PriMask: Cascadable and Collusion-Resilient Data Masking for Mobile Cloud Inference

TL;DR

PriMask is a privacy-preserving system for mobile cloud inference that uses a cascadable, collusion-resilient neural network to mask data, ensuring privacy without modifying cloud services and resisting collusion attacks.

Contribution

PriMask introduces a novel, cascadable neural masking system with collusion resilience and a fast training method for privacy-preserving mobile cloud inference.

Findings

Effective in human activity recognition

Protects privacy against data recovery and attribute extraction

Works across diverse sensing applications

Abstract

Mobile cloud offloading is indispensable for inference tasks based on large-scale deep models. However, transmitting privacy-rich inference data to the cloud incurs concerns. This paper presents the design of a system called PriMask, in which the mobile device uses a secret small-scale neural network called MaskNet to mask the data before transmission. PriMask significantly weakens the cloud's capability to recover the data or extract certain private attributes. The MaskNet is em cascadable in that the mobile can opt in to or out of its use seamlessly without any modifications to the cloud's inference service. Moreover, the mobiles use different MaskNets, such that the collusion between the cloud and some mobiles does not weaken the protection for other mobiles. We devise a {\em split adversarial learning} method to train a neural network that generates a new MaskNet quickly (within two seconds) at run time. We apply PriMask to three mobile sensing applications with diverse modalities and complexities, i.e., human activity recognition, urban environment crowdsensing, and driver behavior recognition. Results show PriMask's effectiveness in all three applications.