A protection method of trained CNN model with a secret key from unauthorized access
نویسندگان
چکیده
In this paper, we propose a novel method for protecting convolutional neural network models with secret key set so that unauthorized users without the correct cannot access trained models. The enables us to protect not only from copyright infringement but also functionality of model any noticeable overhead. We introduce three block-wise transformations generate learnable transformed images: pixel shuffling, negative/positive transformation, and format-preserving Feistel-based encryption. Protected are by using images. results experiments CIFAR ImageNet datasets show performance protected was close non-protected when correct, while accuracy severely dropped an incorrect given. demonstrated be robust against various attacks. Compared state-of-the-art protection passports, proposed does have additional layers in network, therefore, there is no overhead during training inference processes.
منابع مشابه
a paradigm shift away from method-wise teaching to strategy-wise teaching: an investigation of reconstructive strategy versus communicative strategy
چکیده: هدف اصلی این مطالعه ی توصیفی تحقیقی در حقیقت تلاشی پساروش-گرا به منظور رسیدن به نتیجه ای منطقی در انتخاب مناسبترین راهکار آموزشی بر گرفته از چارچوب راهبردی مطرح شده توسط والدمر مارتن بوده که به بهترین شکل سازگار و مناسب با سامانه ی آموزشی ایران باشد. از این رو، دو راهکار آموزشی، راهکار ارتباطی و راهکار بازساختی، برای تحقیق و بررسی انتخاب شدند. صریحاً اینکه، در راستای هدف اصلی این پژوهش، ر...
15 صفحه اولinvestigating the feasibility of a proposed model for geometric design of deployable arch structures
deployable scissor type structures are composed of the so-called scissor-like elements (sles), which are connected to each other at an intermediate point through a pivotal connection and allow them to be folded into a compact bundle for storage or transport. several sles are connected to each other in order to form units with regular polygonal plan views. the sides and radii of the polygons are...
A Method for Detecting the Exposure of a Secret Key in Key-Insulated Scheme
Dodis et al proposed a key-insulated signature scheme in 2003. In the scheme, total lifetime of a certificate is divided to time periods and different secret keys are used for each time period. The master secret key is stored in the physically secure device and is not used for signing directly. The different secret keys are used for signature in each time period and they are refreshed by a comp...
متن کاملA Host Protection Framework Against Unauthorized Access for Ensuring Network Survivability
Currently, the major focus on the network security is securing individual components as well as preventing unauthorized access to network services. Ironically, Address Resolution Protocol (ARP) poisoning and spoofing techniques can be used to prohibit unauthorized network access and resource modifications. The protecting ARP which relies on hosts caching reply messages can be the primary method...
متن کاملSecret-Key and Public-Key Based Privacy Protection Protocols in Wireless Medical Sensor Networks: A Survey
Recently, with the rapid development and implementation of wireless medical sensors has gained increasing popularity. Monitor and record some vital parameters of patients are of importance to know the patient’s health condition. But malicious attacks happen occasionally, which may cause the patient-related data being leaked or modified. In this study, we made a survey about some researches in t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: APSIPA transactions on signal and information processing
سال: 2021
ISSN: ['2048-7703']
DOI: https://doi.org/10.1017/atsip.2021.9