TY - JOUR
T1 - Attacking and Protecting Data Privacy in Edge-Cloud Collaborative Inference Systems
AU - He, Zecheng
AU - Zhang, Tianwei
AU - Lee, Ruby B.
N1 - Funding Information:
Manuscript received May 18, 2020; revised July 18, 2020; accepted August 20, 2020. Date of publication September 8, 2020; date of current version June 7, 2021. This work was supported in part by NSF STARSS under Grant 1526493, and in part by a research gift from Siemens. The work of Tianwei Zhang was supported by Singapore MoE AcRF Tier1 under Grant RS02/19. The work of Ruby B. Lee was supported by the Qualcomm Faculty Award. This article was presented in part at the 35th Annual Computer Security Applications Conference (ACSAC’19), San Juan, PR, USA, Dec. 2019. (Corresponding author: Ruby B. Lee.) Zecheng He and Ruby B. Lee are with the Department of Electrical Engineering, Princeton University, Princeton, NJ 08540 USA (e-mail: zechengh@princeton.edu; rblee@princeton.edu).
Publisher Copyright:
© 2014 IEEE.
PY - 2021/6/15
Y1 - 2021/6/15
N2 - Benefiting from the advance of deep learning (DL) technology, Internet-of-Things (IoT) devices and systems are becoming more intelligent and multifunctional. They are expected to run various DL inference tasks with high efficiency and performance. This requirement is challenged by the mismatch between the limited computing capability of edge devices and large-scale deep neural networks. Edge-cloud collaborative systems are then introduced to mitigate this conflict, enabling resource-constrained IoT devices to host arbitrary DL applications. However, the introduction of third-party clouds can bring potential privacy issues to edge computing. In this article, we conduct a systematic study about the opportunities of attacking and protecting the privacy of edge-cloud collaborative systems. Our contributions are twofold: 1) we first devise a set of new attacks for an untrusted cloud to recover arbitrary inputs fed into the system, even if the attacker has no access to the edge device's data or computations, or permissions to query this system and 2) we empirically demonstrate that solutions that add noise fail to defeat our proposed attacks, and then propose two more effective defense methods. This provides insights and guidelines to develop more privacy-preserving collaborative systems and algorithms.
AB - Benefiting from the advance of deep learning (DL) technology, Internet-of-Things (IoT) devices and systems are becoming more intelligent and multifunctional. They are expected to run various DL inference tasks with high efficiency and performance. This requirement is challenged by the mismatch between the limited computing capability of edge devices and large-scale deep neural networks. Edge-cloud collaborative systems are then introduced to mitigate this conflict, enabling resource-constrained IoT devices to host arbitrary DL applications. However, the introduction of third-party clouds can bring potential privacy issues to edge computing. In this article, we conduct a systematic study about the opportunities of attacking and protecting the privacy of edge-cloud collaborative systems. Our contributions are twofold: 1) we first devise a set of new attacks for an untrusted cloud to recover arbitrary inputs fed into the system, even if the attacker has no access to the edge device's data or computations, or permissions to query this system and 2) we empirically demonstrate that solutions that add noise fail to defeat our proposed attacks, and then propose two more effective defense methods. This provides insights and guidelines to develop more privacy-preserving collaborative systems and algorithms.
KW - Artificial intelligence
KW - collaborative inference
KW - edge-cloud computing
KW - security and privacy
UR - http://www.scopus.com/inward/record.url?scp=85107490061&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85107490061&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2020.3022358
DO - 10.1109/JIOT.2020.3022358
M3 - Article
AN - SCOPUS:85107490061
SN - 2327-4662
VL - 8
SP - 9706
EP - 9716
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
IS - 12
M1 - 9187880
ER -