目录
摘 要 III
关键词 III
Abstract IV
引言
引言 1
1 文献综述 1
1．1 隐私保护技术 1
1．1．1 同态加密技术 1
1．1．2 差分隐私技术 2
1．1．3 混淆电路技术 2
1．1．4 其余隐私保护技术 3
1．2 深度学习隐私保护 3
1．2．1 基于同态加密的深度学习隐私保护 3
1．2．2 基于差分隐私的深度学习隐私保护 4
1．2．3 基于混淆电路的深度学习隐私保护 4
1．2．4 其余深度学习隐私保护实现 4
1．3 研究任务 4
2 方案论证 5
2．1 混淆电路协议 5
2．2 可行性分析 6
2．2．1 神经网络分析 6
2．2．2 算法拟合替代分析 6
3 设计论述 6
3．1 算法设计 6
3．1．1 神经网络设计 6
3．1．2 数据集设计 8
3．1．3 网络模型设计 8
3．1．4 模型算法设计 10
3．2 流程实现 16
3．2．1 系统流程设计 16
3．2．2 离线预处理训练阶段 17
3．2．3 网络连接通信阶段 18
3．2．4 在线混淆预测阶段 19
3．3 数据统计 20
3．3．1 神经网络部分 20
3．3．2 混淆电路部分 20
4 结果分析 21
4．1 实验平台说明 21
4．1．1 硬件配置 21
4．1．2 软件系统 22
4．2 实验结果分析 22
4．2．1 MNIST数据集 22
4．2．2 CIFAR10数据集 25
4．2．3 整体分析 30
5 总结 *51今日免费论文网|www.51jrft.com +Q: ^351916072^ 
与讨论 30
参考文献 30
致谢 32
附录A 33
附录B 35
基于混淆电路的三值神经网络隐私保护
摘 要
随着数字化世界的构建，深度学习(Deep Learning, DL)的发展成为了必然，因其特征信息提取的处理特点，被应用于各个行业领域，随之而来的信息安全问题逐渐成为学者讨论研究的关注重点。本文简析了目前主流的DL隐私保护技术，从同态加密(Homomorphic Encryption, HE)、差分隐私(Differential Privacy, DP)、混淆电路(Garbled Circuit, GC)、秘密共享(Secret Sharing, SS)等密码学协议中，选定GC协议为本文的研究主体。因三值神经网络(Ternary Weight Network, TWN)基于权重压缩，将其隐藏层权重简化为+1、0、1，配合算法近似拟合的方法，能够有效简化混淆电路的规模，减少其计算开销，故而将其作为研究的主要对象。同时，参考前人经验，在TWN权重三值化的基础上，针对神经元激活进行离散化操作，优化神经网络以更加适配混淆电路。本文实现了在安全两方计算环境中，通过离线预处理训练、网络连接通信、在线混淆计算三个阶段，成功将GC技术应用于神经网络的预测阶段，保证了模型参数与预测数据的不被泄露。经MNIST数据集与CIFAR10数据集测验，本文最终的数据统计结果符合理论预期。同时，本文为进一步研究GC技术的DL隐私保护提出了可行方向。
PRIVACY PROTECTION OF THREEVALUED NEURAL NETWORK BASED ON GARBLED CIRCUIT
ABSTRACT
With the construction of the digital world, the development of Deep Learning(DL) has become inevitable. Because of the processing characteristics of feature information extraction, it has been applied to various industry fields. The ensuing information security issues have gradually become the focus of scholars discussion and research. This article briefly analyzes the current mainstream DL privacy protection technologies. From Homomorphic Encryption(HE), Differential Privacy(DP), Garbled Circuit(GC), Secret Sharing(SS) and other cryptographic protocols, the GC technology is selected as the main research subject of this paper. Because Ternary Weight Network(TWN) is based on weight compression, the hidden layer weights are simplified to +1, 0, 1, and the method of approximate fitting with the algorithm can effectively simplify the size of the garbled circuit and reduce its computational cost. Therefore, it is regarded as the main object of research. At the same time, with reference to previous experience, on the basis of the TWN weight quantization, a discrete operation is performed for neuron activation, and the neural network is optimized to better fit the garbled circuit. This paper implements three stages of offline preprocessing training, network connection communication, and online garbled calculation in a secure twoparty computing environment. The GC technology is successfully applied to the prediction stage of neural network, ensuring that the model parameters and prediction data was leaked. After the MNIST data set and CIFAR10 data set test, the final statistical results of this paper meet the theoretical expectations. At the same time, this paper proposes a feasible direction for further research on the privacy protection of DL in GC technology.

原文链接：http://www.jxszl.com/jsj/wljs/606905.html