Charles River to develop SPNN for OSD Strategic Capabilities Office
Charles River Analytics Inc. of Cambridge, MA announced on November 13 that it has received funding from the Strategic Capabilities Office of the Under Secretary of Defense to develop a Secure Private Neural Network (SPNN) that hardens deep neural networks against adversary attacks. The US Government increasingly relies on deep neural networks for critical machine learning tasks—the OSD Strategic Capabilities Office is concerned with both black box and white box attacks on a deep neural network.
SPNN provides privacy and security for analysts training deep neural networks to perform inference on big data. These networks learn using training datasets that may contain sensitive data; adversaries can exploit these networks, causing data breaches or misclassification of sensitive information.
“Cyber adversaries can monitor deep neural networks and learn their training and classification processes,” said Curt Wu, chief software engineer at Charles River Analytics and Project Manager on the SPNN effort. “SPNN uses privacy-preserving encryption so deep neural networks can securely perform training and classification tasks.”
SPNN produces a secure neural network that preserves the privacy of training and testing data against white box attacks via end-to-end efficient encryption. Additional obfuscation defenses thwart black box attacks by adversaries who gain unencrypted access to the deep neural network through subversion or misuse of the system to conduct chosen plaintext attacks.
Source: Charles River Analytics