A Principled Approach to Learning Stochastic Representations for Privacy in Deep Neural Inference

INFerence-as-a-Service (INFaaS) in the cloud has enabled the prevalent use of Deep Neural Networks (DNNs) in home automation, targeted advertising, machine vision, etc. The cloud receives the inference request as a raw input, containing a rich set of private information, that can be misused or leaked, possibly inadvertently. This prevalent setting can compromise the privacy of users during the inference phase. This paper sets out to provide a principled approach, dubbed Cloak, that finds optimal stochastic perturbations to obfuscate the private data before it is sent to the cloud. To this end, Cloak reduces the information content of the transmitted data while conserving the essential pieces that enable the request to be serviced accurately. The key idea is formulating the discovery of this stochasticity as an offline gradient-based optimization problem that reformulates a pre-trained DNN (with optimized known weights) as an analytical function of the stochastic perturbations. Using Laplace distribution as a parametric model for the stochastic perturbations, Cloak learns the optimal parameters using gradient descent and Monte Carlo sampling. This set of optimized Laplace distributions further guarantee that the injected stochasticity satisfies the -differential privacy criterion. Experimental evaluations with real-world datasets show that, on average, the injected stochasticity can reduce the information content in the input data by 80.07

READ FULL TEXT
research
05/26/2019

Shredder: Learning Noise to Protect Privacy with Partial DNN Inference on the Edge

A wide variety of DNN applications increasingly rely on the cloud to per...
research
12/25/2017

On Connecting Stochastic Gradient MCMC and Differential Privacy

Significant success has been realized recently on applying machine learn...
research
12/13/2022

Privacy-preserving Security Inference Towards Cloud-Edge Collaborative Using Differential Privacy

Cloud-edge collaborative inference approach splits deep neural networks ...
research
09/10/2018

Not Just Privacy: Improving Performance of Private Deep Learning in Mobile Cloud

The increasing demand for on-device deep learning services calls for a h...
research
06/07/2021

Generalized Linear Bandits with Local Differential Privacy

Contextual bandit algorithms are useful in personalized online decision-...
research
09/30/2022

Visual Privacy Protection Based on Type-I Adversarial Attack

With the development of online artificial intelligence systems, many dee...

Please sign up or login with your details

Forgot password? Click here to reset