Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Privacy-Preserving Deep Learning Using Deformable Operators for Secure Task Learning

Fabian Perez, Jhon Lopez, Henry Arguello

TL;DR

The paper addresses privacy risks in cloud-enabled deep learning by criticizing existing FHE and perceptual-transformation approaches for their high cost or degraded accuracy. It introduces a two-module framework combining a secret pixel-shuffling perceptual transformation during acquisition with a flexible feature learning module that uses deformable convolutions and pooling, where offsets are tied to the transformation key. This coupling allows pre-trained plain-image networks to operate on private data without retraining, while providing access control via the secret key. Empirical results on CIFAR-10 show near-privacy-seamless performance with the correct key and strong privacy with the wrong key, achieving 95.06% accuracy with a compact 1.7M-parameter model and surpassing prior methods in both accuracy and efficiency, with demonstrated segmentation capability on PASCAL-VOC. Overall, the framework offers practical, low-overhead privacy-preserving deep learning suitable for cloud-based, privacy-sensitive applications, and opens avenues for task-specific encrypted transformations and network designs.

Abstract

In the era of cloud computing and data-driven applications, it is crucial to protect sensitive information to maintain data privacy, ensuring truly reliable systems. As a result, preserving privacy in deep learning systems has become a critical concern. Existing methods for privacy preservation rely on image encryption or perceptual transformation approaches. However, they often suffer from reduced task performance and high computational costs. To address these challenges, we propose a novel Privacy-Preserving framework that uses a set of deformable operators for secure task learning. Our method involves shuffling pixels during the analog-to-digital conversion process to generate visually protected data. Those are then fed into a well-known network enhanced with deformable operators. Using our approach, users can achieve equivalent performance to original images without additional training using a secret key. Moreover, our method enables access control against unauthorized users. Experimental results demonstrate the efficacy of our approach, showcasing its potential in cloud-based scenarios and privacy-sensitive applications.

Privacy-Preserving Deep Learning Using Deformable Operators for Secure Task Learning

TL;DR

The paper addresses privacy risks in cloud-enabled deep learning by criticizing existing FHE and perceptual-transformation approaches for their high cost or degraded accuracy. It introduces a two-module framework combining a secret pixel-shuffling perceptual transformation during acquisition with a flexible feature learning module that uses deformable convolutions and pooling, where offsets are tied to the transformation key. This coupling allows pre-trained plain-image networks to operate on private data without retraining, while providing access control via the secret key. Empirical results on CIFAR-10 show near-privacy-seamless performance with the correct key and strong privacy with the wrong key, achieving 95.06% accuracy with a compact 1.7M-parameter model and surpassing prior methods in both accuracy and efficiency, with demonstrated segmentation capability on PASCAL-VOC. Overall, the framework offers practical, low-overhead privacy-preserving deep learning suitable for cloud-based, privacy-sensitive applications, and opens avenues for task-specific encrypted transformations and network designs.

Abstract

In the era of cloud computing and data-driven applications, it is crucial to protect sensitive information to maintain data privacy, ensuring truly reliable systems. As a result, preserving privacy in deep learning systems has become a critical concern. Existing methods for privacy preservation rely on image encryption or perceptual transformation approaches. However, they often suffer from reduced task performance and high computational costs. To address these challenges, we propose a novel Privacy-Preserving framework that uses a set of deformable operators for secure task learning. Our method involves shuffling pixels during the analog-to-digital conversion process to generate visually protected data. Those are then fed into a well-known network enhanced with deformable operators. Using our approach, users can achieve equivalent performance to original images without additional training using a secret key. Moreover, our method enables access control against unauthorized users. Experimental results demonstrate the efficacy of our approach, showcasing its potential in cloud-based scenarios and privacy-sensitive applications.
Paper Structure (6 sections, 2 equations, 3 figures, 2 tables)

This paper contains 6 sections, 2 equations, 3 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Proposed Method
  3. Perceptual Image Transformation
  4. Flexible Feature Learning
  5. Results
  6. conclusion

Figures (3)

  • Figure 1: Proposed framework for flexible feature learning from private images. The camera captures an image, which is then passed through a custom analog-to-digital converter to apply a transformation. The resulting measurement is a private image that is an input to the flexible feature learning module. This module generates underlying features that can be used in any task such as classification, object detection, and segmentation.
  • Figure 2: Offset generation from a key. The key stores the true pixel positions, while $\Delta \mathbf{p}$ holds the distance to the true position from the kernel sampling; each pixel across the last dimension corresponds to a sampling of the deformable operator.
  • Figure 3: Qualitative results of our proposed framework on the segmentation task. The first row corresponds to the forward pass without privacy, and the second row to the forward pass with privacy.