PriMask: Cascadable and Collusion-Resilient Data Masking for Mobile Cloud Inference
This addresses privacy protection for users in mobile cloud offloading scenarios, though it is incremental as it builds on existing masking and adversarial learning techniques.
The paper tackles privacy concerns in mobile cloud inference by proposing PriMask, a system that uses a secret small-scale neural network (MaskNet) to mask data before transmission, significantly weakening the cloud's ability to recover data or extract private attributes, with results showing effectiveness across three applications.
Mobile cloud offloading is indispensable for inference tasks based on large-scale deep models. However, transmitting privacy-rich inference data to the cloud incurs concerns. This paper presents the design of a system called PriMask, in which the mobile device uses a secret small-scale neural network called MaskNet to mask the data before transmission. PriMask significantly weakens the cloud's capability to recover the data or extract certain private attributes. The MaskNet is em cascadable in that the mobile can opt in to or out of its use seamlessly without any modifications to the cloud's inference service. Moreover, the mobiles use different MaskNets, such that the collusion between the cloud and some mobiles does not weaken the protection for other mobiles. We devise a {\em split adversarial learning} method to train a neural network that generates a new MaskNet quickly (within two seconds) at run time. We apply PriMask to three mobile sensing applications with diverse modalities and complexities, i.e., human activity recognition, urban environment crowdsensing, and driver behavior recognition. Results show PriMask's effectiveness in all three applications.