| dc.contributor.author | Mo, F | |
| dc.contributor.author | Shamsabadi, AS | |
| dc.contributor.author | Katevas, K | |
| dc.contributor.author | Cavallaro, A | |
| dc.contributor.author | Haddadi, H | |
| dc.contributor.author | ACM | |
| dc.date.accessioned | 2021-04-19T14:55:29Z | |
| dc.date.available | 2021-04-19T14:55:29Z | |
| dc.date.issued | 2019 | |
| dc.identifier.citation | Mo, Fan et al. "Poster". Proceedings Of The 2019 ACM SIGSAC Conference On Computer And Communications Security, 2019. ACM, doi:10.1145/3319535.3363279. Accessed 19 Apr 2021. | en_US |
| dc.identifier.uri | https://qmro.qmul.ac.uk/xmlui/handle/123456789/71358 | |
| dc.description.abstract | Pre-trained Deep Neural Network (DNN) models are increasingly used in smartphones and other user devices to enable prediction services, leading to potential disclosures of (sensitive) information from training data captured inside these models. Based on the concept of generalization error, we propose a framework to measure the amount of sensitive information memorized in each layer of a DNN. Our results show that, when considered individually, the last layers encode a larger amount of information from the training data compared to the first layers. We find that the same DNN architecture trained with different datasets has similar exposure per layer. We evaluate an architecture to protect the most sensitive layers within an on-device Trusted Execution Environment (TEE) against potential white-box membership inference attacks without the significant computational overhead. | en_US |
| dc.format.extent | 2653 - 2655 | |
| dc.publisher | ACM | en_US |
| dc.subject | deep learning | en_US |
| dc.subject | privacy | en_US |
| dc.subject | training data | en_US |
| dc.subject | sensitive information exposure | en_US |
| dc.subject | trusted execution environment | en_US |
| dc.title | Poster: Towards Characterizing and Limiting Information Exposure in DNN Layers | en_US |
| dc.type | Conference Proceeding | en_US |
| dc.rights.holder | © 2021 ACM, Inc. | |
| dc.identifier.doi | 10.1145/3319535.3363279 | |
| pubs.author-url | http://gateway.webofknowledge.com/gateway/Gateway.cgi?GWVersion=2&SrcApp=PARTNER_APP&SrcAuth=LinksAMR&KeyUT=WOS:000509760700184&DestLinkType=FullRecord&DestApp=ALL_WOS&UsrCustomerID=612ae0d773dcbdba3046f6df545e9f6a | en_US |
| pubs.notes | Not known | en_US |
| pubs.publication-status | Published | en_US |
| rioxxterms.funder | Default funder | en_US |
| rioxxterms.identifier.project | Default project | en_US |
