PolyKervNets: Activation-freeNeural Networks For Efficient Private Inference

Authors

Toluwani Samuel Aremu, Mohamed bin Zayed University of Artificial IntelligenceFollow

Document Type

Dissertation

Abstract

With the advent of cloud computing, machine learning as a service (MLaaS) has become a growing phenomenon with the potential to address many real-world problems. In an untrusted cloud environment, privacy concerns of users is a major impediment to the adoption of MLaaS. To alleviate these privacy issues and preserve data confidentiality, several private inference (PI) protocols have been proposed in recent years based on cryptographic tools like Fully Homomorphic Encryption (FHE) and Secure Multiparty Computation (MPC). Deep neural networks (DNN) have been the architecture of choice in most MLaaS deployments. One of the core challenges in developing PI protocols for DNN inference is the substantial costs involved in implementing non-linear activation layers such as Rectified Linear Unit (ReLU). This has spawned a search for accurate, but efficient approximations of the ReLU function and neural architectures that operate on a stringent ReLU budget. While these methods improve efficiency and ensure data confidentiality, they often come at a significant cost to prediction accuracy. In this work, we propose a DNN architecture based on polynomial kervolution called PolyKervNet (PKN), which completely eliminates the need for non-linear activation and max pooling layers. PolyKervNets are both FHE and MPC-friendly - they enable FHE-based encrypted inference without any approximations and improve the latency on MPC-based PI protocols without any use of garbled circuits. We demonstrate that it is possible to redesign standard convolutional neural net- works (CNN) architectures such as ResNet-18 and VGG-16 with polynomial kervolution and achieve approximately 30× improvement in latency of MPC-based PI with minimal loss in accuracy on many image classification tasks.

First Page

i

Last Page

41

Publication Date

12-30-2022

Comments

Thesis submitted to the Deanship of Graduate and Postdoctoral Studies

In partial fulfillment of the requirements for the M.Sc degree in Machine Learning

Advisors: Dr. Karthik Nandakumar, Dr. Hisham Cholakkal

2 years embargo period

Recommended Citation

T. S. Aremu, "PolyKervNets: Activation-free Neural Networks For Efficient Private Inference", M.S. Thesis, Machine Learning, MBZUAI, Abu Dhabi, UAE, 2022.