Disguised-Nets: Image Disguising for Privacy-preserving Deep Learning

02/05/2019
by   Sagar Sharma, et al.
0

Due to the high training costs of deep learning, model developers often rent cloud GPU servers to achieve better efficiency. However, this practice raises privacy concerns. An adversarial party may be interested in 1) personal identifiable information encoded in the training data and the learned models, 2) misusing the sensitive models for its own benefits, or 3) launching model inversion (MIA) and generative adversarial network (GAN) attacks to reconstruct replicas of training data (e.g., sensitive images). Learning from encrypted data seems impractical due to the large training data and expensive learning algorithms, while differential-privacy based approaches have to make significant trade-offs between privacy and model quality. We investigate the use of image disguising techniques to protect both data and model privacy. Our preliminary results show that with block-wise permutation and transformations, surprisingly, disguised images still give reasonably well performing deep neural networks (DNN). The disguised images are also resilient to the deep-learning enhanced visual discrimination attack and provide an extra layer of protection from MIA and GAN attacks.

READ FULL TEXT
research
11/04/2022

A Jigsaw Puzzle Solver-based Attack on Block-wise Image Encryption for Privacy-preserving DNNs

Privacy-preserving deep neural networks (DNNs) have been proposed for pr...
research
12/31/2022

A Comparative Study of Image Disguising Methods for Confidential Outsourced Learning

Large training data and expensive model tweaking are standard features o...
research
04/12/2019

Distributed Layer-Partitioned Training for Privacy-Preserved Deep Learning

Deep Learning techniques have achieved remarkable results in many domain...
research
08/27/2019

Key Protected Classification for Collaborative Learning

Large-scale datasets play a fundamental role in training deep learning m...
research
10/20/2022

How Does a Deep Learning Model Architecture Impact Its Privacy?

As a booming research area in the past decade, deep learning technologie...
research
10/08/2020

Improved Techniques for Model Inversion Attacks

Model inversion (MI) attacks in the whitebox setting are aimed at recons...
research
06/23/2020

Security and Privacy Preserving Deep Learning

Commercial companies that collect user data on a large scale have been t...

Please sign up or login with your details

Forgot password? Click here to reset