Membership Inference Attack with Multi-Grade Service Models in Edge Intelligence

Abstract

Edge intelligence (EI), integrated with the merits of both edge computing and artificial intelligence, has been proposed recently to realize intensive computation and low delay inference in the edge of the Internet of Things (IoT). However, the constrained energy and computation ability in edge devices become the main obstacle for EI application in IoT. There is a flexible multi-grade EI deployment scheme in which multiple machine models are provided to meet the different requirements of edge users (inference accuracy, inference delay, inference cost, etc.). In the multi-grade EI model, low-grade models contain information of high-grade ones, and the inference cost increases with the inference accuracy. Thus, some attackers or malicious users may want to obtain some private information of those high-grade models by querying low-grade ones at low cost. Specifically, in this article we study the vulnerability of the multi-grade EI model against membership inference attack (MIA). First, we propose an attack model for multi-grade EI. Second, we reveal different grades of EI on vulnerability by comparing inference accuracy and cost in different datasets. The experiment results show that in multi-grade EI, a low-grade model would leak privacy information of a high-grade model under MIA.