The Internet-of-Things (IoT) are used everywhere in our daily lives. IoT applications provide us with many useful functionalities such as preventing fires, detecting and tracking objects, controlling and reporting the changes in/outside the environments, and capturing images/videos in our homes, roads, and offices. For example, the images data gathered through the smart sensors of autonomous vehicles can serve in various applications such as traffic monitoring, prediction of road conditions, and classification of objects. Image classification with deep neural networks (DNNs) on the cloud is such a machine learning task and has great market potentials for IoT applications. Nevertheless, the deployment of these “smart” IoT devices and applications can raise the risks of security issues. It still suffers from the challenges of relieving IoT devices from excessive computation burdens, such as data encryption, feature extraction, and image classification. In this paper, we propose and implement an indistinguishability-chosen plaintext attack secure image classification framework with DNN for IoT Applications. The framework performs a secure image classification on the cloud without the IoT device’s constant interaction. We propose and implement a real number computation mechanism and a divide-and-conquer mechanism for the secure evaluation of linear functions in DNNs, as well as a set of unified ideal protocols for the evaluation of non-linear functions in DNNs. The information about the image contents, the private DNNs model parameters and the intermediate results is strictly concealed by the conjunctive use of the lattice-based homomorphic scheme and 2-PC secure computation techniques. A pre-trained deep convolutional neural network model, i.e., Visual Geometry Group (VGG-16), is used to extract the deep features of an image. The comprehensive experimental results show that our framework is efficient and accurate. In addition, we evaluate the security of our framework by performing the white-box membership inference attack which is believed to be the most powerful attack on DNNs models. The failure of the attack indicates that our framework is practical secure.

物联网（IoT）在我们的日常生活中无处不在。物联网应用程序为我们提供了许多有用的功能，例如预防火灾，检测和跟踪对象，控制和报告环境中/外部的变化以及在我们的房屋，道路和办公室中捕获图像/视频。例如，通过自动驾驶车辆的智能传感器收集的图像数据可以在各种应用中使用，例如交通监控，路况预测和对象分类。在云上使用深度神经网络（DNN）进行图像分类是一种机器学习任务，在物联网应用中具有巨大的市场潜力。但是，这些“智能”物联网设备和应用程序的部署可能会增加安全问题的风险。它仍然面临着使物联网设备摆脱数据加密，特征提取和图像分类等过多计算负担的挑战。在本文中，我们为物联网应用提出并实现了一种采用DNN的不可区分性选择的纯文本攻击安全图像分类框架。该框架无需IoT设备的持续交互即可在云上执行安全的图像分类。我们提出并实现了用于DNN中线性函数安全评估的实数计算机制和分治机制，以及一套用于DNN中非线性函数评估的统一理想协议。有关图像内容的信息，结合使用基于格的同态方案和2-PC安全计算技术，可以严格隐藏私有DNN的模型参数和中间结果。预训练的深度卷积神经网络模型，即视觉几何组（VGG-16），用于提取图像的深度特征。综合实验结果表明，我们的框架是有效和准确的。此外，我们通过执行白盒成员推断攻击来评估我们框架的安全性，据信这是对DNN模型最强大的攻击。攻击失败表明我们的框架是实际安全的。用于提取图像的深层特征。综合实验结果表明，我们的框架是有效和准确的。此外，我们通过执行白盒成员推断攻击来评估我们框架的安全性，据信这是对DNN模型最强大的攻击。攻击失败表明我们的框架是实际安全的。用于提取图像的深层特征。综合实验结果表明，我们的框架是有效和准确的。此外，我们通过执行白盒成员推断攻击来评估我们框架的安全性，据信这是对DNN模型最强大的攻击。攻击失败表明我们的框架是实际安全的。