SHF: Small: Hardware-Software Co-design for Privacy Protection on Deep Learning-based Recommendation Systems

SHF：小型：基于深度学习的推荐系统的隐私保护软硬件协同设计

• 批准号: 2334628
• 负责人: Youtao Zhang
• 金额: $ 58.2万
• 依托单位: University of Pittsburgh
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2024
• 资助国家: 美国
• 起止时间: 2024-05-01 至 2027-04-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2334628&HistoricalAwards=false
• 关键词: SHF; Small; Hardware; Software; Co

Deep-learning recommendation models (DLRMs) are widely adopted in industries as they exploit deep-learning neural networks to provide personalized recommendations, which significantly enhance user experience and customer loyalty. The sizes of large DLRMs are dominated by their embedding tables, which may be of 10s or even 100s of gigabytes, making it an appealing choice to save such tables in cloud servers. Unfortunately, querying the embedding tables on cloud servers demands sending in clients' private data and thus may leak their sensitive information. The privacy issue has become a major challenge when deploying large DLRMs in the cloud. Adopting traditional tree-based oblivious memory protocols can provide highly robust privacy protection, but suffer from significant performance degradation and low memory space utilization. This project focuses on developing a hardware-software co-design framework to address the performance and space issues of privacy protection for cloud-based DLRMs. The project’s outcomes will have significant societal impact by servicing personalized recommendations securely in the clouds. The investigators will actively recruit and train undergraduate and graduate students from underrepresented groups, and provide research and education opportunities for K-12 students.The project centers around three innovative approaches: (1) A hardware-software co-design for significant performance improvement; (2) The effective integration of non-volatile memory for significant memory space utilization improvement; (3) The exploration of distinct DLRM access behaviors for secure protocol designs. In particular, the project exploits the on-chip trusted computing hardware on modern processors and the distinguishing characteristics of DLRMs such that secure operations can be partitioned among clients and trusted processors for effective privacy protection with low overhead. The project contains concrete steps to develop schemes for one security group of users accessing one cloud server as well as for multiple security groups of users accessing multiple cloud servers. Successfully addressing the performance and space issues of privacy protection can advance the modern computing paradigm in the AI era, i.e., how the large DLRMs as well as modern AI models are deployed.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

深度学习推荐模型（DLRM）在各行业中得到广泛采用，因为它们利用深度学习神经网络来提供个性化推荐，从而显着增强用户体验和客户忠诚度。大型 DLRM 的大小由其嵌入表决定，这些表可能是数十甚至数百千兆字节，因此将此类表保存在云服务器中是一个有吸引力的选择，不幸的是，查询云服务器上的嵌入表需要发送客户端的私人数据，因此可能会泄露其敏感信息。在云中部署大型DLRM时，隐私问题已成为主要挑战。采用传统的基于树的不经意内存协议可以提供高度鲁棒的隐私保护，但会遭受显着的性能下降和低内存空间利用率的困扰。 -软件协同设计框架，用于解决基于云的 DLRM 隐私保护的性能和空间问题。该项目的成果将通过在云中安全地提供个性化建议来产生重大的社会影响。研究人员将积极招募和培训本科生和研究生。该项目围绕三种创新方法：(1) 硬件-软件协同设计，以显着提高性能；(2) 非易失性存储器的有效集成；显着提高内存空间利用率； (3) 探索安全协议设计的独特 DLRM 访问行为 特别是，该项目利用现代处理器上的片上可信计算硬件和 DLRM 的显着特征，从而可以实现安全操作。分区的该项目包含为访问一台云服务器的一个安全组的用户以及访问多个云服务器的多个安全组的用户开发方案的具体步骤，以实现有效的隐私保护。隐私保护的空间问题可以推进AI时代的现代计算范式，即大型DLRM以及现代AI模型如何部署。该奖项体现了NSF的法定使命，通过使用基金会的知识价值和广度影响审查标准。