Skip to Main content Skip to Navigation
Preprints, Working Papers, ...

Neural Network Information Leakage through Hidden Learning

Abstract : We investigate the problem of making a neural network perform some hidden computation whose result can be easily retrieved from the network output. In particular, we consider the following scenario. A user is provided a neural network for a classification task by a company. We further assume that the company has limited access to the user's computation, and can only observe the output of the network when the user evaluates it. The user's input to the network contains some sensible information. We provide a simple and efficient training procedure, called Hidden Learning, that produces two networks such that i) One of the networks solves the original classification task with comparable performance to state of the art solutions of the task; ii) The other network takes as input the output of the first and solves another classification task that retrieves the sensible information with considerable accuracy. Our result might expose important issues from an information security point of view, as for the use of artificial neural networks in sensible applications.
Document type :
Preprints, Working Papers, ...
Complete list of metadata

https://hal.archives-ouvertes.fr/hal-03157141
Contributor : Arthur da Cunha <>
Submitted on : Tuesday, March 2, 2021 - 9:39:31 PM
Last modification on : Thursday, April 15, 2021 - 3:08:19 PM

File

hidden_learning.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-03157141, version 1

Citation

Arthur da Cunha, Emanuele Natale, Laurent Viennot. Neural Network Information Leakage through Hidden Learning. 2021. ⟨hal-03157141⟩

Share

Metrics

Record views

47

Files downloads

55