Probabilistic Selective Encryption of Convolutional Neural Networks for Hierarchical Services

by   Jinyu Tian, et al.

Model protection is vital when deploying Convolutional Neural Networks (CNNs) for commercial services, due to the massive costs of training them. In this work, we propose a selective encryption (SE) algorithm to protect CNN models from unauthorized access, with a unique feature of providing hierarchical services to users. Our algorithm firstly selects important model parameters via the proposed Probabilistic Selection Strategy (PSS). It then encrypts the most important parameters with the designed encryption method called Distribution Preserving Random Mask (DPRM), so as to maximize the performance degradation by encrypting only a very small portion of model parameters. We also design a set of access permissions, using which different amounts of the most important model parameters can be decrypted. Hence, different levels of model performance can be naturally provided for users. Experimental results demonstrate that the proposed scheme could effectively protect the classification model VGG19 by merely encrypting 8 proposed model protection scheme in the denoising model DnCNN, showcasing the hierarchical denoising services



There are no comments yet.


page 8


CNNComparator: Comparative Analytics of Convolutional Neural Networks

Convolutional neural networks (CNNs) are widely used in many image recog...

Training CNNs with Selective Allocation of Channels

Recent progress in deep convolutional neural networks (CNNs) have enable...

An Efficient Data Protection Architecture Based on Fragmentation and Encryption

In this thesis, a completely revisited data protection scheme based on s...

Towards Industrial Private AI: A two-tier framework for data and model security

With the advances in 5G and IoT devices, the industries are vastly adopt...

Training Neural Networks with Fixed Sparse Masks

During typical gradient-based training of deep neural networks, all of t...

AdvParams: An Active DNN Intellectual Property Protection Technique via Adversarial Perturbation Based Parameter Encryption

A well-trained DNN model can be regarded as an intellectual property (IP...

Protecting Semantic Segmentation Models by Using Block-wise Image Encryption with Secret Key from Unauthorized Access

Since production-level trained deep neural networks (DNNs) are of a grea...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.