Oktober 19, 2022

Protect machine learning models using Knox Platform for Enterprise

Joel Snyder
 Oberes Bild

As software developers discover the incredible power of artificial intelligence (AI) and machine learning (ML) — and the benefits they offer to customers — these technologies are moving mainstream. It’s now easier than ever to build apps that learn from a huge corpus of existing data and make inferences and predictions, with open-source tools like TensorFlow, Keras, Caffe and PyTorch.

Developers are also excited about moving their machine learning models directly to end user devices, such as tablets and smartphones. Having the ML model run directly on a smartphone makes the application more interactive by reducing latency and requirements for high-speed network connections.

But for commercial software developers, mainstream ML technology moving from supercomputers and data centers to end-user desktops and mobile devices sets off an alarm: In an end user’s system, ML represents a huge amount of software developer intellectual property (IP). Protecting that investment is a new challenge.

How Samsung Knox protects ML apps

ML models combine existing data with a proprietary algorithm. No matter what the app is analyzing — be it images, natural language, speech or audio — the ML model represents the real value of the app. It’s the secret sauce, and it’s just sitting there on the device. The ML model is the most valuable piece of IP, and as ML tools become standardized, it’s easier than ever for someone to steal that IP.

Developers who are writing for Samsung’s Android smartphones and tablets now have a new security tool: Knox ML Protection. Samsung’s Knox Platform for Enterprise (KPE), now licensed at no charge to all customers, includes Knox for ML tools that developers can use to secure their ML models. End users with Samsung devices get all of the benefits of the developers’ ML-based app, while the developers’ valuable IP is protected against illegitimate reproduction, abuse and loss of revenue.

ML vs. predecessors

To further explain this problem, let’s compare ML-based apps to older apps, such as electronic encyclopedias or GPS-based navigators. In both these cases, there’s some software to help the user with the functions of the app, but the database where the app sources its information is much more important and represents the true value of the app. And unless this database is properly protected, there’s a real threat of someone stealing it to write and sell their own competing app.

Most ML apps have the same weakness: The app is important, but the back-end algorithm and data are even more so. Knox for ML lets developers safely install their ML model on a mobile device while leveraging Samsung’s defense-grade cybersecurity. These ML protection tools ensure that the ML model is never stored unencrypted on the mobile device, and control which apps are permitted to load and run the encrypted model.

Knox for ML in action

As an example use case, a software developer might develop a physical therapy app for use on smartphones and tablets. The app helps users to do their physical therapy at home, and utilizes image processing and ML to provide expert feedback to the user. There’s no perfect substitute for seeing a good physical therapist in person, but receiving regular feedback through the app could speed up the user’s recovery, because they’re able to improve their exercise technique between appointments.

In this example, the ML model is a critical part of the app, the part that allows the smartphone or tablet to use its onboard camera to analyze the patient’s exercises to determine whether the patient is doing them as prescribed. Processing the image data locally comes with a clear advantage: The smartphone app can provide instant feedback, because it doesn’t have to upload hundreds of megabytes of video to a server somewhere. And privacy issues are minimized, because the user’s images never leave their device.

But now the developer faces a different security issue, because a huge amount of their IP is now sitting on a mobile device, where it could be easily copied or stolen. The Knox for ML toolkit and application programming interfaces (APIs) help software developers secure their ML data so that it can be stored without risk of theft or misappropriation. Developers start by using the Knox ML Encryption Tool to encrypt and sign their ML file and specify which apps are allowed to use the model. Then, developers can use the Samsung Knox software development kit (SDK) API calls to load and run the encrypted model. The Knox APIs create a dedicated service session to isolate the ML model, invoke the encrypted ML model, return the model inference and destroy the session — all tied to the security of Samsung’s hardware-enabled encryption technologies.

Developers who want to learn more should start by signing up with the Knox Partner Program. Free KPE licenses are available with full documentation on the Samsung Knox SDK.

 

Discover how Samsung Knox provides defense-grade mobile security for your company’s devices. And sign up for the Knox Partner Program to use the Knox SDK and tools designed to protect your Machine Learning models on mobile devices.