Efficient and privacy-preserving deep inference towards cloud–edge collaborative

IF 7.2 1区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Applied Soft Computing Pub Date : 2025-06-11 DOI:10.1016/j.asoc.2025.113381

Yulong Wang , Guoxin Zhong , Yubing Duan , Yunchang Cheng , Mingyong Yin , Run Yang

{"title":"Efficient and privacy-preserving deep inference towards cloud–edge collaborative","authors":"Yulong Wang , Guoxin Zhong , Yubing Duan , Yunchang Cheng , Mingyong Yin , Run Yang","doi":"10.1016/j.asoc.2025.113381","DOIUrl":null,"url":null,"abstract":"<div><div>The cloud–edge collaborative inference approach splits deep neural networks (DNNs) into two parts to run collaboratively on resource-constrained edge devices(AIoT devices) and cloud servers, aiming at minimizing inference latency and protecting data privacy for AIoT computing system. However, despite not exposing the raw input data from edge devices directly to the cloud, state-of-the-art attacks can still target collaborative inference to reconstruct the raw private data from exposed local models’ intermediate outputs, introducing serious privacy risks. In this paper, we propose a secure privacy inference framework for cloud–edge collaboration system towards AIoT network, called CIS (<u>C</u>ollaborative <u>I</u>nference <u>S</u>hield), which supports adaptively partitioning the network according to dynamically changing network bandwidth and fully releases the computational power of edge devices. To mitigate the influence introduced by private perturbation, CIS provides a way to achieve differential privacy protection by adding refined noise to the intermediate layer feature maps offloaded to the cloud. Meanwhile, given a total privacy budget, the budget is reasonably allocated by the size of the feature graph rank generated by different convolution filters, making cloud inference robust to the perturbed data, thus effectively trading-off between privacy and availability. Finally, we construct a real cloud–edge collaborative inference computing scenario to verify the effectiveness of inference latency and model partitioning on resource-constrained edge devices. Furthermore, the state-of-the-art cloud–edge collaborative reconstruction attack is utilized to evaluate the practical availability of the end-to-end privacy protection mechanism provided by CIS.</div></div>","PeriodicalId":50737,"journal":{"name":"Applied Soft Computing","volume":"180 ","pages":"Article 113381"},"PeriodicalIF":7.2000,"publicationDate":"2025-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Applied Soft Computing","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1568494625006921","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

The cloud–edge collaborative inference approach splits deep neural networks (DNNs) into two parts to run collaboratively on resource-constrained edge devices(AIoT devices) and cloud servers, aiming at minimizing inference latency and protecting data privacy for AIoT computing system. However, despite not exposing the raw input data from edge devices directly to the cloud, state-of-the-art attacks can still target collaborative inference to reconstruct the raw private data from exposed local models’ intermediate outputs, introducing serious privacy risks. In this paper, we propose a secure privacy inference framework for cloud–edge collaboration system towards AIoT network, called CIS (Collaborative Inference Shield), which supports adaptively partitioning the network according to dynamically changing network bandwidth and fully releases the computational power of edge devices. To mitigate the influence introduced by private perturbation, CIS provides a way to achieve differential privacy protection by adding refined noise to the intermediate layer feature maps offloaded to the cloud. Meanwhile, given a total privacy budget, the budget is reasonably allocated by the size of the feature graph rank generated by different convolution filters, making cloud inference robust to the perturbed data, thus effectively trading-off between privacy and availability. Finally, we construct a real cloud–edge collaborative inference computing scenario to verify the effectiveness of inference latency and model partitioning on resource-constrained edge devices. Furthermore, the state-of-the-art cloud–edge collaborative reconstruction attack is utilized to evaluate the practical availability of the end-to-end privacy protection mechanism provided by CIS.

查看原文本刊更多论文

高效且保护隐私的云边缘协作深度推理

云边缘协同推理方法将深度神经网络（dnn）分成两部分，在资源受限的边缘设备（AIoT设备）和云服务器上协同运行，旨在最大限度地减少AIoT计算系统的推理延迟和保护数据隐私。然而，尽管没有将边缘设备的原始输入数据直接暴露给云，但最先进的攻击仍然可以针对协作推理，从暴露的本地模型的中间输出中重建原始私有数据，从而引入严重的隐私风险。本文提出了一种面向AIoT网络的云边缘协作系统安全隐私推理框架CIS (Collaborative inference Shield)，支持根据动态变化的网络带宽自适应划分网络，充分释放边缘设备的计算能力。为了减轻私有扰动带来的影响，CIS提供了一种通过向卸载到云的中间层特征图添加精细噪声来实现差分隐私保护的方法。同时，在给定总隐私预算的情况下，根据不同卷积过滤器生成的特征图秩大小合理分配预算，使云推断对扰动数据具有鲁棒性，从而有效地在隐私和可用性之间进行权衡。最后，我们构建了一个真实的云边缘协同推理计算场景，以验证在资源受限的边缘设备上推理延迟和模型划分的有效性。此外，利用最先进的云边缘协同重建攻击来评估CIS提供的端到端隐私保护机制的实际可用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Applied Soft Computing 工程技术-计算机：跨学科应用

CiteScore

15.80

自引率

6.90%

发文量

874

审稿时长

10.9 months

期刊介绍： Applied Soft Computing is an international journal promoting an integrated view of soft computing to solve real life problems.The focus is to publish the highest quality research in application and convergence of the areas of Fuzzy Logic, Neural Networks, Evolutionary Computing, Rough Sets and other similar techniques to address real world complexities. Applied Soft Computing is a rolling publication: articles are published as soon as the editor-in-chief has accepted them. Therefore, the web site will continuously be updated with new articles and the publication time will be short.