{"id":"https://openalex.org/W7131433346","doi":"https://doi.org/10.48550/arxiv.2602.19918","title":"RobPI: Robust Private Inference against Malicious Client","display_name":"RobPI: Robust Private Inference against Malicious Client","publication_year":2026,"publication_date":"2026-02-23","ids":{"openalex":"https://openalex.org/W7131433346","doi":"https://doi.org/10.48550/arxiv.2602.19918"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2602.19918","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2602.19918","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2602.19918","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5126801714","display_name":"Jiaqi Xue","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Xue, Jiaqi","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5126843703","display_name":"Mengxin Zheng","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Zheng, Mengxin","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5126786329","display_name":"Qian Lou","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Lou, Qian","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5126801714"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.8065999746322632,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.8065999746322632,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.1624000072479248,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.006500000134110451,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/inference","display_name":"Inference","score":0.8003000020980835},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.6053000092506409},{"id":"https://openalex.org/keywords/compromise","display_name":"Compromise","score":0.5024999976158142},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.48410001397132874},{"id":"https://openalex.org/keywords/robustness","display_name":"Robustness (evolution)","score":0.4537000060081482},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.39419999718666077},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.37720000743865967},{"id":"https://openalex.org/keywords/range","display_name":"Range (aeronautics)","score":0.3702000081539154}],"concepts":[{"id":"https://openalex.org/C2776214188","wikidata":"https://www.wikidata.org/wiki/Q408386","display_name":"Inference","level":2,"score":0.8003000020980835},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7857999801635742},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.6053000092506409},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5464000105857849},{"id":"https://openalex.org/C46355384","wikidata":"https://www.wikidata.org/wiki/Q726686","display_name":"Compromise","level":2,"score":0.5024999976158142},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.48410001397132874},{"id":"https://openalex.org/C63479239","wikidata":"https://www.wikidata.org/wiki/Q7353546","display_name":"Robustness (evolution)","level":3,"score":0.4537000060081482},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.429500013589859},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.39419999718666077},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3831999897956848},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.37720000743865967},{"id":"https://openalex.org/C204323151","wikidata":"https://www.wikidata.org/wiki/Q905424","display_name":"Range (aeronautics)","level":2,"score":0.3702000081539154},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.362199991941452},{"id":"https://openalex.org/C99498987","wikidata":"https://www.wikidata.org/wiki/Q2210247","display_name":"Noise (video)","level":3,"score":0.3467999994754791},{"id":"https://openalex.org/C99221444","wikidata":"https://www.wikidata.org/wiki/Q1532069","display_name":"Private information retrieval","level":2,"score":0.3328999876976013},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.3221000134944916},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3158999979496002},{"id":"https://openalex.org/C65856478","wikidata":"https://www.wikidata.org/wiki/Q3991682","display_name":"Attack model","level":2,"score":0.3140000104904175},{"id":"https://openalex.org/C50644808","wikidata":"https://www.wikidata.org/wiki/Q192776","display_name":"Artificial neural network","level":2,"score":0.3077999949455261},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.298799991607666},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.2759000062942505},{"id":"https://openalex.org/C148220186","wikidata":"https://www.wikidata.org/wiki/Q7111912","display_name":"Outcome (game theory)","level":2,"score":0.274399995803833},{"id":"https://openalex.org/C2986577269","wikidata":"https://www.wikidata.org/wiki/Q11306265","display_name":"Random noise","level":2,"score":0.2653000056743622},{"id":"https://openalex.org/C111335779","wikidata":"https://www.wikidata.org/wiki/Q3454686","display_name":"Reduction (mathematics)","level":2,"score":0.2632000148296356}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2602.19918","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2602.19918","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2602.19918","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2602.19918","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.7176861763000488,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"The":[0],"increased":[1],"deployment":[2],"of":[3,40,100,164,198],"machine":[4],"learning":[5],"inference":[6,17,28,94,103,140],"in":[7,37,62,72],"various":[8,177],"applications":[9],"has":[10],"sparked":[11],"privacy":[12],"concerns.":[13],"In":[14],"response,":[15],"private":[16,102,139,165],"(PI)":[18],"protocols":[19],"have":[20,67],"been":[21],"created":[22],"to":[23,26,58,111,118],"allow":[24],"parties":[25],"perform":[27],"without":[29],"revealing":[30],"their":[31],"sensitive":[32],"data.":[33],"Despite":[34],"recent":[35],"advances":[36],"the":[38,51,59,87,113,128,160,196],"efficiency":[39],"PI,":[41],"most":[42],"current":[43,123],"methods":[44],"assume":[45],"a":[46,82,98,108,135,148],"semi-honest":[47,88],"threat":[48],"model":[49,114],"where":[50],"data":[52,64],"owner":[53],"is":[54],"honest":[55],"and":[56,70,132,137,162,180,191],"adheres":[57],"protocol.":[60],"However,":[61],"reality,":[63],"owners":[65],"can":[66,85],"different":[68],"motivations":[69],"act":[71],"unpredictable":[73],"ways,":[74],"making":[75],"this":[76],"assumption":[77],"unrealistic.":[78],"To":[79],"demonstrate":[80],"how":[81],"malicious":[83,109,144],"client":[84,110],"compromise":[86],"model,":[89],"we":[90,130],"first":[91],"designed":[92],"an":[93],"manipulation":[95],"attack":[96,106,187],"against":[97],"range":[99],"state-of-the-art":[101],"protocols.":[104],"This":[105],"allows":[107],"modify":[112],"output":[115],"with":[116],"3x":[117],"8x":[119],"fewer":[120],"queries":[121,199],"than":[122,194],"black-box":[124],"attacks.":[125,172,203],"Motivated":[126],"by":[127,155,201],"attacks,":[129],"proposed":[131],"implemented":[133],"RobPI,":[134],"robust":[136],"resilient":[138],"protocol":[141,151],"that":[142,152,183],"withstands":[143],"clients.":[145],"RobPI":[146,184],"integrates":[147],"distinctive":[149],"cryptographic":[150],"bolsters":[153],"security":[154],"weaving":[156],"encryption-compatible":[157],"noise":[158],"into":[159],"logits":[161],"features":[163],"inference,":[166],"thereby":[167],"efficiently":[168],"warding":[169],"off":[170],"malicious-client":[171,202],"Our":[173],"extensive":[174],"experiments":[175],"on":[176],"neural":[178],"networks":[179],"datasets":[181],"show":[182],"achieves":[185],"~91.9%":[186],"success":[188],"rate":[189],"reduction":[190],"increases":[192],"more":[193],"10x":[195],"number":[197],"required":[200]},"counts_by_year":[],"updated_date":"2026-02-26T06:34:08.959763","created_date":"2026-02-26T00:00:00"}