Secure Deep Learning Inference with Intel SGX on Intel Ice Lake-SP Xeon Processor

Secure Deep Learning Inference with Intel SGX on Intel Ice Lake-SP Xeon Processor

연구 분야: Cryptography

학회: 2024 10th International Conference on Smart Computing and Communication (ICSCC)

Deep learning, being one of the most reputable techniques deployed for artificial intelligence, has been actively used in many applications nowadays including those that are security critical. With more industries now migrated their applications to the cloud or to the edge, it has sparked some serious security concerns. Although securing a deep learning inference has been an area for explorations for many researchers over the years, majority of the efforts revolve around securing the input data and the deep learning model, without much focus on securing the application code or the inference forward pass. Among the most popular methodologies proposed to secure a deep learning inference are cryptographic primitives and trusted hardware. Due to the high performance overhead incurred by cryptographic primitives, this paper proposed to secure a deep learning inference application through the trusted hardware approach, particularly via the Intel SGX on 3rd Gen Intel® Xeon Scalable processor. Through this research, it was discovered that Intel SGX incurred up to around 70% loss in the number of inferences per second and an overhead of up to 13X for the overall application runtime. Nevertheless, this research has demonstrated that with the greatly expanded Intel SGX enclave size on the first Intel Xeon Scalable Processor that comes with Intel SGX support, it is feasible to secure a deep learning application with Intel SGX without any code modification despite the trade-off on the performance.