-
SESSION ID:
#RSAC
Multiparty Computation and Application
CRYP-F01
Eleftheria MakriLecturer/Researcher Imec-COSIC, KU Leuven, BE
& Saxion University of Applied Sciences, NL
@MakriEleftheria
-
EPIC: Efficient Private Image Classification (or: Learning from
the Masters) E. Makri, D. Rotaru, N. P. Smart, F. Vercauteren
-
#RSAC
EPIC: Efficient Private Image Classification
4
-
#RSAC
5
Feature Extraction
-
#RSACTransfer Learning Feature Extraction (or: Learning from the
Masters)
6
-
#RSAC
7
-
#RSAC
EPIC Security
8
Active Security vs. Passive Security
EPICAll other protocols in the related work
-
#RSAC
9
Step 1: Create the ML model
Dragos Rotaru 9
Inceptionโv3 CNN
Linear SVM
Alice
-
#RSAC
10
Step 2: Alice secret shares the ML model
๐๐๐๐๐๐๐ด๐ด
๐๐๐๐๐๐๐ถ๐ถ
AliceBob
Charlie
-
#RSAC
11
Step 2: Alice secret shares the ML model
๐๐๐๐๐๐๐ด๐ด
๐๐๐๐๐๐๐ถ๐ถ
๐พ๐พ1 ๐พ๐พ2 ๐พ๐พ3+ + =Dragos Rotaru
๐๐๐๐๐๐๐ด๐ด ๐๐๐๐๐๐๐ต๐ต ๐๐๐๐๐๐๐ถ๐ถ
AliceBob
Charlie
-
#RSAC
12
Step 3: Bob extracts features
Dragos Rotaru 12
Inceptionโv3 CNN
Features ๐๐
Bob
-
#RSAC
13
๐๐๐๐๐๐๐ด๐ด
๐๐๐๐๐๐๐ถ๐ถ
Dragos Rotaru
Step 4: Bob secret shares features
AliceBob
Charlie
-
#RSAC
14
๐๐๐๐๐๐๐ด๐ด
๐๐๐๐๐๐๐ถ๐ถ
Dragos Rotaru
Step 4: Bob secret shares features
๐๐๐ด๐ด
๐๐๐ถ๐ถ
๐๐๐ต๐ต
๐พ๐พ1 ๐พ๐พ2 ๐พ๐พ3+ + =Dragos Rotaru
๐๐๐ด๐ด ๐๐๐ต๐ต ๐๐๐ถ๐ถ CNN-Feat( )
AliceBob
Charlie
-
#RSAC
15
๐๐๐๐๐๐๐ด๐ด ๐๐๐๐๐๐๐ถ๐ถ
Step 5: Parties use MPC to help Charlie compute label of
SVM-Alice(Bob-Image)
๐๐๐ด๐ด ๐๐๐ถ๐ถ
๐๐๐ต๐ต
Alice
Bob
Charlie
-
#RSAC
16
๐๐๐๐๐๐๐ด๐ด ๐๐๐๐๐๐๐ถ๐ถ
Step 5: Parties use MPC to help Charlie compute label of
SVM-Alice(Bob-Image)
๐๐๐ด๐ด ๐๐๐ถ๐ถ
๐๐๐ต๐ต
***โFloristโ***Alice
Bob
Charlie
-
#RSAC
Video of the Demo of our work will appear here
17
-
#RSAC
EPIC Performance โ Simple Variant
18
Computation Cost Communication Cost
0
50
100
150
200
250
300
CIFAR-10(88.8% accuracy)
MIT-67(72.2% accuracy)
Caltech-101(91.4% accuracy)
Communication (MB)
Offline Online Total
0
0.5
1
1.5
2
2.5
3
3.5
4
CIFAR-10(88.8% accuracy)
MIT-67(72.2% accuracy)
Caltech-101(91.4% accuracy)
Runtimes (s)
Offline Online Total
-
#RSAC
Performance of the state-of-the-art private image
classification
19
Computation Cost Communication Cost
0.001
0.01
0.1
1
10
100
1000
MiniONN*(81.61% accuracy)
Gazelle**(81.61% accuracy)
EPIC(88.8% accuracy)
Runtimes (s)
Offline Online Total
0.1
1
10
100
1000
10000
MiniONN*(81.61% accuracy)
Gazelle**(81.61% accuracy)
EPIC(88.8% accuracy)
Communication (MB)
Offline Online Total
* Jian Liu, Mika Juuti, Yao Lu, N. Asokan. Oblivious Neural
Network Predictions via MiniONN Transformations. In Proceedings of
the 2017 ACM SIGSAC Conference on Computer and Communications
Security (pp. 619-631). ACM.** Chiraag Juvekar, Vinod
Vaikuntanathan, and Anantha Chandrakasan. GAZELLE: A low latency
framework for secure neural network inference. In 27th USENIX
Security Symposium (USENIX Security '18), Baltimore, MD, 2018.
USENIX Association.
-
#RSAC
EPIC Efficiency Gain over the state-of-the-art
20
EPIC vs. Gazelle1 on CIFAR-10: โ 34 times faster runtime;โ 50
times improvement of communication cost; โ 7% higher classification
accuracy.
EPIC vs. Gazelle1 with the same accuracy: โ 700 times faster
runtime; โ 500 times improvement of communication cost.
1 Chiraag Juvekar, Vinod Vaikuntanathan, and Anantha
Chandrakasan. GAZELLE: A low latency framework for secure neural
network inference. In 27th USENIX Security Symposium (USENIX
Security '18), Baltimore, MD, 2018. USENIX Association.
-
#RSAC
Now what?
21
What would transform EPIC to a LEGENDARY solution? โ Maintain
security โ Maintain or increase efficiency โ Increase accuracy!
Any ideas on how to do this (using MPC)? โ Talk to me during the
break, orโ Contact me offline at:
[email protected]
mailto:[email protected]
-
Multiparty Computation and Application EPIC: Efficient Private
Image Classification (or: Learning from the Masters) Slide Number
3EPIC: Efficient Private Image Classification Slide Number
5Transfer Learning Feature Extraction (or: Learning from the
Masters) Slide Number 7EPIC SecurityStep 1: Create the ML modelStep
2: Alice secret shares the ML modelStep 2: Alice secret shares the
ML modelStep 3: Bob extracts featuresSlide Number 13Slide Number
14Slide Number 15Slide Number 16Video of the Demo of our work will
appear here EPIC Performance โ Simple Variant Performance of the
state-of-the-art private image classificationEPIC Efficiency Gain
over the state-of-the-art Now what? Slide Number 22
![From: Makri Vivi [mailto:mpara@obi.gr] /EUIPO ฯฮฑฯฯฮฟฮณฯฮฌฯฮทฯฮท โฆFrom: Makri Vivi [mailto:mpara@obi.gr] Sent: Monday, June 26, 2017 2:17 PM Subject: ฮฯฯ ฮฮฮ: ฮฮฟฮนฮฝฮฎ](https://img.pdfslide.net/doc/110x75/5f025c367e708231d403e300/from-makri-vivi-mailtomparaobigr-euipo-f-from-makri.jpg)
