| |||||||
ShanghaiTech University Knowledge Management System
| Enhancing Intellectual Property Protection in Deep Neural Network with Confidential Computing | |
| 2022 | |
| 会议录名称 | PROCEEDINGS - 2022 IEEE SMARTWORLD, UBIQUITOUS INTELLIGENCE AND COMPUTING, AUTONOMOUS AND TRUSTED VEHICLES, SCALABLE COMPUTING AND COMMUNICATIONS, DIGITAL TWIN, PRIVACY COMPUTING, METAVERSE, SMARTWORLD/UIC/ATC/SCALCOM/DIGITALTWIN/PRICOMP/METAVERSE 2022 |
| 页码 | 635-640 |
| 发表状态 | 已发表 |
| DOI | 10.1109/SmartWorld-UIC-ATC-ScalCom-DigitalTwin-PriComp-Metaverse56740.2022.00105 |
| 摘要 | Deep neural network(DNN) models consume a lot of computational resources in the training process, and DNN models have become an important intellectual property. The methods for DNN models protection are currently mainly based on digital watermarking. The protection technique based on digital watermarking can only passively verify deep neural networks, and cannot restrict the illegal distribution and use of deep learning models. If the deep neural network model is deployed on a public cloud platform, the watermarking-based approach does not prevent malicious administrators from stealing the model. We propose a protection method based on the confidential computing, which divides the deep neural network model into a data preprocessing model and a inference model, we use a confidential computing environment to protect the data preprocessing model, and the inference model can be distributed to authorized users for deployment, even if malicious users get the inference model or train student models through knowledge distillation, they cannot obtain the highly accurate results from their models. It is also experimentally demonstrated that the method is also able to resist knowledge migration from the model using fine-tuning training. © 2022 IEEE. |
| 会议举办国 | IEEE; IEEE Computational Intelligence Society |
| 关键词 | Deep neural networks Digital watermarking Distillation Distributed computer systems Computational resources Confidential computing Data preprocessing Inference models Intellectual property protection Learning models Neural network model Protection techniques Public clouds Training process |
| 会议名称 | 2022 IEEE SmartWorld, 19th IEEE International Conference on Ubiquitous Intelligence and Computing, 2022 IEEE International Conference on Autonomous and Trusted Vehicles Conference, 22nd IEEE International Conference on Scalable Computing and Communications, 2022 IEEE International Conference on Digital Twin, 8th IEEE International Conference on Privacy Computing and 2022 IEEE International Conference on Metaverse, SmartWorld/UIC/ATC/ScalCom/DigitalTwin/PriComp/Metaverse 2022 |
| 会议地点 | Haikou, China |
| 会议日期 | December 15, 2022 - December 18, 2022 |
| URL | 查看原文 |
| 收录类别 | EI |
| 语种 | 英语 |
| 出版者 | Institute of Electrical and Electronics Engineers Inc. |
| EI入藏号 | 20233414586764 |
| EI主题词 | Neural network models |
| EI分类号 | 461.4 Ergonomics and Human Factors Engineering ; 722.4 Digital Computers and Systems ; 723.4 Artificial Intelligence ; 802.3 Chemical Operations |
| 原始文献类型 | Conference article (CA) |
| 来源库 | IEEE |
| 文献类型 | 会议论文 |
| 条目标识符 | https://kms.shanghaitech.edu.cn/handle/2MSLDSTB/325838 |
| 专题 | 信息科学与技术学院_本科生 |
| 作者单位 | 1.Nanhu Lab, Jiaxing, China 2.ShanghaiTech University, Shanghai, China 3.Office of Government Services and Data Resource Management, Jiaxing, China |
| 推荐引用方式 GB/T 7714 | Wensheng Tian,Ruiyan Xia,Zhichao Yan,et al. Enhancing Intellectual Property Protection in Deep Neural Network with Confidential Computing[C]:Institute of Electrical and Electronics Engineers Inc.,2022:635-640. |
| 条目包含的文件 | ||||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
修改评论
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。