Session 7D: ML Security
Authors, creators, and presenters: Tianpei Lu (State Key Laboratory of Blockchain and Data Security, Zhejiang University), Bingsheng Zhang (State Key Laboratory of Blockchain and Data Security, Zhejiang University), Xiaoyuan Zhang (State Key Laboratory of Blockchain and Data Security, Zhejiang University), Kui Ren (State Key Laboratory of Blockchain and Data Security, Zhejiang University)
paper
A new PPML paradigm for quantization models
Model quantization has become common in machine learning (ML) to improve efficiency and reduce computational/communication overhead. However, it is still difficult to introduce quantization in privacy-preserving machine learning (PPML) due to the complex internal structure of quantization operators, making the protocol inefficient in existing PPML frameworks. In this study, we propose a new PPML paradigm that is customized to and can benefit from quantization models. Our main observation is that lookup tables can ignore the complex internal structure of functions, which can be used to simplify the evaluation of quantized operators. The model inference process is viewed as a quantized sequence of operators, where each operator is implemented by a lookup table. Next, we develop an efficient private lookup table evaluation protocol. Its online communication cost is only log n (where $n$ is the size of the lookup table). On a single CPU core, this protocol can evaluate 2^{26} tables with 8-bit input and 8-bit output per second. The resulting PPML framework for quantization models provides very fast online performance. Experimental results show that our quantization strategy achieves significant speedup over the SOTA PPML solution, improving online performance by 60x on 40sim for convolutional neural network (CNN) models such as AlexNet, VGG16, and ResNet18, and 25x on 10sim for large-scale language models (LLMs) such as GPT-2, GPT-Neo, and Llama2.
About NDSS
The Network and Distributed Systems Security Symposium (NDSS) facilitates the exchange of information between network and distributed systems security researchers and practitioners. The intended audience includes anyone interested in the practical aspects of network and distributed systems security, with an emphasis on practical system design and implementation. A primary goal is to encourage and enable the Internet community to adapt, adopt, and advance available security technologies.
We would like to thank the Network and Distributed Systems Security (NDSS) Symposium creators, authors, and presenters for sharing great content from the NDSS Symposium 2025 conference on their organization's YouTube channel.
Permalink
*** This is a syndicated blog from the Security Bloggers Network brought to you by Infosecurity.US and written by Marc Handelman. Read the original post: https://www.youtube-nocookie.com/embed/7gXbEtxp4Qk?si=K4O8BsL8AiulM2gH
Source link
