This book discusses the state-of-the-art in privacy-preserving deep learning (PPDL), especially as a tool for machine learning as a service (MLaa S), which serves as an enabling technology by combining classical privacy-preserving and cryptographic protocols with deep learning. Google and Microsoft announced a major investment in PPDL in early 2019. This was followed by Google’s infamous announcement of “Private Join and Compute, ” an open source PPDL tools based on secure multi-party computation (secure MPC) and homomorphic encryption (HE) in June of that year. One of the challenging issues concerning PPDL is selecting its practical applicability despite the gap between the theory and practice. In order to solve this problem, it has recently been proposed that in addition to classical privacy-preserving methods (HE, secure MPC, differential privacy, secure enclaves), new federated or split learning for PPDL should also be applied. This concept involves building a cloud framework that enables collaborative learning while keeping training data on client devices. This successfully preserves privacy and while allowing the framework to be implemented in the real world.
This book provides fundamental insights into privacy-preserving and deep learning, offering a comprehensive overview of the state-of-the-art in PPDL methods. It discusses practical issues, and leveraging federated or split-learning-based PPDL. Covering the fundamental theory of PPDL, the pros and cons of current PPDL methods, and addressing the gap between theory and practice in the most recent approaches, it is a valuable reference resource for a general audience, undergraduate and graduate students, as well as practitioners interested learning about PPDL from the scratch, and researchers wanting to explore PPDL for their applications.
สารบัญ
Introduction.- Definition and Classification.- Background Knowledge.- X-based Hybrid PPDL.- The Gap Between Theory and Application of X-based PPDL.- Federated Learning and Split Learning-based PPDL.- Analysis and Performance Comparison.- Attacks on DL and PPDL as the Possible Solutions.- Challenges and Future Work.
เกี่ยวกับผู้แต่ง
Kwangjo Kim, received his B.Sc. and M.Sc. degrees in Electronic Engineering from Yonsei University, Seoul, Korea, in 1980 and 1983, respectively, and his Ph.D. degree from the Division of Electrical and Computer Engineering, Yokohama National University, Yokohama, Japan, in 1991. He was a Visiting Professor at the Massachusetts Institute of Technology, Cambridge, USA and the University of California at San Diego, La Jolla, USA, in 2005 and the Khalifa University of Science, Technology and Research, Abu Dhabi, UAE, in 2012. He was also an education specialist at the Bandung Institute of Technology, Indonesia, in 2013. He is currently a Professor at the Graduate School of Information Security, School of Computing, Korea Advanced Institute of Science and Technology (KAIST), and was the Korean representative to IFIP TC-11 and the honourable President of the Korea Institute of Information Security and Cryptology (KIISC). His current research interests include the theory of cryptology andinformation security and their applications. Prof. Kim served as a board member of the International Association for Cryptologic Research (IACR) from 2000 to 2004, the chairperson of the Asiacrypt Steering Committee from 2005 to 2008, and the president of KIISC in 2009. He is the first Korean Fellow of the IACR, a member of IEEEE, ACM and IEICE, and a member of the IACR Fellow Selection Committee. Moreover, he is the general chair of Asiacrypt2020 and PQCrypto2021 (including CHES2014). He serves as an editor-in-chief of the online journal Cryptography and an editor of the Journal of Mathematical Cryptology.
Harry Chandra Tanuwidjaja, received his B.S. and M.S. degrees in Electrical Engineering from the Bandung Institute of Technology (ITB), Indonesia in 2013 and 2015, respectively, and his Ph.D. degree from School of Computing, Korea Advanced Institute of Science and Technology (KAIST), South Korea. His research interests include malware detection, machine-learning, privacy-preserving, and intrusion-detection systems. Currently, he is working as a fixed term researcher for Cybersecurity Laboratory, National Institute of Information and Communications Technology (NICT), Tokyo, Japan (starting from July 2021).