Neural Networks have capitalized on recent advances on HPC, GPUs, GPGPUs, and the rising amounts of publicly available labeled data. In doing so, NN have and will revolutionize virtually every current application domain, as well as enable novel ones such as those on recognition, autonomous, predictive, resilient, self-managed, adaptive, and evolving applications.
Nevertheless, it is to point out that NN training is rather resource intensive in data, time and energy; turning the resulting trained models into valuable assets represents an IP imperatively worth of being protected.
Furthermore, in the wake of Edge computing, NNs are progressively deployed across decentralized landscapes; as a consequence, IP owners are very protective of their NN based software products.
In this session, we propose to leverage Fully Homomorphic Encryption (FHE) to protect simultaneously the IP of trained NN based software and the input and the output data.
Within the context of a smart city scenario, we outline our NN model-agnostic approach, approximating and decomposing the NN operations into linearized transformations while employing a SIMD for vectorization.