Privacy-Preserving Deep Learning

This book discusses the state-of-the-art in privacy-preserving deep learning (PPDL), especially as a tool for machine learning as a service (MLaaS), which serves as an enabling technology by combining classical privacy-preserving and cryptographic protocols with deep learning. Google and Microsoft announced a major investment in PPDL in early 2019. This was followed by Google's infamous announcement of Private Join and Compute, an open source PPDL tools based on secure multi-party computation (secure MPC) and homomorphic encryption (HE) in June of that year. One of the challenging issues concerning PPDL is selecting its practical applicability despite the gap between the theory and practice. In order to solve this problem, it has recently been proposed that in addition to classical privacy-preserving methods (HE, secure MPC, differential privacy, secure enclaves), new federated or split learning for PPDL should also be applied. This concept involves building a cloud framework that enables collaborative learning while keeping training data on client devices. This successfully preserves privacy and while allowing the framework to be implemented in the real world. This book provides fundamental insights into privacy-preserving and deep learning, offering a comprehensive overview of the state-of-the-art in PPDL methods. It discusses practical issues, and leveraging federated or split-learning-based PPDL. Covering the fundamental theory of PPDL, the pros and cons of current PPDL methods, and addressing the gap between theory and practice in the most recent approaches, it is a valuable reference resource for a general audience, undergraduate and graduate students, as well as practitioners interested learning about PPDL from the scratch, and researchers wanting to explore PPDL for their applications.

Provides an overview of deep learning-based privacy-preserving Discusses privacy issues in machine learning as a service Addresses learning as one of the challenges in the context of privacy-preserving

Autorentext

Professor Kwangjo Kim, an influential figure in cryptography, earned his B.Sc. and M.Sc. from Yonsei University and a Ph.D. from Yokohama National University. He worked at ETRI from 1979 to 1997 and held visiting professorships at prestigious institutions like MIT and UCSD. After his retirement from KAIST in 2021, where he had served since 1998, he became President of the International Research Institute for Cyber Security (IRCS) and remains an Emeritus Professor at KAIST. Professor Kim has been a key contributor to the global cryptographic community, notably serving as a board member of the IACR, chairing the Asiacrypt Steering Committee, and organizing multiple high-profile conferences. Honored as the first Korean IACR Fellow, he co-authored key texts on deep learning and privacy-preserving technologies and was recognized among Stanford's Top 2% of Scientists in 2023. He has significantly advanced post-quantum cryptography with the development of the SOLMAE signature scheme and boasts an H-index of 48 with over 10,000 citations. His research spans cryptography, cybersecurity, and applications, with numerous patents to his name.Currently, appointment as, Adjunct Faculty at Cleveland State Univ, Ohio, USA from FY2025 to FY2028.

Inhalt
Introduction.- Definition and Classification.- Background Knowledge.- X-based Hybrid PPDL.- The Gap Between Theory and Application of X-based PPDL.- Federated Learning and Split Learning-based PPDL.- Analysis and Performance Comparison.- Attacks on DL and PPDL as the Possible Solutions.- Challenges and Future Work.