Abstract
With recent advances in deep neural networks (DNNs), there is a significant increase in IoT applications leveraging AI with edge-cloud infrastructures. Nevertheless, deploying large DNN models on resource-constrained edge devices is still challenging due to limitations in computation, power, and application-specific privacy requirements. Existing model partitioning methods, which deploy a partial DNN on an edge device while processing the remaining portion of the DNN on the cloud, mainly emphasize communication and power efficiency. However, DNN partitioning based on the privacy requirements and resource budgets of edge devices has not been sufficiently explored in the literature. In this paper, we propose awareSL, a model partitioning framework that splits DNN models based on the computational resources available on edge devices, preserving the privacy of input samples while maintaining high accuracy. In our evaluation of multiple DNN architectures, awareSL effectively identifies the split points that adapt to resource budgets of edge devices. Meanwhile, we demonstrate the privacy-preserving capability of awareSL against existing input reconstruction attacks without sacrificing inference accuracy in image classification tasks.
Supported by National Science Foundation (NSF), Accenture, and Department of Energy (DoE) Award DE-OE0000780, Cyber Resilient Energy Delivery Consortium.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abuadbba, S., et al.: Can we use split learning on 1D CNN models for privacy preserving training? In: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, pp. 305–318 (2020)
Banitalebi-Dehkordi, A., Vedula, N., Pei, J., Xia, F., Wang, L., Zhang, Y.: Auto-split: a general framework of collaborative edge-cloud AI. In: Proceedings of the 27th ACM SIGKDD Conference on Knowledge Discovery & Data Mining (2021)
Ding, A.: Trustworthy cyber-physical systems via physics-aware and AI-powered security. Ph.D. thesis, Rutgers The State University of New Jersey, School of Graduate Studies (2022)
Ding, A., Murthy, P., Garcia, L., Sun, P., Chan, M., Zonouz, S.: Mini-Me, you complete me! data-driven drone security via DNN-based approximate computing. In: 24th International Symposium on Research in Attacks, Intrusions and Defenses, pp. 428–441 (2021)
Gupta, O., Raskar, R.: Distributed learning of deep neural network over multiple agents. J. Netw. Comput. Appl. 116, 1–8 (2018)
Hassanzadeh, A., Liberman, N.H., Ding, A., Salem, M.B.: Privacy-preserving collaborative machine learning training using distributed executable file packages in an untrusted environment, 29 December 2022. US Patent App. 17/356,447
He, Z., Zhang, T., Lee, R.B.: Model inversion attacks against collaborative inference. In: Proceedings of the 35th Annual Computer Security Applications Conference, pp. 148–162 (2019)
Juvekar, C., Vaikuntanathan, V., Chandrakasan, A.: \(\{\)GAZELLE\(\}\): a low latency framework for secure neural network inference. In: 27th USENIX Security Symposium (USENIX Security 2018), pp. 1651–1669 (2018)
Kang, Y., et al.: Neurosurgeon: collaborative intelligence between the cloud and mobile edge. ACM SIGARCH Comput. Archit. News 45(1), 615–629 (2017)
Khalili, H., Chien, H.J., Hass, A., Sehatbakhsh, N.: Context-aware hybrid encoding for privacy-preserving computation in IoT devices. IEEE Internet Things J. (2023)
Mehta, R., Shorey, R.: DeepSplit: dynamic splitting of collaborative edge-cloud convolutional neural networks. In: 2020 International Conference on COMmunication Systems & NETworkS (COMSNETS), pp. 720–725. IEEE (2020)
Mohammed, T., Joe-Wong, C., Babbar, R., Di Francesco, M.: Distributed inference acceleration with adaptive DNN partitioning and offloading. In: IEEE INFOCOM 2020-IEEE Conference on Computer Communications, pp. 854–863. IEEE (2020)
Pasquini, D., Ateniese, G., Bernaschi, M.: Unleashing the tiger: inference attacks on split learning. In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 2113–2129 (2021)
Pham, N.D., Abuadbba, A., Gao, Y., Phan, T.K., Chilamkurti, N.: Binarizing split learning for data privacy enhancement and computation reduction. IEEE Trans. Inf. Forensics Secur. 18, 3088–3100 (2023)
Rathee, D., et al.: CrypTFlow2: practical 2-party secure inference. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (2020)
Shao, J., Zhang, J.: Communication-computation trade-off in resource-constrained edge inference. IEEE Commun. Mag. 58(12), 20–26 (2020)
Shi, C., Chen, L., Shen, C., Song, L., Xu, J.: Privacy-aware edge computing based on adaptive DNN partitioning. In: 2019 IEEE Global Communications Conference (GLOBECOM), pp. 1–6. IEEE (2019)
Székely, G.J., Rizzo, M.L., Bakirov, N.K.: Measuring and testing dependence by correlation of distances. Ann. Stat. 35(6), 2769–2794 (2007)
Tang, M., et al.: FADE: enabling large-scale federated adversarial training on resource-constrained edge devices. arXiv preprint arXiv:2209.03839 (2022)
Vepakomma, P., Gupta, O., Dubey, A., Raskar, R.: Reducing leakage in distributed deep learning for sensitive health data. arXiv preprint arXiv:1812.00564 (2019)
Vepakomma, P., Gupta, O., Swedish, T., Raskar, R.: Split learning for health: distributed deep learning without sharing raw patient data. arXiv preprint arXiv:1812.00564 (2018)
Yang, Z., Zhang, J., Chang, E.C., Liang, Z.: Neural network inversion in adversarial setting via background knowledge alignment. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Ding, A., Hass, A., Chan, M., Sehatbakhsh, N., Zonouz, S. (2024). Resource-Aware DNN Partitioning for Privacy-Sensitive Edge-Cloud Systems. In: Luo, B., Cheng, L., Wu, ZG., Li, H., Li, C. (eds) Neural Information Processing. ICONIP 2023. Lecture Notes in Computer Science, vol 14451. Springer, Singapore. https://doi.org/10.1007/978-981-99-8073-4_15
Download citation
DOI: https://doi.org/10.1007/978-981-99-8073-4_15
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-8072-7
Online ISBN: 978-981-99-8073-4
eBook Packages: Computer ScienceComputer Science (R0)