Binarizing Split Learning for Data Privacy Enhancement and Computation Reduction

Ngoc Duy Pham, Alsharif Abuadbba, Yansong Gao, Khoa Tran Phan, Naveen Chilamkurti

Research output: Contribution to journalArticleResearchpeer-review

10 Citations (Scopus)

Abstract

Split learning (SL) enables data privacy preservation by allowing clients to collaboratively train a deep learning model with the server without sharing raw data. However, SL still has limitations such as potential data privacy leakage and high computation for clients. In this paper, we propose to binarize the SL local layers for faster computation (up to 17.5 times less forward-propagation time in both training and inference phases on mobile devices) and reduced memory usage (up to 32 times less memory and bandwidth requirements). More importantly, the binarized SL (B-SL) model can reduce privacy leakage from SL smashed data with merely a small degradation in model accuracy. To further enhance privacy preservation, we also propose two novel approaches: 1) training with additional local leak loss and 2) applying differential privacy, which could be integrated separately or concurrently into the B-SL model. Experimental results with different datasets have affirmed the benefits of the B-SL models compared with several benchmark models. The effectiveness of B-SL models against feature-space hijacking attack (FSHA) is also illustrated. Our results have demonstrated B-SL models are promising for lightweight IoT/mobile applications with high privacy-preservation requirements such as mobile healthcare applications.

Original languageEnglish
Pages (from-to)3088-3100
Number of pages13
JournalIEEE Transactions on Information Forensics and Security
Volume18
DOIs
Publication statusPublished - 2023
Externally publishedYes

Keywords

  • binarization
  • differential privacy
  • leakage loss
  • privacy preservation
  • Split learning (SL)

Cite this