Preserving Privacy in Convolutional Neural Network: An ∊-tuple Differential Privacy Approach - Citegraph

Paper Info

Title
Preserving Privacy in Convolutional Neural Network: An ∊-tuple Differential Privacy Approach

Abstract
Recent breakthrough in neural network has led to the birth of Convolutional neural network (CNN) which has been found to be very efficient especially in the areas of image recognition and classification. This success is traceable to the availability of large datasets and its capability to learn salient and complex data features which subsequently produce a reusable output model (F <sub xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">θ</sub> ). The F <sub xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">θ</sub> are often made available (e.g. on cloud as-a-service) for others (client) to train their data or do transfer learning, however, an adversary can perpetrate a model inversion attack on the model F <sub xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">θ</sub> to recover training data, hence compromising the sensitivity of the model buildup data. This is possible because CNN as a variant of deep neural network does memorize most of its training data during learning. Consequently, this has pose a privacy concern especially when a medical or financial data are used as model buildup data. Existing researches that proffers privacy preserving approach however suffer from significant accuracy degradation and this has left privacy preserving model on a theoretical desk. In this paper, we proposed an ϵ-tuple differential privacy approach that is based on neuron impact factor estimation to preserve privacy of CNN model without significant accuracy degradation. We experiment our approach on two large datasets and the result shows no significant accuracy degradation.

Year	DOI	Venue
2019	10.1109/ICKII46306.2019.9042653	2019 IEEE 2nd International Conference on Knowledge Innovation and Invention (ICKII)
Keywords	DocType	ISBN
Privacy,Differential privacy,Deep neural networks,CNN	Conference	978-1-7281-0123-1
Citations	PageRank	References
0	0.34	6
Authors
2

Authors (2 rows)

Cited by (0 rows)

References (6 rows)

Name	Order	Citations	PageRank
Tosin A. Adesuyi	1	3	0.75
Byeong Man Kim	2	277	20.88

1