Learning to Prevent Leakage: Privacy-Preserving Inference in the Mobile Cloud

TL;DR

This paper introduces a reinforcement learning framework that modifies deep neural networks in mobile cloud applications to prevent data leakage while preserving inference accuracy.

Contribution

It presents a novel RL-based approach to adapt DNN structures for privacy preservation in mobile cloud inference tasks.

Findings

Successfully defends against various privacy attacks

Maintains high inference accuracy

Transfers policies to large DNNs for faster learning

Abstract

Powered by machine learning services in the cloud, numerous learning-driven mobile applications are gaining popularity in the market. As deep learning tasks are mostly computation-intensive, it has become a trend to process raw data on devices and send the deep neural network (DNN) features to the cloud, where the features are further processed to return final results. However, there is always unexpected leakage with the release of features, with which an adversary could infer a significant amount of information about the original data. We propose a privacy-preserving reinforcement learning framework on top of the mobile cloud infrastructure from the perspective of DNN structures. The framework aims to learn a policy to modify the base DNNs to prevent information leakage while maintaining high inference accuracy. The policy can also be readily transferred to large-size DNNs to speed up learning. Extensive evaluations on a variety of DNNs have shown that our framework can successfully find privacy-preserving DNN structures to defend different privacy attacks.