You are here

Secure Private Neural Network (SPNN)/Charles River Analytics Inc.

Award Information
Agency: Department of Defense
Branch: Office of the Secretary of Defense
Contract: HQ003419P0065
Agency Tracking Number: O182-009-0015
Amount: $224,986.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: SCO182-009
Solicitation Number: 18.2
Solicitation Year: 2018
Award Year: 2019
Award Start Date (Proposal Award Date): 2019-02-26
Award End Date (Contract End Date): 2019-08-25
Small Business Information
625 Mount Auburn Street
Cambridge, MA 02138
United States
DUNS: 115243701
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: No
Principal Investigator
 Jeff Druce
 (617) 491-3474
Business Contact
 Yvonne Fuller
Phone: (617) 491-3474
Research Institution

Deep Neural Networks (DNNs) are becoming widely used in the DoD for image classification, but recent research has shown DNNs are vulnerable to adversary attacks. Adversaries can monitor the DNN training and classification processes to learn attributes of the training data and the DNN. With this information, an adversary can gain valuable insight into the potentially sensitive data used to train the DNN (e.g., identify a theater of interest based on training set images) and even compose images designed to fool the DNN into misclassification. To address these concerns, we propose to design and demonstrate the feasibility of a Secure Private Neural Network (SPNN), a secure neural network that preserves the privacy of training and testing data via end-to-end efficient homomorphic encryption (HE), while providing additional defense against black box adversarial and membership inference attacks through intelligent network stochasticity, and training set confounding. HE enables the DNN to perform training and classification operations on an untrusted platform with privacy-preserving encrypted data. Additional obfuscation defenses thwart black box attacks by adversaries who are able to gain unencrypted access to the DNN through subversion or misuse of the client and conduct chosen plaintext attacks.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government