Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
158 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

FOBNN: Fast Oblivious Binarized Neural Network Inference (2405.03136v1)

Published 6 May 2024 in cs.CR

Abstract: The superior performance of deep learning has propelled the rise of Deep Learning as a Service, enabling users to transmit their private data to service providers for model execution and inference retrieval. Nevertheless, the primary concern remains safeguarding the confidentiality of sensitive user data while optimizing the efficiency of secure protocols. To address this, we develop a fast oblivious binarized neural network inference framework, FOBNN. Specifically, we customize binarized convolutional neural networks to enhance oblivious inference, design two fast algorithms for binarized convolutions, and optimize network structures experimentally under constrained costs. Initially, we meticulously analyze the range of intermediate values in binarized convolutions to minimize bit representation, resulting in the Bit Length Bounding (BLB) algorithm. Subsequently, leveraging the efficiency of bitwise operations in BLB, we further enhance performance by employing pure bitwise operations for each binary digit position, yielding the Layer-wise Bit Accumulation (LBA) algorithm. Theoretical analysis validates FOBNN's security and indicates up to $2 \times$ improvement in computational and communication costs compared to the state-of-the-art method. We demonstrates our framework's effectiveness in RNA function prediction within bioinformatics. Rigorous experimental assessments confirm that our oblivious inference solutions not only maintain but often exceed the original accuracy, surpassing prior efforts.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (32)
  1. TensorFlow: a system for large-scale machine learning. In 12th USENIX symposium on operating systems design and implementation (OSDI 16). 265–283.
  2. QUOTIENT: two-party secure neural network training and prediction. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 1231–1247.
  3. Low latency privacy preserving inference. In International Conference on Machine Learning. PMLR, 812–821.
  4. Binarized neural networks: Training deep neural networks with weights and activations constrained to +1 or -1. arXiv preprint arXiv:1602.02830 (2016).
  5. Secure Evaluation of Quantized Neural Networks. Proceedings on Privacy Enhancing Technologies 4 (2020), 355–375.
  6. CHET: an optimizing compiler for fully-homomorphic neural-network inferencing. In Proceedings of the 40th ACM SIGPLAN conference on programming language design and implementation. 142–156.
  7. A pragmatic introduction to secure multi-party computation. Foundations and Trends® in Privacy and Security 2, 2-3 (2018), 70–246.
  8. Cryptonets: Applying neural networks to encrypted data with high throughput and accuracy. In International conference on machine learning. PMLR, 201–210.
  9. Quantized neural networks: Training neural networks with low precision weights and activations. journal of machine learning research 18, 187 (2018), 1–30.
  10. Banners: Binarized neural networks with replicated secret sharing. In Proceedings of the 2021 ACM Workshop on Information Hiding and Multimedia Security. 63–74.
  11. Sergey Ioffe and Christian Szegedy. 2015. Batch normalization: Accelerating deep network training by reducing internal covariate shift. In International conference on machine learning. pmlr, 448–456.
  12. GAZELLE: A low latency framework for secure neural network inference. In 27th USENIX Security Symposium (USENIX Security 18). 1651–1669.
  13. Improved garbled circuit building blocks and applications to auctions and computing minima. In Cryptology and Network Security: 8th International Conference, CANS 2009, Kanazawa, Japan, December 12-14, 2009. Proceedings 8. Springer, 1–20.
  14. Vladimir Kolesnikov and Thomas Schneider. 2008. Improved garbled circuit: Free XOR gates and applications. In Automata, Languages and Programming: 35th International Colloquium, ICALP 2008, Reykjavik, Iceland, July 7-11, 2008, Proceedings, Part II 35. Springer, 486–498.
  15. Yehuda Lindell and Benny Pinkas. 2009. A proof of security of Yao’s protocol for two-party computation. Journal of cryptology 22 (2009), 161–188.
  16. Oblivious neural network predictions via minionn transformations. In Proceedings of the 2017 ACM SIGSAC conference on computer and communications security. 619–631.
  17. Autoprivacy: Automated layer-wise parameter selection for secure neural network inference. Advances in Neural Information Processing Systems 33 (2020), 8638–8647.
  18. Payman Mohassel and Peter Rindal. 2018. ABY3: A mixed protocol framework for machine learning. In Proceedings of the 2018 ACM SIGSAC conference on computer and communications security. 35–52.
  19. Payman Mohassel and Yupeng Zhang. 2017. Secureml: A system for scalable privacy-preserving machine learning. In 2017 IEEE symposium on security and privacy (SP). IEEE, 19–38.
  20. Deep learning predicts short non-coding RNA functions from only raw sequence data. PLoS computational biology 16, 11 (2020), e1008415.
  21. Michael O Rabin. 2005. How to exchange secrets with oblivious transfer. Cryptology ePrint Archive (2005).
  22. Cryptflow2: Practical 2-party secure inference. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. 325–342.
  23. XONN: XNOR-based oblivious deep neural network inference. In 28th USENIX Security Symposium (USENIX Security 19). 1501–1518.
  24. Chameleon: A hybrid secure computation framework for machine learning applications. In Proceedings of the 2018 on Asia conference on computer and communications security. 707–721.
  25. Deepsecure: Scalable provably-secure deep learning. In Proceedings of the 55th annual design automation conference. 1–6.
  26. SecureNN: 3-Party Secure Computation for Neural Network Training. Proc. Priv. Enhancing Technol. 2019, 3 (2019), 26–49.
  27. Falcon: Honest-Majority Maliciously Secure Framework for Private Deep Learning. Proceedings on Privacy Enhancing Technologies 1 (2021), 188–208.
  28. EMP-toolkit: Efficient MultiParty computation toolkit. https://github.com/emp-toolkit.
  29. Quantized convolutional neural networks for mobile devices. In Proceedings of the IEEE conference on computer vision and pattern recognition. 4820–4828.
  30. Andrew Chi-Chih Yao. 1986. How to generate and exchange secrets. In 27th annual symposium on foundations of computer science (Sfcs 1986). IEEE, 162–167.
  31. Scalable Binary Neural Network applications in Oblivious Inference. ACM Transactions on Embedded Computing Systems (2023).
  32. Securebinn: 3-party secure computation for binarized neural network inference. In European Symposium on Research in Computer Security. Springer, 275–294.
Citations (2)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets