An Online Solution for Secured Deep Learning Models Based on Crowd Sourced SGX

Abstract

Data security has become the focus of public concern in widely used Deep Learning (DL) applications. Existing attacks can accurately recover any input entered the models. Therefore, it is of the same importance to protect DL models as well as data. Although service providers may offer Trusted Execution Environment (TEE) such as Trusted Software Guard eXtensions (SGX) for model security. The additional delay introduced by security computation cannot be neglected even compared with the delay introduced by DL inferences. In this paper, we propose an online SGX-based system to protect the DL inference process using crowd sourced SGXs. To motivate devices to contribute their SGXs, we apply an online auction mechanism. We decompose the long-term problem into multi-rounds and solve the decomposed problem in an online manner. The evaluation results show that the proposed algorithm of the online system outperforms the baseline algorithms by 160% in terms of social cost.