54 Hits in 3.4 sec

SOTERIA: In Search of Efficient Neural Networks for Private Inference [article]

Anshul Aggarwal, Trevor E. Carlson, Reza Shokri, Shruti Tople
2020 arXiv   pre-print
We use neural architecture search algorithms with the dual objective of optimizing the accuracy of the model and the overhead of using cryptographic primitives for secure inference.  ...  We observe that the network architecture, internal functions, and parameters of a model, which are all chosen during training, significantly influence the computation and communication overhead of a cryptographic  ...  Ternary (Sparse Binary) Neural Network For building a system that enables efficient private inference, we prefer to reduce the number of parameters in the network.  ... 
arXiv:2007.12934v1 fatcat:tdch7v4uu5e3dbokfrtl27mgum

AESPA: Accuracy Preserving Low-degree Polynomial Activation for Fast Private Inference [article]

Jaiyoung Park and Michael Jaemin Kim and Wonkyung Jung and Jung Ho Ahn
2022 arXiv   pre-print
Hybrid private inference (PI) protocol, which synergistically utilizes both multi-party computation (MPC) and homomorphic encryption, is one of the most prominent techniques for PI.  ...  Although a standard non-linear activation function can generate higher model accuracy, it must be processed via a costly garbled-circuit MPC primitive.  ...  Given the pre-trained neural network, Delphi replaces some ReLUs with quadratic approximation and retrains the neural network, which allows them to utilize a less costly BT primitive.  ... 
arXiv:2201.06699v2 fatcat:7lzbejka35a2hopzghgyaigwfq

Privacy-preserving Cloud-based DNN Inference [article]

Shangyu Xie, Bingyu Liu, Yuan Hong
2021 arXiv   pre-print
Although some privacy preserving deep neural network (DNN) based inference techniques have been proposed by composing cryptographic primitives, the challenges on computational efficiency have not been  ...  In this paper, we propose a novel privacy preserving cloud-based DNN inference framework (namely, "PROUD"), which greatly improves the computational efficiency.  ...  The authors would like to thank the anonymous reviewers for their constructive comments.  ... 
arXiv:2102.03915v2 fatcat:zr4vgfbsu5h6lmed4is53qkage

Circa: Stochastic ReLUs for Private Deep Learning [article]

Zahra Ghodsi, Nandan Kumar Jha, Brandon Reagen, Siddharth Garg
2021 arXiv   pre-print
The key observation is that the stochastic fault behavior is well suited for the fault-tolerant properties of neural network inference.  ...  In this paper we re-think the ReLU computation and propose optimizations for PI tailored to properties of neural networks.  ...  XONN [18] enables private inference using only GCs for binarized neural networks and leverages the fact that XORs can be computed for free in the GC protocol to achieve speedups.  ... 
arXiv:2106.08475v1 fatcat:gsbz5hur6zehvb6a37r4sf47xe

Tabula: Efficiently Computing Nonlinear Activation Functions for Secure Neural Network Inference [article]

Maximilian Lam, Michael Mitzenmacher, Vijay Janapa Reddi, Gu-Yeon Wei, David Brooks
2022 arXiv   pre-print
Multiparty computation approaches to secure neural network inference traditionally rely on garbled circuits for securely executing nonlinear activation functions.  ...  This leads to significant performance gains over garbled circuits with quantized inputs during secure inference on neural networks: Tabula reduces overall communication by up to 9 × and achieves a speedup  ...  More recently, specialized systems have emerged that specifically target secure neural network inference, including works like Minionn, Gazelle and Delphi [16, 9, 18, 14, 23, 8, 1, 7] .  ... 
arXiv:2203.02833v1 fatcat:fvgnww77kff3zosds3tx7zjzqy

CryptoNite: Revealing the Pitfalls of End-to-End Private Inference at Scale [article]

Karthik Garimella, Nandan Kumar Jha, Zahra Ghodsi, Siddharth Garg, Brandon Reagen
2021 arXiv   pre-print
The privacy concerns of providing deep learning inference as a service have underscored the need for private inference (PI) protocols that protect users' data and the service provider's model using cryptographic  ...  Paired with recent optimizations that tailor networks for PI, these protocols have achieved performance levels that are tantalizingly close to being practical.  ...  ACKNOWLEDGEMENTS This work was supported in part by the Applications Driving Architectures (ADA) Research Center, a JUMP Center co-sponsored by SRC and DARPA.  ... 
arXiv:2111.02583v1 fatcat:w5cft4qgvrcuhhcfo4nrk57xye

AutoPrivacy: Automated Layer-wise Parameter Selection for Secure Neural Network Inference [article]

Qian Lou and Song Bian and Lei Jiang
2020 arXiv   pre-print
In this paper, for fast and accurate secure neural network inference, we propose an automated layer-wise parameter selector, AutoPrivacy, that leverages deep reinforcement learning to automatically determine  ...  of a network.  ...  Acknowledges The authors would like to thank the anonymous reviewers for their valuable comments and helpful suggestions.  ... 
arXiv:2006.04219v2 fatcat:fnip7ikk5fgpnl3poze3aobweu

Accelerating 2PC-based ML with Limited Trusted Hardware [article]

Muqsit Nawaz, Aditya Gulati, Kunlong Liu, Vishwajeet Agrawal, Prabhanjan Ananth, Trinabh Gupta
2020 arXiv   pre-print
This paper describes the design, implementation, and evaluation of Otak, a system that allows two non-colluding cloud providers to run machine learning (ML) inference without knowing the inputs to inference  ...  An implementation and evaluation of Otak demonstrates that its CPU and network overhead converted to a dollar amount is 5.4-385× lower than state-of-the-art 2PC-based works.  ...  Acknowledgments We thank Ishtiyaque Ahmad, Alvin Glova, Rakshith Gopalakrishna, Arpit Gupta, Abhishek Jain, Srinath Setty, Jinjin Shao, Tim Sherwood, Michael Walfish, and Rich Wolski for feedback and comments  ... 
arXiv:2009.05566v1 fatcat:fbh6spwmcjhkxiura3aexuyjsi

Secure Medical Image Analysis with CrypTFlow [article]

Javier Alvarez-Valle, Pratik Bhatu, Nishanth Chandran, Divya Gupta, Aditya Nori, Aseem Rastogi, Mayank Rathee, Rahul Sharma, Shubham Ugare
2020 arXiv   pre-print
We empirically demonstrate the power of our system by showing the secure inference of real-world neural networks such as DENSENET121 for detection of lung diseases from chest X-ray images and 3D-UNet for  ...  We present CRYPTFLOW, a system that converts TensorFlow inference code into Secure Multi-party Computation (MPC) protocols at the push of a button. To do this, we build two components.  ...  CRYPTFLOW provides the first implementation and evaluation of a system for secure segmentation.  ... 
arXiv:2012.05064v1 fatcat:naymjmjxwzcb3b35mq23v7bxkm

DeepReDuce: ReLU Reduction for Fast Private Inference [article]

Nandan Kumar Jha, Zahra Ghodsi, Siddharth Garg, Brandon Reagen
2021 arXiv   pre-print
The recent rise of privacy concerns has led researchers to devise methods for private neural inference – where inferences are made directly on encrypted data, never seeing inputs.  ...  Given a target network, DeepReDuce outputs a Pareto frontier of networks that tradeoff the number of ReLUs and accuracy.  ...  Acknowledgements This work was supported in part by the Applications Driving Architectures (ADA) Research Center, a JUMP Center co-sponsored by SRC and DARPA.  ... 
arXiv:2103.01396v2 fatcat:nikixwf2mzd6tiihwkystufwue

Enhanced Security in Cloud Computing Using Neural Network and Encryption

Muhammad Usman Sana, Zhanli Li, Fawad Javaid, Hannan Bin Liaqat, Muhammad Usman Ali
2021 IEEE Access  
To address this problem, we propose a new security design using Artificial Neural Networks (ANN) and encryption to confirm a safe communication system in the cloud environment, by letting the third parties  ...  This technique allows the computations to be performed directly on floating-point data within a neural network with a minor computational overhead.  ...  Authors [9] implement, estimate, and design, a secure prediction scheme DELPHI that allows performing neural network inference between two parties without disclosing the data of both parties.  ... 
doi:10.1109/access.2021.3122938 fatcat:jpnki543zncbnij37pivanhbvi

SoK: Privacy-Preserving Computation Techniques for Deep Learning

José Cabrero-Holgueras, Sergio Pastrana
2021 Proceedings on Privacy Enhancing Technologies  
Deep Learning (DL) is a powerful solution for complex problems in many disciplines such as finance, medical research, or social sciences.  ...  Recent advances in privacy-preserving computation techniques (i.e., Homomorphic Encryption and Secure Multiparty Computation) have enabled DL training and inference over protected data.  ...  Acknowledgments We thank the anonymous reviewers and our shepherd, Phillipp Schoppmann, for their valuable feedback. We also thank Alberto Di Meglio, Marco Manca  ... 
doi:10.2478/popets-2021-0064 fatcat:hb3kdruxozbspnowy63gynuapy

CrypTFlow: Secure TensorFlow Inference [article]

Nishant Kumar, Mayank Rathee, Nishanth Chandran, Divya Gupta, Aseem Rastogi, Rahul Sharma
2020 arXiv   pre-print
We experimentally demonstrate the power of our system by showing the secure inference of real-world neural networks such as ResNet50 and DenseNet121 over the ImageNet dataset with running times of about  ...  We present CrypTFlow, a first of its kind system that converts TensorFlow inference code into Secure Multi-party Computation (MPC) protocols at the push of a button.  ...  ACKNOWLEDGEMENTS We thank our shepherd Xiao Wang, and anonymous reviewers for their valuable feedback.  ... 
arXiv:1909.07814v2 fatcat:e776uzl6crgv3mibgykniljweu

Privacy-Preserving Machine Learning: Methods, Challenges and Directions [article]

Runhua Xu, Nathalie Baracaldo, James Joshi
2021 arXiv   pre-print
challenges and a research roadmap for future research in PPML area.  ...  A trained ML model may also be vulnerable to adversarial attacks such as membership, attribute, or property inference attacks and model inversion attacks.  ...  [139] recently proposed the Delphi framework for a cryptographic inference service for neural networks.  ... 
arXiv:2108.04417v2 fatcat:pmxmsbs2gvh6nd4jadcz4dnsrq

Fusion: Efficient and Secure Inference Resilient to Malicious Server and Curious Clients [article]

Caiqin Dong, Jian Weng, Yao Tong, Jia-Nan Liu, Anjia Yang, Yudan Cheng, Shun Hu
2022 arXiv   pre-print
On the basis of this method, Fusion can be used as a general compiler for converting any semi-honest inference scheme into a maliciously secure one.  ...  Without leveraging expensive cryptographic techniques, a novel mix-and-check method is designed to ensure that the server uses a well-trained model as input and correctly performs the inference computations  ...  A. Neural Network Inference Convolutional neural network (CNN) is one of the popular neural network nowadays.  ... 
arXiv:2205.03040v1 fatcat:67n5nydnn5glzpcwl6p6jc3lm4
« Previous Showing results 1 — 15 out of 54 results