분류
2024년 8월
작성일
2024.04.09
수정일
2024.04.09
작성자
신진명
조회수
75

Task-Specific Differential Private Data Publish Method for Privacy-Preserving Deep Learning

According to recent advances in deep neural network, deep neural networks are widely applied in various applications such as advertise, financial and medical fields to provide personalized service. To develop deep neural network models for personalized service many institutions are collecting large datasets including sensitive information and using them to train models. However, the data memorization effect of deep neural network, a phenomenon that a deep neural network model remembers information which is not necessary for specific task, leads many malicious users to target the sensitive information that is memorized in deep neural networks. To handle the infor- mation leakage caused by such phenomenon, two representative mechanisms are widely studied, which called homomorphic encryption and differential privacy. This dissertation shows the limi- tation of homomorphic encryption-based privacy-preserving mechanisms and proposes two new differential privacy-based privacy-preserving methods in each chapter as follows:


1. AdaptiveDifferentialPrivacyMethodforStructuredData:Instructureddata,anonymiza- tion techniques are widely used because of it’s intuitive characteristics and low additional computation resource requirement. However, many studies showed that deep neural network models using anonymization techniques are vulnerable to various privacy attacks targeting sensitive information. Different from anonymization techniques, the security of differential privacy is fully proofed mathematically and the performance of deep neural network applied differential privacy is not degraded so much. But, since the performance degradation of dif- ferential privacy-based deep neural network cannot be bounded mathematically, differential privacy results exceptional performance degradation in specific task according to parameter settings. To handle such problem, adaptive differential privacy method for structured data is proposed in this chapter. The main idea of proposed adaptive differential privacy method is calibrating the amount and distribution of random noise in differential privacy according to the feature importance for the specific task. To achieve automotive feature importance- based noise calibrating according to specific task, the explainable artificial intelligent ex- tracts feature importance and such importance is modified to calibrating noise magnitude. In experiments, the feasibility of proposed method is shown through data utility comparison, resistance against privacy attack and performance variation according to privacy parameter.


2. DifferentialPrivateImageDe-IdentificationMethodforDeepLearning-basedService: Since the characteristics that no restrictions on input data type, a simple differential privacy- based privacy-preserving deep learning method named differential private stochastic gradi- ent descent is widely adapted. However, recent research on privacy attack that targeting dif- ferential private stochastic gradient descent-based deep learning model showed such method can be exploited easily. Different from such model modification-based privacy-preserving deep learning, the data modification-based privacy-preserving, which is adding noise into data directly, is relatively secure from privacy attacks on deep learning models. At the same time, many researchers endeavored to modify input data using differential privacy mecha- nism for structured data. However, only few researches for unstructured data, e.g. image, proposed differential privacy-based input data modification methods for specific tasks. To handle such limitation, this chapter proposes an differential private image de-identification method. The key idea of the proposed method is adding important features for deep learn- ing model into noised unrecognizable image. Thus, human cannot recognize the content of image, but the deep neural network can recognize and analysis the content of noise image. Also, to automate the important feature extraction, the feature importance of explainable artificial intelligent is applied. Additionally, the service architecture and simple protocol for service time are described.


 Two privacy-preserving methods described above in this dissertation provide resistance against state-of-art privacy attacks targeting deep neural networks. Therefore, the sensitive information in personalized deep neural network-based service can be secure.

학위연월
2024년 8월
지도교수
최윤호
키워드
소개 웹페이지
https://sinryang.github.io/dissertation/
첨부파일
첨부파일이(가) 없습니다.
다음글
Trust Guard Extension for Enhanced Security Features in Light-weight Embedded Environment
김해용 2024-05-04 15:28:23.25
이전글
Advanced Defense Framework against Physical Adversarial Camouflage via Continual Adversarial Training
김용수 2024-04-08 09:38:57.897
RSS 2.0 123
게시물 검색
박사학위논문
번호 제목 작성자 작성일 첨부파일 조회수
123 Uncertainty-Based Hybrid Deep Learning Approach fo 멘가라 악셀 기드온 2024.12.10 0 7
122 Effective Deep Learning Primitives Design for Bina 황선진 2024.10.14 0 35
121 Toward Immersive Multi-view Video Streaming 탄중 디온 2024.10.14 0 21
120 A Low-cost Deep Learning Model for Real-time Surve 등 제강 2024.10.10 0 40
119 Enhancing Nested Entity Recognition Using Nested R 양홍진 2024.10.09 0 44
118 다양한 도메인과 데이터 형식에 강건한 사전학습 언어모델 기반의 표 질의응답 방법 조상현 2024.10.09 0 38
117 Trust Guard Extension for Enhanced Security Featur 김해용 2024.05.04 0 64
116 Task-Specific Differential Private Data Publish Me 신진명 2024.04.09 0 75
115 Advanced Defense Framework against Physical Advers 김용수 2024.04.08 0 90
114 한글 메신저 채팅의 크로스 텍스팅 탐지를 위한 저자 검증 모형 이다영 2024.04.05 0 88
113 상태 기반 테스트 시나리오 보강 방법 이선열 2023.10.17 0 159
112 Manufacturing Testing Automation FrameworkBased on 강효은 2023.10.17 0 184
111 Synthesizing Robust Physical Camouflage for Univer 수랸토 나우팔 2023.10.16 0 172
110 복잡도 다양성을 고려한 C 프로그램의 시험 용이성 예측 모형 구축 방법 최현재 2023.10.16 0 148
109 Design and Optimization of Quantum Arithmetic Circ 라라사티 하라스타 타티마 2023.10.13 0 176
108 Improving 6TiSCH Network Formation and Transmissio 파와즈 자키 자키얄 2023.10.10 0 163
107 저지연 고신뢰 운전자 프로파일링을 위한 딥러닝 모델 및 조기 종료 기법 임재봉 2023.10.08 0 234
106 802.11ax 대규모 Wi-Fi 환경의 심층 생성 모델을 활용한 트래픽 모델링 및 AP 이재민 2023.04.07 0 139
105 뉴런 클러스터를 활용한 합성곱 신경망 이미지 분류 신뢰성 향상 방법 이영우 2023.04.06 0 130
104 Trust Guard Extension Framework for Enhanced Secur 김해용 2023.04.06 0 108