Private Execution of Neural Networks in Trusted Hardware / TEE and NN
The Trusted Execution Environment and Private Neural Networks
In the post where I introduced the idea of Keyword Lotteries I also mentioned the concept of sentiment analysis bots. I did not go into a lot of detail but I did mention something in my additional notes which I'll quote below:
Me:
As the sentiment analysis capacity of sentiment analysis bots evolve then the sophistication of the reward patterns can improve. Keyword lotteries could become something more advanced someday. Post a picture with the right kind of cat in it and the AI of the bot might be able to identify from the picture that the image matches the exact kind of cat set to be rewarded by the lottery for that day.
The first thing which is apparent is that a sentiment analysis bot is just an "agent". Agents are a key concept for understanding not just the keyword lotteries idea but my expansion of that idea. SingularityNET actually was first as far as I know to come up with something resembling this and there is also the websensors idea which also resembles what I'll be discussing.
A very interesting paper from Tramer & Boneh titled Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware is interesting to me. It shows that we can achieve machine learning with privacy preserving guarantees by leveraging the Trusted Execution Environment. This combination of privacy and machine learning in my opinion is immensely powerful and game changing. Deep learning is a kind of machine learning which to my understanding I like to call pattern recognizing algorithms. The precise definition in the literature is called representation learning where if provided with enough data examples the learning becomes more approximate.
The kind of machine learning we are talking about here is the kind necessary for speech recognition, computer vision, natural language processing, audio recognition, and so on. The example I used for what bots could do was to reward based on visual recognition which is quoted below:
** Post a picture with the right kind of cat in it and the AI of the bot might be able to identify from the picture that the image matches the exact kind of cat set to be rewarded by the lottery for that day.**
The machine learning empowered bots would be able to scan social media or the web in general for photographs which include specific objects, items, animals or people. In the context of a keyword lottery we would have to redefine it from keyword lottery to image lottery.
Image Lottery
An image lottery is what would be possible when we have TEE and NN. That is we have the ability to do private execution for neural networks over a trusted execution environment. Of course it would also be possible to audio lotteries or anything else that neural network bots can handle. In essence we could see neural network computation as a service as the machine intelligence becomes commoditized. We could also see the synergism between TEEs and NNs (trusted execution environments and neural networks).
The Market for Private Agents (the market for privacy preserving AI Bots)
These bots are bots anyone will be able to create and offer for rent on a decentralized platform. In essence the bot creators will be able to sell their machine learning as a service. Clients will bid for use of different bots which will be trained and run by professional machine learning experts. This would allow for the use cases like visual recognition as a service, natural language processing as a service, because the features a NN provides are typically features listed below:
- Object Recognition
- Identification
- Content-based image retrieval
- Facial recognition
- Tracking
There might be more capabilities I'm not aware of. The point is that all of the capabilities of neural networks will be possible and the whole thing completely private.
Anyone can create a useful bot. If your bot is useful enough to offer a service which others will buy then your bot can generate profit for you. Machine learning is a high utility service and bots can be created to allow others to rent these highly valued services. Websensor bots, sentiment bots, tracker bots, but also digital assistant bots which recognize your voice and face. The best thing of all is the data will be completely private unlike the current digital assistants which exist. For that reason it's a privacy preserving decentralization of machine learning.
References
Tramer, F., & Boneh, D. (2018). Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware. arXiv preprint arXiv:1806.03287.
Keyword Lotteries, Trusted Execution Environment, and Social Ranking