. In Proceedings of the 2015 International Conference on Biometrics, ICB 2015, Phuket, Thailand, 19–22 May 2015; pp. 278–285. [Google Scholar] [CrossRef]
- Hukkelås, H.; Mester, R.; Lindseth, F. DeepPrivacy: A Generative Adversarial Network for Face Anonymization. In Advances in Visual Computing. ISVC 2019; Lecture Notes in Computer Science; Springer: Cham, Switzerland, 2019; Volume 11844. [Google Scholar] [CrossRef]
- Pan, Y.-L.; Haung, M.-J.; Ding, K.-T.; Wu, J.-L.; Jang, J.-S.R. K-Same-Siamese-GAN: K-Same Algorithm with Generative Adversarial Network for Facial Image De-identification with Hyperparameter Tuning and Mixed Precision Training. In Proceedings of the 2019 16th IEEE International Conference on Advanced Video and Signal Based Surveillance (AVSS), Taipei, Taiwan, 18–21 September 2019; pp. 1–8. [Google Scholar]
- Jeong, Y.; Choi, J.; Kim, S.; Ro, Y.; Oh, T.-H.; Kim, D.; Ha, H.; Yoon, S. FICGAN: Facial Identity Controllable GAN for De-identification. arXiv 2021. [Google Scholar]
- Zhao, Z.; Xia, Y.; Qin, T.; Xia, L.; Liu, T.-Y. Dual Learning: Theoretical Study and an Algorithmic Extension. SN Comput. Sci. 2021, 2, 413. [Google Scholar] [CrossRef]
- Yamac, M.; Ahishali, M.; Passalis, N.; Raitoharju, J.; Sankur, B.; Gabbouj, M. Reversible Privacy Preservation using Multi-level Encryption and Compressive Sensing. In Proceedings of the 27th European Signal Processing Conference, A Coruna, Spain, 2–6 September 2019. [Google Scholar] [CrossRef]
- Li, Y.; Chen, S.; Qi, G.; Zhu, Z.; Haner, M.; Cai, R. A GAN-Based Self-Training Framework for Unsupervised Domain Adaptive Person Re-Identification. J. Imaging 2021, 7, 62. [Google Scholar] [CrossRef]
- Gu, X.; Luo, W.; Ryooand, M.; Lee, Y. Password-conditioned Anonymization and Deanonymization with Face Identity Transformers. arXiv 2020, arXiv:1911.11759. [Google Scholar]
- Pan, Y.-L.; Chen, J.-C.; Wu, J.-L. A Multi-Factor Combinations Enhanced Reversible Privacy Protection System for Facial Images. In Proceedings of the 2021 IEEE International Conference on Multimedia and Expo (ICME), Shenzhen, China, 5–9 July 2021; pp. 1–6. [Google Scholar] [CrossRef]
- Xu, S.; Chang, C.; Nguyen, H.H.; Echizen, I. Reversible anonymization for privacy of facial biometrics via cyclic learning. EURASIP J. Inf. Secur. 2024, 2024, 24. [Google Scholar] [CrossRef]
- Wen, Y.; Liu, B.; Cao, J.; Xie, R.; Song, L. Divide and Conquer: A Two-Step Method for High-Quality Face De-identification with Model Explainability. In Proceedings of the 2023 IEEE/CVF International Conference on Computer Vision (ICCV), Paris, France, 1–6 October 2023; pp. 5125–5134. [Google Scholar] [CrossRef]
- Bao, J.; Chen, D.; Wen, F.; Li, H.; Hua, G. Towards Open-set Identity Preserving Face Synthesis. In Proceedings of the Computer Vision and Pattern Recognition (CVPR), Salt Lake City, UT, USA, 18–23 June 2018; pp. 6713–6722. [Google Scholar]
- Karras, T.; Laine, S.; Aila, T. A Style-Based Generator Architecture for Generative Adversarial Networks. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Long Beach, CA, USA, 15–20 June 2019; pp. 4401–4410. [Google Scholar]
- Boesen, A.; Larsen, L.; Ren, S.; Snderby, K.; Larochelle, H.; Winther, O. Autoencoding beyond pixels using a learned similarity metric. In Proceedings of the 33rd International Conference on Machine Learning, New York, NY, USA; 2016; Volume 48, pp. 1558–1566. Available online: https://proceedings.mlr.press/v48/larsen16.html (accessed on 28 September 2024).
- Shen, W.; Liu, R. Learning Residual Images for Face Attribute Manipulation. In Proceedings of the Computer Vision and Pattern Recognition (CVPR), Honolulu, HI, USA, 21–26 July 2017; pp. 4030–4038. [Google Scholar]
- Choi, Y.; Choi, M.; Kim, M.; Ha, J.-W.; Kim, S.; Choo, J. Star-GAN: Unified generative adversarial networks for multi-domain Image-to-Image translation. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Salt Lake City, UT, USA, 18–23 June 2018; pp. 8789–8797. [Google Scholar]
- Choi, Y.; Uh, J.; Ha, J. StarGAN v2: Diverse Image Synthesis for Multiple Domains. In Proceedings of the Computer Vision and Pattern Recognition (CVPR), Seattle, WA, USA, 13–19 June 2020; pp. 8188–8197. [Google Scholar]
- Lin, J.; Chen, Z.; Xia, Y.; Liu, S.; Qin, T.; Luo, J. Exploring Explicit Domain Supervision for Latent Space Disentanglement in Unpaired Image-to-Image Translation. IEEE Trans. Pattern Anal. Mach. Intell. 2019, 43, 1254–1266. [Google Scholar] [CrossRef] [PubMed]
- Wang, L.; Chen, W.; Yang, W.; Bi, F.; Yu, F. A State-of-the-Art Review on Image Synthesis with Generative Adversarial Networks. IEEE Access 2020, 8, 63514–63537. [Google Scholar] [CrossRef]
- Isola, P.; Zhu, J.-Y.; Zhou, T.; Efros, A.A. Image-to-image Translation with Conditional Adversarial Networks. In Proceedings of the Computer Vision and Pattern Recognition (CVPR), Honolulu, HI, USA, 21–26 July 2017; pp. 1125–1134. [Google Scholar]
- Shen, Y.; Zhou, B. Closed-Form Factorization of Latent Semantics in GANs. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Nashville, TN, USA, 21–25 June 2021; pp. 1532–1540. [Google Scholar]
- Barber, D.; Agakov, F.V. The IM Algorithm: A Variational Approach to Information Maximization. Adv. Neural Inf. Process. Syst. 2003, 16, 201–208. [Google Scholar]
- Cheng, P.; Hao, W.; Dai, S.; Liu, J.; Gan, Z.; Carin, L. CLUB: A Contrastive Log-ratio Upper Bound of Mutual Information. In Proceedings of the 37th International Conference on Machine Learning, Virtual, 13–18 July 2020; pp. 1779–1788. [Google Scholar]
- Schroff, F.; Kalenichenko, D.; Philbin, J. Facenet: A unified embedding for face recognition and clustering. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Boston, MA, USA, 7–12 June 2015. [Google Scholar]
- Omkar, M. Parkhi, Andrea Vedaldi and Andrew Zisserman. Deep Face Recognition. In Proceedings of the British Machine Vision Conference (BMVC), Swansea, UK, 7–10 September 2015; Xie, X., Jones, M.W., Tam, G.K.L., Eds.; BMVA Press: Durham, UK, 2015; pp. 41.1–41.12. [Google Scholar]
- Prashnani, E.; Cai, H.; Mostofi, Y.; Sen, P. PieAPP: Perceptual Image-Error Assessment Through Pairwise Preference. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Salt Lake City, UT, USA, 18–23 June 2018. [Google Scholar]
- Maximov, M.; Elezi, I.; Leal-Taixe, L. Ciagan: Conditional identity anonymization generative adversarial networks. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Seattle, WA, USA, 13–19 June 2020; pp. 5447–5456. [Google Scholar]
- Cao, J.; Liu, B.; Wen, Y.; Xie, R.; Song, L. Personalized and Invertible Face De-identification by Disentangled Identity Information Manipulation. In Proceedings of the 2021 IEEE/CVF International Conference on Computer Vision (ICCV), Montreal, QC, Canada, 10–17 October 2021; pp. 3314–3322. [Google Scholar] [CrossRef]
- Im, D.H.; Seo, Y.S. FaceBERT: Face De-Identification Using VQGAN and BERT. In Proceedings of the 2022 13th International Conference on Information and Communication Technology Convergence (ICTC), Jeju Island, Republic of Korea, 19–21 October 2022; pp. 2013–2015. [Google Scholar] [CrossRef]
- Yang, J.; Zhang, W.; Liu, J.; Wu, J.; Yang, J. Generating De-identification facial images based on the attention models and adversarial examples. Alex. Eng. J. 2022, 61, 8417–8429. [Google Scholar] [CrossRef]
- Zhai, L.; Guo, Q.; Xie, X.; Ma, L.; Wang, Y.E.; Liu, Y. A3GAN: Attribute-Aware Anonymization Networks for Face De-identification. In Proceedings of the 30th ACM International Conference on Multimedia (MM’22), New York, NY, USA, 10–14 October 2022; Association for Computing Machinery: New York, NY, USA, 2022; pp. 5303–5313. [Google Scholar] [CrossRef]
- Seyyed, K.; Shirin, N. StyleGAN as a Utility-Preserving Face De-identification Method. arXiv 2022, arXiv:2212.02611. [Google Scholar]
- Xue, H.; Liu, B.; Yuan, X.; Ding, M.; Zhu, T. Face image de-identification by feature space adversarial perturbation. Concurr. Comput. Pract. Exp. 2022, 35, e7554. [Google Scholar] [CrossRef]
- Shen, Y.; Gu, J.; Tang, X.; Zhou, B. Interpreting the latent space of gans for semantic face editing. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, CVPR 2020, Seattle, WA, USA, 13–19 June 2020. [Google Scholar]
- Harkonen, E.; Hertzmann, A.; Lehtinen, J.; Paris, S. Ganspace: Discovering interpretable gan controls. Adv. Neural Inf. Process. Syst. 2020, 33, 9841–9850. [Google Scholar]
- Available online: https://pypi.org/project/thop/ (accessed on 12 May 2024).
Method | LPIPS | FID | SSIM |
---|---|---|---|
Gu et al. [24] | 0.17 | 28 | 0.95 |
MfM [25] | 0.35 | 27 | 0.83 |
FaceBERT [45] | 0.15 | 123 | 0.83 |
Yang et al. [46] | 0.12 | 144 | 0.81 |
A3GAN [47] | 0.29 | 93 | 0.87 |
Khorzooghi et al. [48] | 0.28 | 101 | 0.86 |
Xue et al. [49] | 0.16 | 127 | 0.83 |
CIAGAN [43] | 0.28 | 108 | 0.85 |
Cao et al. [44] | 0.29 | 43 | 0.93 |
Ours | 0.15 | 28 | 0.96 |
Real Images | - | - | 1 |
Method | LPIPS | PSNR | SSIM | PieAPP |
---|---|---|---|---|
Gu et al. [24] | 0.038 | 28.11 | 0.809 | 0.532 |
MfM [25] | 0.069 | 27.52 | 0.823 | 0.581 |
Cao et al. [44] | 0.072 | 27.10 | 0.85 | 0.63 |
Ours | 0.034 | 28.91 | 0.872 | 0.451 |
Real Images | - | - | 1 | 0 |
Issues | Bangs | Sight | Synthetic Seam | Background Color | |
---|---|---|---|---|---|
Method | |||||
CIAGAN [43] | Non-pollution Issue | Pollution Issue | Pollution Issue | Non-pollution Issue | |
Cao et al. [44] | Pollution Issue | Non-pollution Issue | Non-pollution Issue | Pollution Issue | |
MfM [25] | Pollution Issue | Non-pollution Issue | Non-pollution Issue | Pollution Issue | |
Ours | Non-pollution Issue | Non-pollution Issue | Non-pollution Issue | Non-pollution Issue |
Weaken Feature by 2 Degrees | Weaken Feature by 1 Degree | No Enhance/Weaken Features | Enhance Feature by 1 Degree | Enhance Feature by 2 Degrees | ||
---|---|---|---|---|---|---|
FID | Smiling | 0.25 | 8.94 | 0 | 11.68 | 14.08 |
Mouth Open | 13.73 | 11.23 | 0 | 8.98 | 9.54 | |
Mustache | 9.75 | 9.47 | 0 | 10.66 | 12.68 | |
SSIM | Smiling | 0.93 | 0.97 | 1 | 0.97 | 0.93 |
Mouth Open | 0.94 | 0.97 | 1 | 0.97 | 0.93 | |
Mustache | 0.93 | 0.97 | 1 | 0.97 | 0.93 | |
LPIPS | Smiling | 0.0155 | 0.0063 | 0 | 0.00646 | 0.0158 |
Mouth Open | 0.0157 | 0.0069 | 0 | 0.0082 | 0.0200 | |
Mustache | 0.0171 | 0.0067 | 0 | 0.0068 | 0.0176 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Pan, Y.-L.; Chen, J.-C.; Wu, J.-L. Secure Dual Network for Reversible Facial Image Anonymization Through the Latent Space Manipulation. Electronics 2024, 13, 4398. https://doi.org/10.3390/electronics13224398
Pan Y-L, Chen J-C, Wu J-L. Secure Dual Network for Reversible Facial Image Anonymization Through the Latent Space Manipulation. Electronics. 2024; 13(22):4398. https://doi.org/10.3390/electronics13224398
Chicago/Turabian StylePan, Yi-Lun, Jun-Cheng Chen, and Ja-Ling Wu. 2024. "Secure Dual Network for Reversible Facial Image Anonymization Through the Latent Space Manipulation" Electronics 13, no. 22: 4398. https://doi.org/10.3390/electronics13224398
APA StylePan, Y. -L., Chen, J. -C., & Wu, J. -L. (2024). Secure Dual Network for Reversible Facial Image Anonymization Through the Latent Space Manipulation. Electronics, 13(22), 4398. https://doi.org/10.3390/electronics13224398