SLFB-CNN: An interpretable neural network privacy protection framework

Abstract

The feedforward-designed convolutional neural network (FF-CNN) method was recently proposed by Kuo et al. It has strong interpretability and low training complexity. In this paper, we have proposed two improvements (1) We merge two algorithms Layer-wise Relevance Propagation (LRP) and FF-CNN to build an interpretable neural network framework called LFB-CNN. The back-propagation (BP) algorithm is used to train the fully connected layer of FF-CNN. Meanwhile, the LRP algorithm is used to decompose and calculate the correlation between the input and output of the fully connected layer, and further improve the model performance without reducing the interpretability. (2) We conducted a privacy analysis on the LFB-CNN framework. Once the parameters of the framework are disclosed, the privacy of the data provider will be leaked. Therefore, we use differential privacy to propose a secure LFB-CNN (SLFB-CNN) algorithm. At last, we verified the effectiveness of our proposed method on the MNIST, Fashion-MNIST and CIFAR-10 datasets.