CBNN: 3-Party Secure Framework for Customized Binary Neural Networks Inference

TL;DR

This paper introduces CBNN, a three-party secure framework for efficient BNN inference that maintains high accuracy and performance through innovative transformations and secure protocols.

Contribution

CBNN is the first framework to customize BNNs for secure MPC inference, combining knowledge distillation and novel secure activation functions.

Findings

Maintains high accuracy after secure customization.

Achieves efficient secure inference with optimized protocols.

Demonstrates effectiveness on multiple BNN models.

Abstract

Binarized Neural Networks (BNN) offer efficient implementations for machine learning tasks and facilitate Privacy-Preserving Machine Learning (PPML) by simplifying operations with binary values. Nevertheless, challenges persist in terms of communication and accuracy in their application scenarios. In this work, we introduce CBNN, a three-party secure computation framework tailored for efficient BNN inference. Leveraging knowledge distillation and separable convolutions, CBNN transforms standard BNNs into MPC-friendly customized BNNs, maintaining high utility. It performs secure inference using optimized protocols for basic operations. Specifically, CBNN enhances linear operations with replicated secret sharing and MPC-friendly convolutions, while introducing a novel secure activation function to optimize non-linear operations. We demonstrate the effectiveness of CBNN by transforming and securely implementing several typical BNN models. Experimental results indicate that CBNN maintains impressive performance even after customized binarization and security measures