NoPeek: Information leakage reduction to share activations in distributed deep learning

For distributed machine learning with sensitive data, we demonstrate how minimizing distance correlation between raw data and intermediary representations reduces leakage of sensitive raw data patterns across client communications while maintaining model accuracy. Leakage (measured using distance co...

Full description

Bibliographic Details
Main Authors: Vepakomma, Praneeth (Author), Singh, Abhishek (Author), Gupta, Otkrist (Author), Raskar, Ramesh (Author)
Other Authors: Program in Media Arts and Sciences (Massachusetts Institute of Technology) (Contributor), Massachusetts Institute of Technology. Media Laboratory (Contributor)
Format: Article
Language:English
Published: IEEE, 2022-07-18T14:30:57Z.
Subjects:
Online Access:Get fulltext
LEADER 01754 am a22002173u 4500
001 137081.2
042 |a dc 
100 1 0 |a Vepakomma, Praneeth  |e author 
100 1 0 |a Program in Media Arts and Sciences   |q  (Massachusetts Institute of Technology)   |e contributor 
100 1 0 |a Massachusetts Institute of Technology. Media Laboratory  |e contributor 
700 1 0 |a Singh, Abhishek  |e author 
700 1 0 |a Gupta, Otkrist  |e author 
700 1 0 |a Raskar, Ramesh  |e author 
245 0 0 |a NoPeek: Information leakage reduction to share activations in distributed deep learning 
260 |b IEEE,   |c 2022-07-18T14:30:57Z. 
856 |z Get fulltext  |u https://hdl.handle.net/1721.1/137081.2 
520 |a For distributed machine learning with sensitive data, we demonstrate how minimizing distance correlation between raw data and intermediary representations reduces leakage of sensitive raw data patterns across client communications while maintaining model accuracy. Leakage (measured using distance correlation between input and intermediate representations) is the risk associated with the invertibility of raw data from intermediary representations. This can prevent client entities that hold sensitive data from using distributed deep learning services. We demonstrate that our method is resilient to such reconstruction attacks and is based on reduction of distance correlation between raw data and learned representations during training and inference with image datasets. We prevent such reconstruction of raw data while maintaining information required to sustain good classification accuracies. 
546 |a en 
655 7 |a Article 
773 |t 10.1109/ICDMW51313.2020.00134 
773 |t IEEE International Conference on Data Mining Workshops, ICDMW