US 11,895,220 B2
Systems and methods for dividing filters in neural networks for private data computations
Greg Storm, Parkville, MO (US); Riddhiman Das, Lenexa, KS (US); and Babak Poorebrahim Gilkalaye, Kansas City, MO (US)
Assigned to TripleBlind, Inc., Kansas City, MO (US)
Filed by TripleBlind, Inc., Kansas City, MO (US)
Filed on Feb. 16, 2021, as Appl. No. 17/176,530.
Application 17/176,530 is a continuation of application No. 16/828,354, filed on Mar. 24, 2020, granted, now 10,924,460.
Claims priority of provisional application 62/948,105, filed on Dec. 13, 2019.
Prior Publication US 2021/0194858 A1, Jun. 24, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/00 (2022.01); G06F 17/16 (2006.01); H04L 9/40 (2022.01); H04L 9/06 (2006.01); G06Q 20/40 (2012.01); G06Q 30/0601 (2023.01); G06Q 20/12 (2012.01); G06V 10/764 (2022.01); G06V 10/82 (2022.01); G06V 10/44 (2022.01); G06N 3/04 (2023.01); G06N 3/082 (2023.01); G06F 18/24 (2023.01); G06F 18/2113 (2023.01); G06F 18/2413 (2023.01)
CPC H04L 9/008 (2013.01) [G06F 17/16 (2013.01); G06Q 20/1235 (2013.01); G06Q 20/401 (2013.01); G06Q 30/0623 (2013.01); G06V 10/454 (2022.01); G06V 10/764 (2022.01); G06V 10/82 (2022.01); H04L 9/0625 (2013.01); H04L 63/0428 (2013.01); G06F 18/2113 (2023.01); G06F 18/24 (2023.01); G06F 18/24133 (2023.01); G06N 3/04 (2013.01); G06N 3/082 (2013.01); G06Q 2220/00 (2013.01); H04L 2209/46 (2013.01)] 15 Claims
OG exemplary drawing
 
1. A method of maintaining security of a convolutional neural network, the method comprising:
dividing, via a computing device operating a convolutional neural network, a plurality of filters in a first layer of the convolutional neural network into a first set of filters and a second set of filters;
applying, via the convolutional neural network, each of the first set of filters to an input of the convolutional neural network to yield a first set of outputs;
obtaining, via the convolutional neural network, a second set of outputs associated with the second set of filters;
for each set of filters in the first set of filters and the second set of filters that corresponds to a same filter from the plurality of filters, aggregating a respective one of the first set of outputs with a respective one of the second set of outputs to yield a set of aggregated outputs;
splitting respective weights of specific neurons activated in each remaining layer of the neural network to yield a first set of weights and a second set of weights, wherein at least one remaining layer in the convolutional neural network comprises at least one of a pooling layer, a normalization layer, a fully-connected layer, and an output layer;
sending, via the computing device, the second set of weights to a remote computing device separate from the computing device;
at each specific neuron from each remaining layer, applying, via the convolutional neural network, a respective filter associated with each specific neuron and a first corresponding weight from the first set of weights to yield a first set of neuron outputs;
obtaining, from the remote computing device, a second set of neuron outputs associated with the specific neurons, the second set of neuron outputs being based on an application of the respective filter associated with each specific neuron to a second corresponding weight from the second set of weights;
for each specific neuron, aggregating, via the computing device, one of the first set of neuron outputs associated with the specific neuron with one of the second set of neuron outputs to yield aggregated neuron outputs; and
generating, via the computing device, an output of the convolutional neural network based on one or more of the aggregated neuron outputs, wherein the method maintains the security of the convolutional neural network and prevents the remote computing device from learning any data about the convolutional neural network.