Secure Inference via Deep Learning as a Service without Privacy Leakage

Face recognition, including emotion classification and face attribute classification, has seen tremendous progress during the last decade owing to the use of deep learning. Large-scale data collected from numerous users have been the driving force in this growth. However, face images containing the identities of the owner can potentially cause severe privacy leakage if linked to other sensitive biometric information. The novel discrete cosine transform (DCT) coefficient cutting method (DCC) proposed in this study combines DCT and pixelization to protect the privacy of the image. However, privacy is subjective, and it is not guaranteed that the transformed image will preserve privacy. To overcome this, a user study was conducted on whether DCC really preserves privacy. To this end, convolutional neural networks were trained for face recognition and face attribute classification tasks. Our survey and experiments demonstrate that a face recognition deep learning model can be trained with images that most people think preserve privacy at a manageable cost in classification accuracy.

Download Full-text

Identifying Privacy Leakage from User-Generated Content in An Online Health Community-A deep learning approach

2019 IEEE International Conference on Healthcare Informatics (ICHI) ◽

10.1109/ichi.2019.8904689 ◽

2019 ◽

Cited By ~ 1

Author(s):

Yushan Zhu ◽

Xing Tong ◽

Xi Wang

Keyword(s):

Deep Learning ◽

User Generated Content ◽

Learning Approach ◽

Online Health Community ◽

Privacy Leakage ◽

Health Community

Download Full-text

Exploring Security Vulnerabilities of Deep Learning Models by Adversarial Attacks

Wireless Communications and Mobile Computing ◽

10.1155/2021/9969867 ◽

2021 ◽

Vol 2021 ◽

pp. 1-9

Author(s):

Xiaopeng Fu ◽

Zhaoquan Gu ◽

Weihong Han ◽

Yaguan Qian ◽

Bin Wang

Keyword(s):

Deep Learning ◽

Language Processing ◽

Textual Analysis ◽

Original Data ◽

Learning Models ◽

Security Vulnerabilities ◽

Privacy Leakage ◽

Adversarial Examples ◽

Small Change ◽

Analysis Models

Nowadays, deep learning models play an important role in a variety of scenarios, such as image classification, natural language processing, and speech recognition. However, deep learning models are shown to be vulnerable; a small change to the original data may affect the output of the model, which may incur severe consequences such as misrecognition and privacy leakage. The intentionally modified data is referred to as adversarial examples. In this paper, we explore the security vulnerabilities of deep learning models designed for textual analysis. Specifically, we propose a visual similar word replacement (VSWR) algorithm to generate adversarial examples against textual analysis models. By using adversarial examples as the input of deep learning models, we verified that deep learning models are vulnerable to such adversarial attacks. We have conducted experiments on several sentiment analysis deep learning models to evaluate the performance. The results also confirmed that the generated adversarial examples could successfully attack deep learning models. As the number of modified words increases, the model prediction accuracy becomes lower. This kind of adversarial attack implies security vulnerabilities of deep learning models.

Download Full-text

BAYHENN: Combining Bayesian Deep Learning and Homomorphic Encryption for Secure DNN Inference

Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence ◽

10.24963/ijcai.2019/671 ◽

2019 ◽

Author(s):

Peichen Xie ◽

Bingzhe Wu ◽

Guangyu Sun

Keyword(s):

Neural Networks ◽

Deep Learning ◽

Homomorphic Encryption ◽

Real Life ◽

Cloud Service ◽

Bayesian Neural Networks ◽

Privacy Leakage ◽

Clinical Dataset ◽

Cloud Server ◽

Cloud Servers

Recently, deep learning as a service (DLaaS) has emerged as a promising way to facilitate the employment of deep neural networks (DNNs) for various purposes. However, using DLaaS also causes potential privacy leakage from both clients and cloud servers. This privacy issue has fueled the research interests on the privacy-preserving inference of DNN models in the cloud service. In this paper, we present a practical solution named BAYHENN for secure DNN inference. It can protect both the client's privacy and server's privacy at the same time. The key strategy of our solution is to combine homomorphic encryption and Bayesian neural networks. Specifically, we use homomorphic encryption to protect a client's raw data and use Bayesian neural networks to protect the DNN weights in a cloud server. To verify the effectiveness of our solution, we conduct experiments on MNIST and a real-life clinical dataset. Our solution achieves consistent latency decreases on both tasks. In particular, our method can outperform the best existing method (GAZELLE) by about 5x, in terms of end-to-end latency.

Download Full-text

Analysis of Application Examples of Differential Privacy in Deep Learning

Computational Intelligence and Neuroscience ◽

10.1155/2021/4244040 ◽

2021 ◽

Vol 2021 ◽

pp. 1-15

Author(s):

Zhidong Shen ◽

Ting Zhong

Keyword(s):

Artificial Intelligence ◽

Neural Networks ◽

Deep Learning ◽

Deep Neural Networks ◽

Differential Privacy ◽

Generative Adversarial Networks ◽

Learning Models ◽

Privacy Leakage ◽

Adversarial Networks ◽

Inference Attacks

Artificial Intelligence has been widely applied today, and the subsequent privacy leakage problems have also been paid attention to. Attacks such as model inference attacks on deep neural networks can easily extract user information from neural networks. Therefore, it is necessary to protect privacy in deep learning. Differential privacy, as a popular topic in privacy-preserving in recent years, which provides rigorous privacy guarantee, can also be used to preserve privacy in deep learning. Although many articles have proposed different methods to combine differential privacy and deep learning, there are no comprehensive papers to analyze and compare the differences and connections between these technologies. For this purpose, this paper is proposed to compare different differential private methods in deep learning. We comparatively analyze and classify several deep learning models under differential privacy. Meanwhile, we also pay attention to the application of differential privacy in Generative Adversarial Networks (GANs), comparing and analyzing these models. Finally, we summarize the application of differential privacy in deep neural networks.

Download Full-text

Deep Learning

10.1017/cbo9780511780295 ◽

2009 ◽

Cited By ~ 94

Author(s):

Stellan Ohlsson

Keyword(s):

Deep Learning

Download Full-text

Intelligence artificielle : le futur de l’Orthodontie ?

Revue d Orthopédie Dento-Faciale ◽

10.1051/odf/2019026 ◽

2019 ◽

Vol 53 (3) ◽

pp. 281-294

Author(s):

Jean-Michel Foucart ◽

Augustin Chavanne ◽

Jérôme Bourriau

Keyword(s):

Big Data ◽

Deep Learning ◽

Intelligence Artificielle ◽

Set Up

Nombreux sont les apports envisagés de l’Intelligence Artificielle (IA) en médecine. En orthodontie, plusieurs solutions automatisées sont disponibles depuis quelques années en imagerie par rayons X (analyse céphalométrique automatisée, analyse automatisée des voies aériennes) ou depuis quelques mois (analyse automatique des modèles numériques, set-up automatisé; CS Model +, Carestream Dental™). L’objectif de cette étude, en deux parties, est d’évaluer la fiabilité de l’analyse automatisée des modèles tant au niveau de leur numérisation que de leur segmentation. La comparaison des résultats d’analyse des modèles obtenus automatiquement et par l’intermédiaire de plusieurs orthodontistes démontre la fiabilité de l’analyse automatique; l’erreur de mesure oscillant, in fine, entre 0,08 et 1,04 mm, ce qui est non significatif et comparable avec les erreurs de mesures inter-observateurs rapportées dans la littérature. Ces résultats ouvrent ainsi de nouvelles perspectives quand à l’apport de l’IA en Orthodontie qui, basée sur le deep learning et le big data, devrait permettre, à moyen terme, d’évoluer vers une orthodontie plus préventive et plus prédictive.

Download Full-text