# Local Differential Privacy for Deep Learning

**Authors:** M.A.P. Chamikara, P. Bertok, I. Khalil, D. Liu, S. Camtepe, M., Atiquzzaman

arXiv: 1908.02997 · 2019-11-12

## TL;DR

This paper introduces LATENT, a local differential privacy algorithm for deep learning in IoT environments, enabling privacy-preserving training with high utility and practical deployment via network function virtualization.

## Contribution

LATENT redesigns deep learning training by integrating a local differential privacy protocol with a modular CNN architecture suitable for IoT and cloud environments.

## Key findings

- Achieves 91-96% accuracy under low privacy budgets
- Maintains high model utility with privacy-preserving randomization
- Operates efficiently in SDN-controlled NFV environments

## Abstract

The internet of things (IoT) is transforming major industries including but not limited to healthcare, agriculture, finance, energy, and transportation. IoT platforms are continually improving with innovations such as the amalgamation of software-defined networks (SDN) and network function virtualization (NFV) in the edge-cloud interplay. Deep learning (DL) is becoming popular due to its remarkable accuracy when trained with a massive amount of data, such as generated by IoT. However, DL algorithms tend to leak privacy when trained on highly sensitive crowd-sourced data such as medical data. Existing privacy-preserving DL algorithms rely on the traditional server-centric approaches requiring high processing powers. We propose a new local differentially private (LDP) algorithm named LATENT that redesigns the training process. LATENT enables a data owner to add a randomization layer before data leave the data owners' devices and reach a potentially untrusted machine learning service. This feature is achieved by splitting the architecture of a convolutional neural network (CNN) into three layers: (1) convolutional module, (2) randomization module, and (3) fully connected module. Hence, the randomization module can operate as an NFV privacy preservation service in an SDN-controlled NFV, making LATENT more practical for IoT-driven cloud-based environments compared to existing approaches. The randomization module employs a newly proposed LDP protocol named utility enhancing randomization, which allows LATENT to maintain high utility compared to existing LDP protocols. Our experimental evaluation of LATENT on convolutional deep neural networks demonstrates excellent accuracy (e.g. 91%- 96%) with high model quality even under low privacy budgets (e.g. $\varepsilon=0.5$).

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1908.02997/full.md

## Figures

18 figures with captions in the complete paper: https://tomesphere.com/paper/1908.02997/full.md

## References

51 references — full list in the complete paper: https://tomesphere.com/paper/1908.02997/full.md

---
Source: https://tomesphere.com/paper/1908.02997