 Good morning, good afternoon, good evening, wherever you are. Welcome to the AI for Good Global Summit, all year always online. I'm Charlotte Kahn from the ITU, the International Telecommunication Union. Like most of the world, the AI for Good Global Summit has gone digital, with weekly online programming, allowing us to reach even more people in 2020. AI for Good perspectives offer expert insights, global visions, and shared solutions from the AI for Good community. Today we bring you the third episode of ATRI's AI for Making a Better Tomorrow on the subject of AI for Security and Privacy. ATRI is the National AI Research Institute of the Republic of Korea, so let's take a look at a short video about them. Artificial Intelligence Research Laboratory is the main R&D branch of ATRI, the nation's finest General Intelligence Research Institute for shaping our future society. We are in charge of research and development in the field of superintelligence and superperformance, to build the foundation of a superintelligent information society co-existing with human-based autonomous intelligence to materialize superperformance computing to overcome the technological limits of existing computers. For the realization of superperformance computing, Future Computing Research Division revolutionizes the CPU-centric computing system into next-generation memory-centric computing system. With our memory-centric computing systems, massive amounts of data, such as AI-powered financial predictions, biotechnology, big data analytics, etc., can be processed much faster than today's computing technologies. In addition, our innovative memory-centric computing system can be integrated with multi-cloud technology to spread a variety of high-speed AI services around the world. The AISOC Research Division has developed a high-performance artificial intelligence processor chip for servers to accelerate artificial neural network, as well as an ultra-low-power visual intelligence processor chip for mobiles that visually detects and recognizes objects. This technology will be used as a base in the future research on the 64-bit processors for supercomputing and AI accelerating. In this field of superperformance research, we will endeavor for a realization of the superperformance computing, which overcomes the limit of performance through a memory-centric computing system and AI processor technology. In the future, Atree Artificial Intelligence Research Lab will do its best to advance Korea's artificial intelligence technology to the next level through the development of next-generation AI core technology and to achieve the fourth industrial revolution through intelligent innovation in the manufacturing and ICT industries, which are the strengths of Korea. Now, let me hand over to our expert host, Dr. Miran Choi. Dr. Choi is principal researcher and standardization specialist at Atree. Dr. Choi. Thank you, Charlotte. Ladies and gentlemen, I'm Miran Choi from Atree Korea. Thank you very much for joining us in this session. The subject of this session is on AI for security and privacy. AI technologies have been wildly developed on many areas, including ICT, in order to make human lives richer, safer, and more convenient. Especially on intelligent CCTV technology, to recognize interesting situations by analyzing CCTV videos is applied to many safety-guaranteed domains, such as national infrastructures, cities of balance systems, videos of balance as a service, and so on. On the other hand, those extensions of AI CCTV and increasing CCTV data surely cause the critical side effects, such as invasion of privacy, misuse in crime, and other security threats. So, in this session, security issues on the intelligent CCTV and some video security technologies preventing them will be discussed. Okay, next I will introduce the speaker of this session. Dr. Kono Kim is the manager of physical security and authentication technology section. He has been developing intelligent CCTV technologies for 13 years. Recently, he is involved in developing deep learning technology for CCTV analysis. In addition, the privacy and security issue is also one of his research topics. Now, let's watch the presentation. Hello, everyone. Let me introduce myself. My name is Kono Kim from ATRIE, Electronic and Telecommunication Research Institute, Korea. During the last two weeks, a few AI technologies developed by ATRIE were introduced. And in this presentation, I'm going to talk about the opposite side of the artificial intelligence, security and privacy. Today, the artificial intelligence is everywhere and melting into most systems from front-end devices to back-end large-scale platforming servers. Anyway, some may be satisfied with the performance of AI, but who are satisfied with the security of AI may not be many. Until now, we are focusing on the performance to arrive at the level of human intelligence, but we are not interested in the other aspect of artificial intelligence, which may be dark. There are issues about security and privacy. In this presentation, I would like to focus on security and privacy issues and related technologies by intelligent CCTV systems. The intelligent system is supposed to be a highly probable solution responsible for social safety, which is most of the time. As we can see in many cases, CCTV plays a critical role and generates crucial evidence. Our every history is stored in CCTV videos, monitored, validated and analyzed by other people. Furthermore, intelligence has been added to the CCTV systems, and everything is attempted to be automatically identified. But on the negative side, our privacy is forced to open. Even though CCTV guarantees our safety, they don't protect our privacy. If privacy is not guaranteed, everything you can see may be broken down and become dangerous. In this slide, I would like to introduce a few privacy-invasion cases by CCTV applications. There is an internet site listing IP cameras accessible by everyone without any authentication process. The accessible IP cameras are kindly categorized by nations, manufacturers and deployed places. This is caused because the default password is not reset and continuously used. Everyone can feed other private lives through the indoor cameras. Actually, this type of accident can be prevented with a little concern. This is caused by security weakness of deployed systems. Most IP cameras are connected to the router, so once the router is exploited, CCTV security systems collapse and private lives are streamed all over the world. The router exploited is known to be very easy, and we can simply gather the hacking program in the internet. You can be a main character of the movie through a show like Jim Carrey. This scenario is caused by IP cameras invoking security weakness, namely backdoor program. Once the backdoor program is installed, all security software are useless. Attackers who know the backdoor program can illegally access the IP cameras and sneak look at the CCTV videos. As another security-broken case, CCTV was used for attacking other systems, meaning Burnett. About 25,000 CCTVs over the 100 nations were hacked and illegally controlled to launch DDoS attack. These CCTVs have successfully performed a law as an intermediate control center for attacking victims. This is because the CCTVs are already connected and they have their own computing power. But most of the important thing of all is that no one pays attention to the CCTV status. And all you want is just monitoring. The connectivity and concern enable our CCTVs to attack the remote target victim systems without us knowing. Until now, we are making our best effort to protect our treasure by manufacturing strong safe against illegal attacks. So as the attacks are getting powerful, the safe needs to be supplemented or renovated. But the way of strong safe has no choice but to follow the attacks and damage is already expected. And how about making the treasure useless to the attackers, even though they are revealed to them like this fake money. The only authorized access can restore the original value from the fake money. I would like to introduce a few security technologies for this purpose. This video shows a regular privacy masking method that many people are used to and normally imagine. First of all, private reasons are detected, including human body's faces, license number plate, private spaces, and something like that. And then the detected private reasons are processed to be unrecognized using privacy masking methods like pixel blurring, blackout, or mosaic process. From the security aspect, this method is perfect because the privacy is removed forever, but this is a serious demerit. Most critical demerit is that original video cannot be restored from the masked video because the original information has been already damaged and not installable. So this method is usually used for external carryout of existing videos and the original existing video is stored in storage, which is expected to be secure. When the stored original existing videos are getting dangerous, every private information is revealed and security systems are broken down. This video shows the existing privacy masking technology we developed. The left video is original, the central video is privacy masked, and the right video is a restored result. The advantage of this method is that system videos are securely can be managed during their lifecycle in encrypted format. Whenever system videos are captured, they are immediately privacy masked, transferred, stored, monitored, and deleted. During their lifecycle, the only authorized access can restore the original video, and other people can monitor only the central masked videos. You don't need any further information for restoration, only the masked video is enough. For the restore of privacy masking, we have to overcome some hurdles. First of all, we have to solve the conflict between legacy codec applications and our privacy mechanisms. Legacy codec systems adapt to loss compression for high reduction of file size, so RGB information in each pixel is changed, but human eyes cannot notice that. But for our privacy masking, encryption is recommended, and the operation is valid only when the integrity is guaranteed, so for the actual privacy masking, it must be compliant with the legacy coding mechanisms. There are three types of privacy masking deployment. In first approach, the privacy masking operation is done between the encoding applications and decoding applications. In this case, the privacy masking application should be implemented according to the encoder types. Unfortunately, the private masking depends on the codec applications. In second approach, the privacy masking implementations are integrated into legacy codec systems. This may be most efficient from the performance view, but every codec application must be implemented and provide privacy masking functions. In the last approach, the privacy masking is done out of the boundary of the codec applications. For making it possible, the private masking mechanism should be robust against the unexpected data modification of codec systems. We adopted the last option. Another option is video encryption. In previous privacy masking, we have to detect private areas in each video frame, and then transform them into the unrecognized format. But in video encryption, we don't need a private area detection, but just apply it to the every video frame. Here, our consideration is how the encryption is performed in the lightweight manner. The key idea is to use the encoding mechanism of video codec applications. In legacy codec applications, whenever anchor information is encrypted, and the follow-up information would be automatically unrecognized. This reduces computation to the 30% compared to the overall data encryption method. Also, this application can be installed in the conventional IP camera platform. The original video frames are surely restored by the authorized access with a private key. The left video shows the original, the central video shows the encrypted, and the right video shows the decrypted result. In this page, I would like to introduce a new concept of security, applying privacy masking. In a private world where we live, you can see everything with eyes and privacy is not considered. The moment of frame data is transferred to the online world, privacy is getting important. It's including human bodies, faces, private information, license numbers, and everything private. So, we would like to change our ways of thinking. We want to make offline world secure, and the private information can be seen only in the online world. Of course, the access should be securely authorized. As seen in the video, private information on paper, screen, or any offline media is masked, and no one can recognize it naturally. If someone has a privilege to see that, you can restore the original private information like the light of a figure. In our test, we use mobile phone and smart glasses for secure restorations. I would like to conclude with the sentence, Security for AI makes AI mature. Security is not option anymore, and can be less than pleasure for AI perfection. Thank you for listening. Thank you for your presentation, Dr. Kim. I hope you have a good achievement in AI-based security and privacy area. Now, I will ask two questions on your presentation for the audience. My first question is, what is the difference between your privacy masking technology and other widely used privacy masking technologies? As I mentioned in my presentations, it's matter of whether the original video information is reserved or not. Other privacy masking technologies is adapting, only transformation is not restored, and the original information is not useful anymore. And the moment the original video information is damaged, the worth is getting invalid. Whereas, our privacy masking technologies guarantees the restorations. It's very important and should be mandatory. Privacy can be supported along the CCTV videos' life cycle. Even though the CCTV videos are illegally stolen by hackers, our sensitive information is not recognizable. The concept of your proposed offline privacy masking technology is not familiar to me. Can you explain the concept compared to the QR code method in more detail? We actually recognized why the only online private information is respected. In offline world, the private information can be found anywhere. The offline privacy masking technology has departed from these considerations. We would like to reserve our common notion, that is, our private information is scattered over the offline world in a secure manner and others cannot identify them. The only authorized personnel devices can confirm the original information. Confirmed to the QR code method, our offline privacy masking technologies can support a typical format. Our offline privacy masking technologies can contain the original characteristics, such as writing styles, image information, and signature and others, without any online connection to server. Thank you, Dr. Kim, for your detailed explanation. Okay, I hope you all have enjoyed the episode 3 of AI for a Good Perspective, presented by Etri today. Thank you for your participation. Let me hand back over to Charlotte for the closing. Well, thank you Dr. Choi and Dr. Kim for the presentations and inspiring discussions. I hope you have enjoyed these insightful episodes from Etri. Stay tuned for much more on how AI can be used to make the world a better place by joining us all year, always online.