authors
- PRODOMO, VITTORIO
- GONZALEZ, ROBERTO
- GRAMAGLIA, MARCO
SCIPER: Secure Collaborative Inference via Privacy-Enhancing Regularization
Articles
Overview
published in
publication date
- December 2024
start page
- 57
end page
- 68
issue
- 12
volume
- 1
Digital Object Identifier (DOI)
Electronic International Standard Serial Number (EISSN)
- 2836-208X
abstract
- The increased complexity of nowadays common Machine Learning tasks and the availability of ubiquitously connected devices initiated the current trend of shifting a substantial amount of tasks formerly performed in the terminals towards cloud-based solutions, through implementing Machine Learning as a Service (MLaaS) solutions. However, this migration raises concerns regarding the privacy of user data transmitted over the network. To mitigate potential confidentiality and privacy issues, the exchanged data should be properly anonymized upon its transmission. While prior research has introduced privacy-enhancing algorithms, many of these models are complex and pose challenges in their application to real-world systems, or assume very specific characteristics regarding potential attackers. This paper introduces SCIPER, a novel deep learning system designed to generate anonymized representations of data while maintaining high accuracy in the targeted MLaaS task. Our approach operates with a reduced complexity compared to state-of-the-art methodologies, and it addresses more adversarial attacker models, assuming access to a comparably distributed dataset, and the ability to retrain attack models using the anonymized encodings. Our empirical results demonstrate the effectiveness of the proposed algorithm in three key aspects: i) its efficacy in achieving anonymization with a lighter computational footprint compared to other approaches, ii) considering of more stringent attacker models, while achieving iii) superior performance across various privacy metrics when compared to established benchmarks.
Classification
subjects
- Telecommunications
keywords
- collaborative inference; machine learning; machine learning; mlaas; privacy; privacypreserving machine learning; split inference; cloud.