{"id":"https://openalex.org/W4378191804","doi":"https://doi.org/10.1109/host55118.2023.10133266","title":"VPP: Privacy Preserving Machine Learning via Undervolting","display_name":"VPP: Privacy Preserving Machine Learning via Undervolting","publication_year":2023,"publication_date":"2023-05-01","ids":{"openalex":"https://openalex.org/W4378191804","doi":"https://doi.org/10.1109/host55118.2023.10133266"},"language":"en","primary_location":{"id":"doi:10.1109/host55118.2023.10133266","is_oa":false,"landing_page_url":"https://doi.org/10.1109/host55118.2023.10133266","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://hal.science/hal-04182280/document","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005307021","display_name":"Md. Shohidul Islam","orcid":"https://orcid.org/0000-0002-0786-5221"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Md Shohidul Islam","raw_affiliation_strings":["George Mason University,CSE Dept., DUET, Bangladesh,Fairfax,VA,USA","George Mason University [Fairfax] (4400 University Drive, Fairfax, Virginia 22030 - United States)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"George Mason University,CSE Dept., DUET, Bangladesh,Fairfax,VA,USA","institution_ids":["https://openalex.org/I162714631"]},{"raw_affiliation_string":"George Mason University [Fairfax] (4400 University Drive, Fairfax, Virginia 22030 - United States)","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020321835","display_name":"Behnam Omidi","orcid":"https://orcid.org/0000-0002-6724-2093"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Behnam Omidi","raw_affiliation_strings":["George Mason University,ECE Department,Fairfax,VA,USA","George Mason University [Fairfax] (4400 University Drive, Fairfax, Virginia 22030 - United States)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"George Mason University,ECE Department,Fairfax,VA,USA","institution_ids":["https://openalex.org/I162714631"]},{"raw_affiliation_string":"George Mason University [Fairfax] (4400 University Drive, Fairfax, Virginia 22030 - United States)","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002123043","display_name":"Ihsen Alouani","orcid":"https://orcid.org/0000-0001-5102-8087"},"institutions":[{"id":"https://openalex.org/I126231945","display_name":"Queen's University Belfast","ror":"https://ror.org/00hswnk62","country_code":"GB","type":"education","lineage":["https://openalex.org/I126231945"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Ihsen Alouani","raw_affiliation_strings":["Queen’s University Belfast,CSIT,UK"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Queen’s University Belfast,CSIT,UK","institution_ids":["https://openalex.org/I126231945"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5037831461","display_name":"Khaled N. Khasawneh","orcid":"https://orcid.org/0000-0002-2116-2223"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Khaled N. Khasawneh","raw_affiliation_strings":["George Mason University,ECE Department,Fairfax,VA,USA","George Mason University [Fairfax] (4400 University Drive, Fairfax, Virginia 22030 - United States)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"George Mason University,ECE Department,Fairfax,VA,USA","institution_ids":["https://openalex.org/I162714631"]},{"raw_affiliation_string":"George Mason University [Fairfax] (4400 University Drive, Fairfax, Virginia 22030 - United States)","institution_ids":["https://openalex.org/I162714631"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5005307021"],"corresponding_institution_ids":["https://openalex.org/I162714631"],"apc_list":null,"apc_paid":null,"fwci":1.0042,"has_fulltext":true,"cited_by_count":6,"citation_normalized_percentile":{"value":0.80330622,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"315","last_page":"325"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7172571420669556},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.41482338309288025}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7172571420669556},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.41482338309288025}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/host55118.2023.10133266","is_oa":false,"landing_page_url":"https://doi.org/10.1109/host55118.2023.10133266","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","raw_type":"proceedings-article"},{"id":"pmh:oai:HAL:hal-04182280v1","is_oa":true,"landing_page_url":"https://hal.science/hal-04182280","pdf_url":"https://hal.science/hal-04182280/document","source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nd","license_id":"https://openalex.org/licenses/cc-by-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"2023 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), May 2023, San Jose, United States. pp.315-325, ⟨10.1109/HOST55118.2023.10133266⟩","raw_type":"Conference papers"},{"id":"pmh:oai:pure.qub.ac.uk/portal:publications/da69af29-8d9a-470e-8072-030b8a670f37","is_oa":true,"landing_page_url":"https://pure.qub.ac.uk/en/publications/da69af29-8d9a-470e-8072-030b8a670f37","pdf_url":null,"source":{"id":"https://openalex.org/S4306402319","display_name":"Research Portal (Queen's University Belfast)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I126231945","host_organization_name":"Queen's University Belfast","host_organization_lineage":["https://openalex.org/I126231945"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Islam , M S , Omidi , B , Alouani , I & Khasawneh , K N 2023 , VPP: privacy preserving machine learning via undervolting . in R Cammarota , V Mooney , F Farahmandi , S Wei & M M Kermani (eds) , Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2023 . International Workshop on Hardware-Oriented Security and Trust: Proceedings , Institute of Electrical and Electronics Engineers Inc. , IEEE International Symposium on Hardware Oriented Security and Trust 2023 , San Jose , California , United States , 01/05/2023 . https://doi.org/10.1109/HOST55118.2023.10133266","raw_type":"contributionToPeriodical"}],"best_oa_location":{"id":"pmh:oai:HAL:hal-04182280v1","is_oa":true,"landing_page_url":"https://hal.science/hal-04182280","pdf_url":"https://hal.science/hal-04182280/document","source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nd","license_id":"https://openalex.org/licenses/cc-by-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"2023 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), May 2023, San Jose, United States. pp.315-325, ⟨10.1109/HOST55118.2023.10133266⟩","raw_type":"Conference papers"},"sustainable_development_goals":[{"score":0.4699999988079071,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G3252892263","display_name":null,"funder_award_id":"CCF-2212427","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G4460258330","display_name":"Collaborative Research: SHF: Medium: Approximate Computing for Machine Learning Security: Foundations and Accelerator Design","funder_award_id":"2212427","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7824805094","display_name":null,"funder_award_id":"EP/X022323/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"pdf":true,"grobid_xml":false},"content_urls":{"pdf":"https://content.openalex.org/works/W4378191804.pdf"},"referenced_works_count":40,"referenced_works":["https://openalex.org/W1686810756","https://openalex.org/W1999252751","https://openalex.org/W2040228409","https://openalex.org/W2095705004","https://openalex.org/W2108598243","https://openalex.org/W2151503471","https://openalex.org/W2183341477","https://openalex.org/W2194775991","https://openalex.org/W2473418344","https://openalex.org/W2535690855","https://openalex.org/W2618530766","https://openalex.org/W2795435272","https://openalex.org/W2884943453","https://openalex.org/W2930926105","https://openalex.org/W2963378725","https://openalex.org/W2983140679","https://openalex.org/W3013068160","https://openalex.org/W3023716276","https://openalex.org/W3041420614","https://openalex.org/W3048817558","https://openalex.org/W3095440373","https://openalex.org/W3103245149","https://openalex.org/W3115042282","https://openalex.org/W3117158982","https://openalex.org/W3118608800","https://openalex.org/W3146139378","https://openalex.org/W3163429775","https://openalex.org/W3185600290","https://openalex.org/W3214437258","https://openalex.org/W3216307713","https://openalex.org/W4200102037","https://openalex.org/W4310428374","https://openalex.org/W6637373629","https://openalex.org/W6674330103","https://openalex.org/W6728897251","https://openalex.org/W6747732332","https://openalex.org/W6775482175","https://openalex.org/W6776993083","https://openalex.org/W6781511523","https://openalex.org/W6787972765"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W4391913857","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052"],"abstract_inverted_index":{"Machine":[0],"Learning":[1],"(ML)":[2],"systems":[3],"are":[4,21,223],"susceptible":[5],"to":[6,23,111,163,195,235,254],"membership":[7],"inference":[8,151,249],"attacks":[9,266],"(MIAs),":[10],"which":[11,129],"leak":[12],"private":[13],"information":[14],"from":[15],"the":[16,33,52,62,113,121,133,165,174,212,270,273,296],"training":[17,34,136],"data.":[18],"Specifically,":[19,156],"MIAs":[20],"able":[22],"infer":[24],"whether":[25],"a":[26,37,79,146,159,188,247,258,263,285],"target":[27],"sample":[28],"has":[29],"been":[30],"used":[31],"in":[32,145],"data":[35],"of":[36,51,64,107,148,252],"given":[38],"model.":[39],"Such":[40],"privacy":[41,202,290],"breaching":[42],"concern":[43],"motivated":[44],"several":[45],"defenses":[46,54,222],"against":[47],"MIAs.":[48],"However,":[49],"most":[50],"state-of-theart":[53],"such":[55,236],"as":[56],"Differential":[57],"Privacy":[58,75],"(DP)":[59],"come":[60],"at":[61,135],"cost":[63],"lower":[65],"utility":[66,100,213],"(i.e,":[67],"classification":[68],"accuracy).":[69],"In":[70],"this":[71],"work,":[72,92],"we":[73,157,261],"propose":[74,158,262],"Preserving":[76],"Volt":[77],"$(V_{PP})$,":[78],"new":[80,264],"lightweight":[81],"inference-time":[82],"approach":[83,162],"that":[84,168,182,267,279],"leverages":[85],"undervolting":[86,155],"for":[87,257],"privacy-preserving":[88],"ML.":[89],"Unlike":[90,127],"related":[91,220],"V":[93,138,183,207,228,241,280],"PP":[96,141,186,210,231,244,283],"maintains":[97],"protected":[98,175],"models\u2019":[99],"without":[101],"requiring":[102],"re-training.":[103],"The":[104],"key":[105],"insight":[106],"our":[108],"method":[109],"is":[110],"blur":[112],"MIA":[114],"differential":[115],"analysis":[116],"outcome":[117],"by":[118,214,225],"comprehensively":[119],"garbling":[120],"model":[122,275],"features":[123],"using":[124],"random":[125],"noise.":[126],"DP,":[128],"injects":[130,142],"noise":[131,166],"within":[132],"gradient":[134],"time,":[137],"computational":[143],"randomness":[144],"set":[147],"layers\u2019":[149],"during":[150],"through":[152],"carefully":[153],"designed":[154],"bi-objective":[160],"optimization":[161],"identify":[164],"characteristics":[167],"yield":[169],"privacypreserving":[170],"properties":[171],"while":[172,219],"maintaining":[173],"model\u2019s":[176],"utility.":[177],"Extensive":[178],"experimental":[179],"results":[180],"demonstrate":[181],"yields":[187],"significantly":[189],"more":[190],"interesting":[191],"utility/privacy":[192],"tradeoff":[193],"compared":[194],"prior":[196],"defenses.":[197],"For":[198],"example,":[199],"with":[200,246],"comparable":[201],"protection":[203],"on":[204,269],"CIFAR-10":[205],"benchmark,":[206],"improves":[211,295],"32.93%":[215],"over":[216,272],"DP-SGD.":[217],"Besides,":[218],"noisebased":[221],"defeated":[224],"label-only":[226],"attacks,":[227],"shows":[232],"high":[233],"resilience":[234],"adaptive":[237,265],"MLA.":[238],"More":[239],"over,":[240],"comes":[245],"by-product":[248],"power":[250],"gain":[251],"up":[253],"61%.":[255],"Finally,":[256],"comprehensive":[259],"analysis,":[260],"operate":[268],"expectation":[271],"stochastic":[274],"behavior.":[276],"We":[277],"believe":[278],"represents":[284],"significant":[286],"step":[287],"towards":[288],"practical":[289],"preserving":[291],"techniques":[292],"and":[293],"considerably":[294],"state-of-the-art.":[297]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":1}],"updated_date":"2026-05-12T08:28:47.272897","created_date":"2025-10-10T00:00:00"}