Abstract

Recently, private inference (PI) has addressed the rising concern over data and model privacy in machine learning inference as a service. However, existing PI frameworks suffer from high computational and communication costs due to the expensive multi-party computation (MPC) protocols. Existing literature has developed lighter MPC protocols to yield more efficient PI schemes. We, in contrast, propose to lighten them by introducing an empirically-defined privacy evaluation. To that end, we reformulate the threat model of PI and use inference data privacy attacks (IDPAs) to evaluate data privacy. We then present an enhanced IDPA, named distillation-based inverse-network attack (DINA), for improved privacy evaluation. Finally, we leverage the findings from DINA and propose C2PI, a two-party PI framework presenting an efficient partitioning of the neural network model and requiring only the initial few layers to …

Metadata

publication

2023 60th ACM/IEEE Design Automation Conference (DAC), 1-6, 2023

year

2023

publication date

2023/7/9

authors

Yuke Zhang, Dake Chen, Souvik Kundu, Haomei Liu, Ruiheng Peng, Peter A Beerel

link

https://ieeexplore.ieee.org/abstract/document/10247682/

resource_link

https://arxiv.org/pdf/2304.13266

conference

2023 60th ACM/IEEE Design Automation Conference (DAC)

pages

1-6

publisher

IEEE