Skip to Main content Skip to Navigation

Neural Network Information Leakage through Hidden Learning

Arthur da Cunha 1 Emanuele Natale 1 Laurent Viennot 2, 3 
1 COATI - Combinatorics, Optimization and Algorithms for Telecommunications
CRISAM - Inria Sophia Antipolis - Méditerranée , Laboratoire I3S - COMRED - COMmunications, Réseaux, systèmes Embarqués et Distribués
Abstract : We investigate the problem of making a neural network perform some hidden computation whose result can be easily retrieved from the network output. In particular, we consider the following scenario. A user is provided a neural network for a classification task by a company. We further assume that the company has limited access to the user's computation, and can only observe the output of the network when the user evaluates it. The user's input to the network contains some sensible information. We provide a simple and efficient training procedure, called Hidden Learning, that produces two networks such that i) One of the networks solves the original classification task with comparable performance to state of the art solutions of the task; ii) The other network takes as input the output of the first and solves another classification task that retrieves the sensible information with considerable accuracy. Our result might expose important issues from an information security point of view, as for the use of artificial neural networks in sensible applications.
Document type :
Complete list of metadata
Contributor : Arthur da Cunha Connect in order to contact the contributor
Submitted on : Tuesday, March 2, 2021 - 9:39:31 PM
Last modification on : Wednesday, June 8, 2022 - 12:50:03 PM
Long-term archiving on: : Monday, May 31, 2021 - 8:03:25 PM


Files produced by the author(s)


  • HAL Id : hal-03157141, version 1


Arthur da Cunha, Emanuele Natale, Laurent Viennot. Neural Network Information Leakage through Hidden Learning. [Research Report] Inria; CNRS; I3S; Université Côte d'Azur. 2021. ⟨hal-03157141⟩



Record views


Files downloads