KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

Privacy-preserving and Communication-efficient Convolutional Neural Network Prediction Framework in Mobile Cloud Computing

  • Bai, Yanan (Chongqing Key Laboratory of Automated Reasoning and Cognition, Chongqing Institute of Green and Intelligent Technology, Chinese Academy Sciences) ;
  • Feng, Yong (Chongqing Key Laboratory of Automated Reasoning and Cognition, Chongqing Institute of Green and Intelligent Technology, Chinese Academy Sciences) ;
  • Wu, Wenyuan (Chongqing Key Laboratory of Automated Reasoning and Cognition, Chongqing Institute of Green and Intelligent Technology, Chinese Academy Sciences)
  • Received : 2021.09.26
  • Accepted : 2021.11.24
  • Published : 2021.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

Deep Learning as a Service (DLaaS), utilizing the cloud-based deep neural network models to provide customer prediction services, has been widely deployed on mobile cloud computing (MCC). Such services raise privacy concerns since customers need to send private data to untrusted service providers. In this paper, we devote ourselves to building an efficient protocol to classify users' images using the convolutional neural network (CNN) model trained and held by the server, while keeping both parties' data secure. Most previous solutions commonly employ homomorphic encryption schemes based on Ring Learning with Errors (RLWE) hardness or two-party secure computation protocols to achieve it. However, they have limitations on large communication overheads and costs in MCC. To address this issue, we present LeHE4SCNN, a scalable privacy-preserving and communication-efficient framework for CNN-based DLaaS. Firstly, we design a novel low-expansion rate homomorphic encryption scheme with packing and unpacking methods (LeHE). It supports fast homomorphic operations such as vector-matrix multiplication and addition. Then we propose a secure prediction framework for CNN. It employs the LeHE scheme to compute linear layers while exploiting the data shuffling technique to perform non-linear operations. Finally, we implement and evaluate LeHE4SCNN with various CNN models on a real-world dataset. Experimental results demonstrate the effectiveness and superiority of the LeHE4SCNN framework in terms of response time, usage cost, and communication overhead compared to the state-of-the-art methods in the mobile cloud computing environment.

Keywords

References

  1. D. Shen, G. Wu, and H.-Il. Suk, "Deep learning in medical image analysis," Annual review of biomedical engineering, vol. 19, pp. 221-248, 2017. https://doi.org/10.1146/annurev-bioeng-071516-044442
  2. M. Tavana, A.-R. Abtahi, D. Di Caprio, and M. Poortarigh, "An artificial neural network and bayesian network model for liquidity risk assessment in banking," Neurocomputing, vol. 275, pp. 2525-2554, 2018. https://doi.org/10.1016/j.neucom.2017.11.034
  3. W. Zheng, L. Yan, C. Gou, and F.-Y. Wang, "Fighting fire with fire: A spatial-frequency ensemble relation network with generative adversarial learning for adversarial image classification," International Journal of Intelligent Systems, vol. 36, no. 5, pp. 2081-2121, 2021. https://doi.org/10.1002/int.22372
  4. N. Fernando, S. W. Loke, and W. Rahayu, "Mobile cloud computing: A survey," Future generation computer systems, vol. 29, no. 1, pp. 84-106, 2013. https://doi.org/10.1016/j.future.2012.05.023
  5. B. Zhou and R. Buyya, "Augmentation techniques for mobile cloud computing: A taxonomy, survey, and future directions," ACM Computing Surveys (CSUR), vol. 51, no. 1, pp. 1-38, 2019. https://doi.org/10.1145/3241737
  6. M. Ribeiro, K. Grolinger, and M. A. Capretz, "Mlaas: Machine learning as a service," in Proc. of the IEEE 14th Intnational Conference. Machine Learning and Applications (ICMLA 2015), Miami, FL, USA, pp. 896-902, 2015.
  7. M. S. Riazi, B. D. Rouani, and F. Koushanfar, "Deep learning on private data," IEEE Security & Privacy, vol. 17, no. 6, pp. 54-63, 2019.
  8. T. H. Noor, S. Zeadally, A. Alfazi, and Q. Z. Sheng, "Mobile cloud computing: Challenges and future research directions," Journal of Network and Computer Applications, vol. 115, pp. 70-85, 2018. https://doi.org/10.1016/j.jnca.2018.04.018
  9. C. Gentry, "Fully homomorphic encryption using ideal lattices," in Proc. of the forty-first annual ACM symposium on Theory of computing (STOC'09), Bethesda, MD, USA, pp.169-178, 2009.
  10. Z. Brakerski, C. Gentry, and V. Vaikuntanathan, "(Leveled) fully homomorphic encryption without bootstrapping," ACM Transactions on Computation Theory (TOCT 2014), vol. 6, no. 3, pp. 1-36, 2014.
  11. J. Fan and F. Vercauteren, "Somewhat practical fully homomorphic encryption," IACR Cryptol. ePrint Arch., vol. 2012, pp. 144, 2012.
  12. R. Gilad-Bachrach, N. Dowlin, K. Laine, K. Lauter, M. Naehrig, and J. Wernsing, "Cryptonets: Applying neural networks to encrypted data with high throughput and accuracy," in Proc. of the 33rd International Conference machine learning(PMLR 2016), New York, NY, USA, pp. 201-210, 2016.
  13. X. Jiang, M. Kim, K. Lauter, and Y. Song, "Secure outsourced matrix computation and application to neural networks," in Proc. of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS 2018), Toronto, Canada, pp. 1209-1222, 2018.
  14. E. Hesamifard, H. Takabi, M. Ghasemi, and R. N. Wright, "Privacy-preserving machine learning as a service," in Proc. of on Privacy Enhancing Technologies (PETS 2018), Barcelona, Spain, vol. 2018, no. 3, pp. 123-142, 2018.
  15. E. Chou, J. Beal, D. Levy, S. Yeung, A. Haque, and L. Fei-Fei, "Faster cryptonets: Leveraging sparsity for real-world encrypted inference," arXiv preprint arXiv:1811.09953, 2018.
  16. B. D. Rouhani, M. S. Riazi, and F. Koushanfar, "Deepsecure: Scalable provably-secure deep learning," in Proc. of the 55th Annual Design Automation Conference. (DAC 2018), San Francisco, CA, USA, pp. 1-6, 2018.
  17. M. S. Riazi, M. Samragh, H. Chen, K. Laine, K. Lauter, and F. Koushanfar, "XONN: Xnor-based oblivious deep neural network inference," in Proc. of the 28th USENIX Security Symposium (USENIX Security 2019), Santa Clara, CA, USA, pp.1501-1518, 2019.
  18. J. Liu, M. Juuti, Y. Lu, and N. Asokan, "Oblivious neural network predictions via minionn transformations," in Proc. of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS 2017), Dallas Texas, USA, pp. 619-631, 2017.
  19. M. S. Riazi, C. Weinert, O. Tkachenko, E. M. Songhori, T. Schneider, and F. Koushanfar, "Chameleon: A hybrid secure computation framework for machine learning applications," in Proc. of the 2018 on Asia Conference on Computer and Communications Security (ASIACCS 2018), Incheon, Korea, pp.707-721, 2018.
  20. C. Juvekar, V. Vaikuntanathan, and A. Chandrakasan, "GAZELLE: A low latency framework for secure neural network inference," in Proc. of the 27th USENIX Security Symposium (USENIX Security 2018), Baltimore, MD, USA, pp.1651-1669, 2018.
  21. S. Li, K. Xue, B. Zhu, C. Ding, X. Gao, D. Wei, and T. Wan, "Falcon: A fourier transform based approach for fast and secure convolutional neural network predictions," in Proc. of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR 2020), Virtual, pp. 8705-8714, 2020.
  22. P. Mishra, R. Lehmkuhl, A. Srinivasan, W. Zheng, and R. A. Popa, "Delphi: A cryptographic inference service for neural networks," in Proc. of the 29th USENIX Security Symposium (USENIX Security 2020), pp. 2505-2522, 2020.
  23. C. Ke, W. Wu, and Y. Feng, "Low expansion rate encryption algorithm based on mlwe," Computer Science, vol. 46, no. 4, pp. 144-150, 2019.
  24. N. P. Smart and F. Vercauteren, "Fully homomorphic SIMD operations," Designs, codes and cryptography, vol. 71, no. 1, pp. 57-81, 2014. https://doi.org/10.1007/s10623-012-9720-4
  25. J. H. Cheon, A. Kim, M. Kim, and Y. Song, "Homomorphic encryption for arithmetic of approximate numbers," in Proc. of Conference on the Theory and Application of Cryptology and Information Security(Asiacrypt 2017), Hong Kong, China, pp. 409-437, 2017.
  26. A. Paverd, A. Martin, and I. Brown, "Modelling and automatically analysing privacy properties for honest-but-curious adversaries," Univ. Oxford, Oxford, UK, Tech. Rep, 2014.