A Defense Framework for Privacy Risks in Remote Machine Learning Service

<table class="table-group" id="tab2"><tr><td><table class="table"><tr><td class="thead-hr" colspan="8"><hr/></td></tr><tr class="thead"><td class="align_left">Without defense</td><td class="align_center">Train acc. (%)</td><td class="align_center">Test acc. (%)</td><td class="align_center">Attack acc. (%)</td><td class="align_center">With defense</td><td class="align_center">Train acc. (%)</td><td class="align_center">Test acc. (%)</td><td class="align_center">Attack acc. (%)</td></tr><tr><td class="thead-hr" colspan="8"><hr/></td></tr><tr><td class="align_left">CIFAR</td><td class="align_center">10 96.1</td><td class="align_center">62.24</td><td class="align_center">93.71</td><td class="align_center">Defense framework (AdvGAN)</td><td class="align_center">78.3</td><td class="align_center">69.7</td><td class="align_center">51.4</td></tr><tr><td class="align_left" colspan="8"><hr/></td></tr><tr><td class="align_left">MNIST</td><td class="align_center">100</td><td class="align_center">57.9</td><td class="align_center">89</td><td class="align_center">Defense framework (AdvGAN)</td><td class="align_center">91.66</td><td class="align_center">91.12</td><td class="align_center">52.5</td></tr><tr class="table-tr"><td colspan="8"><hr class="tbody-hr"/></td></tr></table></td></tr></table>

<div>Performance of our defense framework.</div>

Security and Communication Networks

tab2

Table 2

Table 2: A Defense Framework for Privacy Risks in Remote Machine Learning Service 