4,560 research outputs found
DeepSecure: Scalable Provably-Secure Deep Learning
This paper proposes DeepSecure, a novel framework that enables scalable
execution of the state-of-the-art Deep Learning (DL) models in a
privacy-preserving setting. DeepSecure targets scenarios in which neither of
the involved parties including the cloud servers that hold the DL model
parameters or the delegating clients who own the data is willing to reveal
their information. Our framework is the first to empower accurate and scalable
DL analysis of data generated by distributed clients without sacrificing the
security to maintain efficiency. The secure DL computation in DeepSecure is
performed using Yao's Garbled Circuit (GC) protocol. We devise GC-optimized
realization of various components used in DL. Our optimized implementation
achieves more than 58-fold higher throughput per sample compared with the
best-known prior solution. In addition to our optimized GC realization, we
introduce a set of novel low-overhead pre-processing techniques which further
reduce the GC overall runtime in the context of deep learning. Extensive
evaluations of various DL applications demonstrate up to two
orders-of-magnitude additional runtime improvement achieved as a result of our
pre-processing methodology. This paper also provides mechanisms to securely
delegate GC computations to a third party in constrained embedded settings
-Split: A Privacy-Preserving Split Computing Framework for Cloud-Powered Generative AI
In the wake of the burgeoning expansion of generative artificial intelligence
(AI) services, the computational demands inherent to these technologies
frequently necessitate cloud-powered computational offloading, particularly for
resource-constrained mobile devices. These services commonly employ prompts to
steer the generative process, and both the prompts and the resultant content,
such as text and images, may harbor privacy-sensitive or confidential
information, thereby elevating security and privacy risks. To mitigate these
concerns, we introduce -Split, a split computing framework to
facilitate computational offloading while simultaneously fortifying data
privacy against risks such as eavesdropping and unauthorized access. In
-Split, a generative model, usually a deep neural network (DNN), is
partitioned into three sub-models and distributed across the user's local
device and a cloud server: the input-side and output-side sub-models are
allocated to the local, while the intermediate, computationally-intensive
sub-model resides on the cloud server. This architecture ensures that only the
hidden layer outputs are transmitted, thereby preventing the external
transmission of privacy-sensitive raw input and output data. Given the
black-box nature of DNNs, estimating the original input or output from
intercepted hidden layer outputs poses a significant challenge for malicious
eavesdroppers. Moreover, -Split is orthogonal to traditional
encryption-based security mechanisms, offering enhanced security when deployed
in conjunction. We empirically validate the efficacy of the -Split
framework using Llama 2 and Stable Diffusion XL, representative large language
and diffusion models developed by Meta and Stability AI, respectively. Our
-Split implementation is publicly accessible at
https://github.com/nishio-laboratory/lambda_split.Comment: This work has been submitted to the IEEE for possible publication.
Copyright may be transferred without notice, after which this version may no
longer be accessibl
Fedstellar: A Platform for Training Models in a Privacy-preserving and Decentralized Fashion
This paper presents Fedstellar, a platform for training decentralized Federated Learning (FL) models in heterogeneous topologies in terms of the number of federation participants and their connections. Fedstellar allows users to build custom topologies, enabling them to control the aggregation of model parameters in a decentralized manner. The platform offers a Web application for creating, managing, and connecting nodes to ensure data privacy and provides tools to measure, monitor, and analyze the performance of the nodes. The paper describes the functionalities of Fedstellar and its potential applications. To demonstrate the applicability of the platform, different use cases are presented in which decentralized, semi-decentralized, and centralized architectures are compared in terms of model performance, convergence time, and network overhead when collaboratively classifying hand-written digits using the MNIST dataset
Towards Scalable, Private and Practical Deep Learning
Deep Learning (DL) models have drastically improved the performance of Artificial Intelligence (AI) tasks such as image recognition, word prediction, translation, among many others, on which traditional Machine Learning (ML) models fall short. However, DL models are costly to design, train, and deploy due to their computing and memory demands. Designing DL models usually requires extensive expertise and significant manual tuning efforts. Even with the latest accelerators such as Graphics Processing Unit (GPU) and Tensor Processing Unit (TPU), training DL models can take prohibitively long time, therefore training large DL models in a distributed manner is a norm. Massive amount of data is made available thanks to the prevalence of mobile and internet-of-things (IoT) devices. However, regulations such as HIPAA and GDPR limit the access and transmission of personal data to protect security and privacy. Therefore, enabling DL model training in a decentralized but private fashion is urgent and critical. Deploying trained DL models in a real world environment usually requires meeting Quality of Service (QoS) standards, which makes adaptability of DL models an important yet challenging matter. In this dissertation, we aim to address the above challenges to make a step towards scalable, private, and practical deep learning. To simplify DL model design, we propose Efficient Progressive Neural-Architecture Search (EPNAS) and FedCust to automatically design model architectures and tune hyperparameters, respectively. To provide efficient and robust distributed training while preserving privacy, we design LEASGD, TiFL, and HDFL. We further conduct a study on the security aspect of distributed learning by focusing on how data heterogeneity affects backdoor attacks and how to mitigate such threats. Finally, we use super resolution (SR) as an example application to explore model adaptability for cross platform deployment and dynamic runtime environment. Specifically, we propose DySR and AdaSR frameworks which enable SR models to meet QoS by dynamically adapting to available resources instantly and seamlessly without excessive memory overheads
Model-as-a-Service (MaaS): A Survey
Due to the increased number of parameters and data in the pre-trained model
exceeding a certain level, a foundation model (e.g., a large language model)
can significantly improve downstream task performance and emerge with some
novel special abilities (e.g., deep learning, complex reasoning, and human
alignment) that were not present before. Foundation models are a form of
generative artificial intelligence (GenAI), and Model-as-a-Service (MaaS) has
emerged as a groundbreaking paradigm that revolutionizes the deployment and
utilization of GenAI models. MaaS represents a paradigm shift in how we use AI
technologies and provides a scalable and accessible solution for developers and
users to leverage pre-trained AI models without the need for extensive
infrastructure or expertise in model training. In this paper, the introduction
aims to provide a comprehensive overview of MaaS, its significance, and its
implications for various industries. We provide a brief review of the
development history of "X-as-a-Service" based on cloud computing and present
the key technologies involved in MaaS. The development of GenAI models will
become more democratized and flourish. We also review recent application
studies of MaaS. Finally, we highlight several challenges and future issues in
this promising area. MaaS is a new deployment and service paradigm for
different AI-based models. We hope this review will inspire future research in
the field of MaaS.Comment: Preprint. 3 figures, 1 table
- …