Towards Efficient and Secure Delivery of Data for Training and Inference with Privacy-Preserving

TL;DR

This paper introduces MoLe, a privacy-preserving scheme for deep learning data delivery that offers strong security with significantly lower computational and transmission overhead compared to existing methods like GAZELLE.

Contribution

The paper proposes MoLe, combining data morphing and Aug-Conv layers, to enable secure, efficient deep learning data sharing without performance loss.

Findings

MoLe achieves only 9% computational overhead on VGG-16 with CIFAR.

Data transmission overhead of MoLe is 5.12%, much lower than GAZELLE.

MoLe drastically reduces attack success rate compared to GAZELLE.

Abstract

Privacy recently emerges as a severe concern in deep learning, that is, sensitive data must be prohibited from being shared with the third party during deep neural network development. In this paper, we propose Morphed Learning (MoLe), an efficient and secure scheme to deliver deep learning data. MoLe has two main components: data morphing and Augmented Convolutional (Aug-Conv) layer. Data morphing allows data providers to send morphed data without privacy information, while Aug-Conv layer helps deep learning developers to apply their networks on the morphed data without performance penalty. MoLe provides stronger security while introducing lower overhead compared to GAZELLE (USENIX Security 2018), which is another method with no performance penalty on the neural network. When using MoLe for VGG-16 network on CIFAR dataset, the computational overhead is only 9% and the data transmission overhead is 5.12%. As a comparison, GAZELLE has computational overhead of 10,000 times and data transmission overhead of 421,000 times. In this setting, the attack success rate of adversary is 7.9 x 10^{-90} for MoLe and 2.9 x 10^{-30} for GAZELLE, respectively.