Key protected classification for collaborative learning

Date
2020
Advisor
Supervisor
Co-Advisor
Co-Supervisor
Instructor
Source Title
Pattern Recognition
Print ISSN
0031-3203
Electronic ISSN
Publisher
Elsevier
Volume
104
Issue
Pages
1 - 13
Language
English
Type
Article
Journal Title
Journal ISSN
Volume Title
Series
Abstract

Large-scale datasets play a fundamental role in training deep learning models. However, dataset collection is difficult in domains that involve sensitive information. Collaborative learning techniques provide a privacy-preserving solution, by enabling training over a number of private datasets that are not shared by their owners. However, recently, it has been shown that the existing collaborative learning frameworks are vulnerable to an active adversary that runs a generative adversarial network (GAN) attack. In this work, we propose a novel classification model that is resilient against such attacks by design. More specifically, we introduce a key-based classification model and a principled training scheme that protects class scores by using class-specific private keys, which effectively hide the information necessary for a GAN attack. We additionally show how to utilize high dimensional keys to improve the robustness against attacks without increasing the model complexity. Our detailed experiments demonstrate the effectiveness of the proposed technique. Source code will be made available at https://github.com/mbsariyildiz/key-protected-classification.

Course
Other identifiers
Book Title
Keywords
Privacy-preserving machine learning, Collaborative learning, Classification, Generative adversarial networks
Citation
Published Version (Please cite this version)