Prediction-as-a-Service is a promising new paradigm that brings the advantages of Software-as-a-Service's business model to the world of prediction APIs. In such a scenario, prediction API providers can leverage a Cloud provider's infrastructure to offer their inference service to the general public without having to worry about infrastructure acquisition and operation costs. Indeed, in the case of prediction APIs, self-hosting costs could be much higher than usual due to the fact that inference models, e.g., deep learning models, need specific hardware (e.g., graphical processing units) for an efficient execution. In such a context, trust is of great importance as the prediction API provider's most valuable asset, i.e., the inference model, is transferred to the Cloud provider. Thus, specific countermeasures should be designed to mitigate the possible attacks. In this paper, we analyze this scenario identifying the peculiar threat models. Then, we present a decentralized blockchain-based system, implemented on top of the popular Tendermint framework, that provides countermeasures to some of the main attacks. Numerical results, obtained executing deep neural network models, demonstrate that the overhead with respect to a centralized approach is negligible if compared with the advantages in terms of prevention of malicious behaviors.
Towards trustless prediction-as-a-service
De Vita F.Secondo
;Bruneo D.;Longo F.Penultimo
;Puliafito A.Ultimo
2019-01-01
Abstract
Prediction-as-a-Service is a promising new paradigm that brings the advantages of Software-as-a-Service's business model to the world of prediction APIs. In such a scenario, prediction API providers can leverage a Cloud provider's infrastructure to offer their inference service to the general public without having to worry about infrastructure acquisition and operation costs. Indeed, in the case of prediction APIs, self-hosting costs could be much higher than usual due to the fact that inference models, e.g., deep learning models, need specific hardware (e.g., graphical processing units) for an efficient execution. In such a context, trust is of great importance as the prediction API provider's most valuable asset, i.e., the inference model, is transferred to the Cloud provider. Thus, specific countermeasures should be designed to mitigate the possible attacks. In this paper, we analyze this scenario identifying the peculiar threat models. Then, we present a decentralized blockchain-based system, implemented on top of the popular Tendermint framework, that provides countermeasures to some of the main attacks. Numerical results, obtained executing deep neural network models, demonstrate that the overhead with respect to a centralized approach is negligible if compared with the advantages in terms of prevention of malicious behaviors.| File | Dimensione | Formato | |
|---|---|---|---|
|
C60 - smartcomp2019_2.pdf
solo utenti autorizzati
Tipologia:
Versione Editoriale (PDF)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
257.18 kB
Formato
Adobe PDF
|
257.18 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
