US 12,367,394 B2
Protecting deep learned models
Sriram Srinivasan, Sammamish, WA (US); David Yuheng Zhao, Redmond, WA (US); Ming-Chieh Lee, Bellevue, WA (US); and Mu Han, Clyde Hill, WA (US)
Assigned to Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed by Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed on Jun. 23, 2023, as Appl. No. 18/213,746.
Application 18/213,746 is a continuation of application No. 16/828,889, filed on Mar. 24, 2020, granted, now 11,763,157.
Claims priority of provisional application 62/929,911, filed on Nov. 3, 2019.
Prior Publication US 2023/0334322 A1, Oct. 19, 2023
Int. Cl. G06F 16/00 (2019.01); G06F 17/16 (2006.01); G06N 3/082 (2023.01); G06N 5/04 (2023.01); G06N 20/00 (2019.01)
CPC G06N 3/082 (2013.01) [G06F 17/16 (2013.01); G06N 5/04 (2013.01); G06N 20/00 (2019.01)] 20 Claims
OG exemplary drawing
 
1. Computer-readable storage devices or memory storing computer-readable instructions that when executed by at least one processor in a computing system, cause the computing system to train or generate inferences with a machine learning model using at least a first domain and a second domain of computing system resources, the computing system being configured to provide fewer access restrictions to a first domain of the computing system resources than access restrictions provided to a second domain of the computing system resources, the computer-readable instructions comprising:
instructions for a scrambler that cause the computing system, with the second domain computing resources to scramble input data by performing a transform operation on the input data, producing transformed input data for use training or generating inferences with the machine learning model; and
instructions that cause the computing system to, with the first domain computing resources, train or generate inferences with the machine learning model by forward propagating the transformed input through the machine learning model.