arxiv: 2605.05751 · v1 · submitted 2026-05-07 · 💻 cs.DC

Recognition: unknown

A Privacy-Preserving Machine Learning Framework for Edge Intelligence: An Empirical Analysis

Bahman Javadi, Jim Basilakis, Quoc Lap Trieu

Pith reviewed 2026-05-08 05:25 UTC · model grok-4.3

classification 💻 cs.DC

keywords edge intelligenceprivacy-preserving machine learningdifferential privacysecure multi-party computationfully homomorphic encryptionmodel accuracylatencyenergy consumption

0 comments

The pith

Differential privacy preserves edge machine learning throughput and latency close to unprotected baselines while lowering risks from model extraction attacks.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper introduces a four-layer architecture for privacy-preserving machine learning on edge devices and compares differential privacy, secure multi-party computation, and fully homomorphic encryption through real runs and simulations. It finds that differential privacy maintains performance metrics similar to plaintext processing but sees accuracy decline as models grow more complex, reaching 35 percent loss on AlexNet. Secure multi-party computation depends heavily on network speed for its latency, and fully homomorphic encryption adds roughly a thousandfold increase in response time. The analysis also shows differential privacy makes it harder for attackers to steal models efficiently in black-box settings.

Core claim

The core finding is that differential privacy offers an efficient privacy mechanism for edge intelligence inference tasks, maintaining near-baseline throughput and latency, with accuracy impacts scaling by model complexity, while also shifting the privacy-utility frontier by impeding black-box model stealing; in contrast, secure multi-party computation's costs are communication-driven and fully homomorphic encryption incurs extreme compute overhead sensitive to model and precision parameters.

What carries the argument

The four-layer system architecture together with training and inference algorithms implementing differential privacy, secure multi-party computation, and fully homomorphic encryption.

Load-bearing premise

The models, datasets, network conditions, and implementation choices tested are typical of real edge intelligence applications.

What would settle it

Running the same inference tasks on a new dataset with models larger than AlexNet and observing whether accuracy drops exceed 35 percent or if latency deviates significantly from baselines under varied network loads.

read the original abstract

As Edge Intelligence (EI) becomes increasingly prevalent in domains such as smart healthcare, manufacturing, and critical infrastructure, ensuring data privacy while maintaining system efficiency is a growing challenge. This paper presents a new privacy-preserving machine learning (PPML) framework tailored for EI applications, including a four-layer system architecture and training and inference algorithms. We focus on three leading approaches: Differential Privacy (DP), Secure Multi-party Computation (SMC), and Fully Homomorphic Encryption (FHE), and assess their impact on key performance metrics, including model accuracy, response time, and energy consumption. Results from real implementation and extensive trace-based simulations of inference tasks show that DP generally preserves throughput and latency close to plaintext baselines, while accuracy drops with model complexity (up to 35 percent on AlexNet and under 18 percent on LeNet for FordA). SMC performance is driven by communication; network bandwidth and round complexity determine end-to-end latency. For AlexNet, increasing link capacity from 250 Mbps to 500 Mbps reduces latency by about 30 percent. FHE is highly sensitive to model structure and numerical precision bit width, with tighter parameters imposing substantial compute overhead; we observe roughly a 1000 times increase in response time compared to DP. Beyond efficiency, DP shifts the privacy-utility-extractability frontier by reducing the attacker's data efficiency in black-box model stealing, whereas SMC and FHE, while protecting inputs and parameters during inference, require complementary output controls to achieve similar resistance to extraction. These findings provide critical insights into the trade-offs between privacy, performance, and resource efficiency in edge computing scenarios.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

The paper gives measured trade-offs showing DP as practical for edge ML while FHE is slow and SMC bandwidth-bound, but the model and network choices limit how far the numbers generalize.

read the letter

The core finding is that differential privacy keeps latency and throughput close to plaintext baselines in their edge setup, with accuracy drops of up to 35% on AlexNet versus under 18% on LeNet for the FordA data, while SMC latency improves with higher bandwidth and FHE adds roughly 1000x response time. They also report that DP reduces attacker efficiency in black-box model stealing attacks. The work ships a four-layer architecture plus training and inference algorithms, then backs the claims with both real implementations and trace-based simulations of inference tasks. That combination of concrete numbers and dual evaluation method is the main value here. It supplies practitioners with side-by-side data on accuracy, latency, energy, and one privacy-extraction angle that can inform choices in healthcare or manufacturing edge deployments. The experiments are grounded enough to be reproducible in principle, and the authors avoid claiming new cryptographic primitives. The main limitation is representativeness. FordA is univariate time-series data, yet the models include AlexNet, an image CNN; adapting it adds overhead whose privacy-utility behavior may not match typical edge sensor workloads that use smaller models on native data distributions. The 250-500 Mbps links tested are also higher than many real edge connections, which are often lower-bandwidth or intermittent. Without reported statistical tests, sensitivity sweeps, or explicit justification for these parameters, the headline numbers rest on a narrow slice of conditions. This paper is for applied researchers and engineers who need quick guidance on which privacy technique fits their latency or accuracy budget. It is not foundational, but the empirical map is honest and directly usable. It deserves peer review because the measurements come from actual code and simulations rather than pure theory, even though referees should press on the experimental choices and their generality.

Referee Report

1 major / 2 minor

Summary. The paper presents a four-layer privacy-preserving machine learning framework for edge intelligence, along with training and inference algorithms using Differential Privacy (DP), Secure Multi-party Computation (SMC), and Fully Homomorphic Encryption (FHE). Through real implementations and trace-based simulations of inference tasks, it reports that DP preserves throughput and latency close to plaintext baselines while accuracy drops with model complexity (up to 35% on AlexNet and under 18% on LeNet for the FordA dataset), SMC end-to-end latency is driven by network bandwidth and round complexity (e.g., ~30% reduction for AlexNet when increasing from 250 Mbps to 500 Mbps), FHE incurs roughly 1000x response time overhead relative to DP, and DP reduces attacker efficiency in black-box model stealing attacks.

Significance. If the measurements are robust and the workloads representative, the work would provide concrete, practical guidance on privacy-performance-resource trade-offs for PPML techniques in edge settings, which is valuable for system designers in healthcare, manufacturing, and critical infrastructure.

major comments (1)

[§4 (Evaluation)] §4 (Evaluation): The headline claims that DP preserves throughput/latency near baselines and that accuracy drops are 35% on AlexNet vs. <18% on LeNet for FordA rest on the unexamined assumption that LeNet/AlexNet on this univariate time-series dataset plus 250-500 Mbps links are representative of typical edge intelligence deployments. No justification is given for adapting an image CNN to time-series data or for why these choices match real edge constraints (smaller models, intermittent links, sensor distributions), which is load-bearing for the generalizability of all reported trade-offs.

minor comments (2)

[Abstract and §4] Abstract and §4: The concrete performance numbers (e.g., 30% latency reduction, 1000x slowdown) are stated without mentioning the number of runs, confidence intervals, or statistical tests, reducing the ability to assess measurement reliability.
[§3 (Architecture)] §3 (Architecture): The four-layer system architecture and algorithm descriptions would benefit from an accompanying diagram to clarify component interactions and data flows under each privacy mechanism.

Simulated Author's Rebuttal

1 responses · 0 unresolved

Thank you for your thorough review and constructive comments. We address the major comment on the evaluation section below and will incorporate revisions to enhance the discussion of our experimental choices and their implications for generalizability.

read point-by-point responses

Referee: [§4 (Evaluation)] §4 (Evaluation): The headline claims that DP preserves throughput/latency near baselines and that accuracy drops are 35% on AlexNet vs. <18% on LeNet for FordA rest on the unexamined assumption that LeNet/AlexNet on this univariate time-series dataset plus 250-500 Mbps links are representative of typical edge intelligence deployments. No justification is given for adapting an image CNN to time-series data or for why these choices match real edge constraints (smaller models, intermittent links, sensor distributions), which is load-bearing for the generalizability of all reported trade-offs.

Authors: We agree that providing explicit justification for the workloads and network parameters is essential for readers to assess the applicability of our results. The FordA dataset is selected as it is a well-established univariate time-series benchmark from the UCR Time Series Classification Archive, commonly used to represent sensor data in edge intelligence scenarios such as predictive maintenance in manufacturing. LeNet and AlexNet are adapted to one-dimensional convolutions, a standard approach in the literature for applying CNNs to time-series data (e.g., as in many works on 1D-CNN for ECG or vibration signals). This allows us to systematically vary model complexity while maintaining architectural consistency for comparing privacy mechanisms. The 250-500 Mbps bandwidth range is intended to model high-speed local edge networks, such as those in industrial settings with wired or advanced wireless links. In the revised manuscript, we will add a new subsection or expanded paragraph in §4 to detail these motivations, include relevant citations, and explicitly discuss the scope and limitations, including the potential impact of smaller models or intermittent connectivity. This revision will clarify that our findings demonstrate trade-offs under the evaluated conditions and provide guidance on how they may extend to other settings. revision: yes

Circularity Check

0 steps flagged

No circularity: purely empirical measurement study

full rationale

The paper presents a four-layer PPML framework and reports observed results from real implementations plus trace-based simulations of DP, SMC, and FHE on LeNet/AlexNet with FordA and other datasets. No equations, first-principles derivations, fitted parameters renamed as predictions, or load-bearing self-citations appear in the abstract or described content. All performance claims (throughput preservation under DP, latency scaling under SMC, 1000x FHE slowdown) are direct measurements, not reductions to prior inputs by construction. The analysis is therefore self-contained against external benchmarks.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

The central claims rest on the correctness of standard implementations of differential privacy, secure multi-party computation, and fully homomorphic encryption, plus assumptions that the tested edge scenarios generalize.

axioms (2)

standard math Established security and correctness properties of differential privacy, secure multi-party computation, and fully homomorphic encryption hold in the implemented setting
All performance and privacy claims presuppose that the three techniques were applied according to their standard definitions without implementation errors.
domain assumption The edge computing environment (network bandwidth, device compute, model sizes) matches the simulated and measured conditions
Results on latency and energy are tied to the specific hardware and network parameters used in the experiments.

pith-pipeline@v0.9.0 · 5596 in / 1435 out tokens · 46982 ms · 2026-05-08T05:25:49.759978+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

59 extracted references

[1]

New Opportunities, Challenges, and Applica- tions of Edge-AI for Connected Healthcare in Internet of Medical Things for Smart Cities [Journal Article]

Kamruzzaman MM, Alrashdi I, Alqazzaz A. New Opportunities, Challenges, and Applica- tions of Edge-AI for Connected Healthcare in Internet of Medical Things for Smart Cities [Journal Article]. Journal of healthcare engi- neering. 2022;2022:2950699–14

2022
[2]

Edge intelligence: Paving the last mile of artificial intelligence with edge computing [Journal Article]

Zhou Z, Chen X, Li E, Zeng L, Luo K, Zhang J. Edge intelligence: Paving the last mile of artificial intelligence with edge computing [Journal Article]. Proceedings of the IEEE. 2019;107(8):1738–1762

2019
[3]

Communication-Efficient Edge AI: Algorithms and Systems [Journal Article]

Shi Y, Yang K, Jiang T, Zhang J, Letaief KB. Communication-Efficient Edge AI: Algorithms and Systems [Journal Article]. IEEE Communications surveys and tutorials. 2020;22(4):2167–2191

2020
[4]

Streamlined Edge Comput- ing for Fire Science and Management using WIFIRE Edge

Altintas I, Purawat S, Perez I, Lee J, Floca M, Block J, et al. Streamlined Edge Comput- ing for Fire Science and Management using WIFIRE Edge. In: 2024 IEEE 20th Inter- national Conference on e-Science (e-Science). IEEE; 2024. p. 1–10

2024
[5]

Edge AI: a survey

Singh R, Gill SS. Edge AI: a survey. Inter- net of Things and Cyber-Physical Systems. 2023;3:71–92

2023
[6]

Evaluating privacy-preserving machine learning in critical infrastructures: A case study on time-series classification

Mercier D, Lucieri A, Munir M, Dengel A, Ahmed S. Evaluating privacy-preserving machine learning in critical infrastructures: A case study on time-series classification. IEEE Transactions on Industrial Informatics. 2021;18(11):7834–7842

2021
[7]

Securing and Ensur- ing the Confidentiality of Medical Data in the Era of Decentralized Technologies: A Blockchain and Self-Sovereign Identity-Based Approach

Seidi S, Abdellaoui A. Securing and Ensur- ing the Confidentiality of Medical Data in the Era of Decentralized Technologies: A Blockchain and Self-Sovereign Identity-Based Approach. Journal of Network and Systems Management. 2025;33(4):81

2025
[8]

HyMD2I: Hybrid Metaheuristic- Deep Learning Approach for Intrusion Detec- tion in IoT

Boubertakh O, Sahnoun A, Zitouni A, Harous S. HyMD2I: Hybrid Metaheuristic- Deep Learning Approach for Intrusion Detec- tion in IoT. Journal of Network and Systems Management. 2025;33(3):74

2025
[9]

Privacy-preserving task allocation for edge computing-based mobile crowdsens- ing

Ding X, Lv R, Pang X, Hu J, Wang Z, Yang X, et al. Privacy-preserving task allocation for edge computing-based mobile crowdsens- ing. Computers & Electrical Engineering. 2022;97:107528

2022
[10]

A Comprehensive Survey on Secure Outsourced Computation and Its Applications [Journal Article]

Yang Y, Huang X, Liu X, Cheng H, Weng J, Luo X, et al. A Comprehensive Survey on Secure Outsourced Computation and Its Applications [Journal Article]. IEEE access. 2019;7:159426–159465

2019
[11]

A firm foundation for private data analysis [Journal Article]

Dwork C. A firm foundation for private data analysis [Journal Article]. Communications of the ACM. 2011;54(1):86–95

2011
[12]

Concretely efficient secure multi-party computation protocols: survey and more [Journal Article]

Feng D, Yang K. Concretely efficient secure multi-party computation protocols: survey and more [Journal Article]. Security and Safety. 2022;1:2021001. 24

2022
[13]

Security and privacy issues in cloud, fog and edge com- puting [Journal Article]

Parikh S, Dave D, Patel R, Doshi N. Security and privacy issues in cloud, fog and edge com- puting [Journal Article]. Procedia Computer Science. 2019;160:734–739

2019
[14]

Big data privacy preserving in multi-access edge computing for heterogeneous Internet of Things [Journal Article]

Du M, Wang K, Chen Y, Wang X, Sun Y. Big data privacy preserving in multi-access edge computing for heterogeneous Internet of Things [Journal Article]. IEEE Communica- tions Magazine. 2018;56(8):62–67

2018
[15]

Dif- ferential privacy techniques for cyber phys- ical systems: a survey [Journal Article]

Hassan MU, Rehmani MH, Chen J. Dif- ferential privacy techniques for cyber phys- ical systems: a survey [Journal Article]. IEEE Communications Surveys & Tutorials. 2019;22(1):746–789

2019
[16]

Privacy- preserving blockchain-enabled federated learning for B5G-Driven edge computing [Journal Article]

Wan Y, Qu Y, Gao L, Xiang Y. Privacy- preserving blockchain-enabled federated learning for B5G-Driven edge computing [Journal Article]. Computer Networks. 2022;204(108671)

2022
[17]

An adaptive federated learning scheme with differential privacy preserving [Journal Arti- cle]

Wu X, Zhang Y, Shi M, Li P, Li R, Xiong NN. An adaptive federated learning scheme with differential privacy preserving [Journal Arti- cle]. Future Generation Computer Systems. 2022;127:362–372

2022
[18]

Blockchain- Enabled Contextual Online Learning under Local Differential Privacy for Coronary Heart Disease Diagnosis in Mobile Edge Computing [Journal Article]

Liu X, Zhou P, Qiu T, Wu DO. Blockchain- Enabled Contextual Online Learning under Local Differential Privacy for Coronary Heart Disease Diagnosis in Mobile Edge Computing [Journal Article]. IEEE Journal of Biomedi- cal and Health Informatics. 2020;24(8):2177– 2188

2020
[19]

Differential Privacy-Based Blockchain for Industrial Internet-of-Things [Journal Arti- cle]

Gai K, Wu Y, Zhu L, Zhang Z, Qiu M. Differential Privacy-Based Blockchain for Industrial Internet-of-Things [Journal Arti- cle]. IEEE Transactions on Industrial Infor- matics. 2020;16(6):4156–4165

2020
[20]

Learning with Privacy at Scale [Journal Article]

Apple D. Learning with Privacy at Scale [Journal Article]. Apple Machine Learning Journal. 2017;1(8)

2017
[21]

A privacy-preserving deep learning approach for face recognition with edge computing

Mao Y, Yi S, Li Q, Feng J, Xu F, Zhong S. A privacy-preserving deep learning approach for face recognition with edge computing. In: Proc. USENIX Workshop Hot Topics Edge Comput.(HotEdge); 2018. p. 1–6

2018
[22]

Differ- ential Privacy Preserving of Training Model in Wireless Big Data with Edge Computing [Journal Article]

Du M, Wang K, Xia Z, Zhang Y. Differ- ential Privacy Preserving of Training Model in Wireless Big Data with Edge Computing [Journal Article]. IEEE transactions on big data. 2020;6(2):283–295

2020
[23]

Prac- tical privacy-preserving federated learning in vehicular fog computing [Journal Article]

Li Y, Li H, Xu G, Xiang T, Lu R. Prac- tical privacy-preserving federated learning in vehicular fog computing [Journal Article]. IEEE Transactions on Vehicular Technology. 2022;71(5):4692–4705

2022
[24]

CE-Fed: Com- munication efficient multi-party computation enabled federated learning [Journal Article]

Kanagavelu R, Wei Q, Li Z, Zhang H, Sam- sudin J, Yang Y, et al. CE-Fed: Com- munication efficient multi-party computation enabled federated learning [Journal Article]. Array. 2022;15:100207

2022
[25]

A verifiable privacy-preserving data collec- tion scheme supporting multi-party computa- tion in fog-based smart grid [Journal Article]

Liu Z, Cao Z, Dong X, Zhao X, Bao H, Shen J. A verifiable privacy-preserving data collec- tion scheme supporting multi-party computa- tion in fog-based smart grid [Journal Article]. Frontiers of Computer Science. 2022;16:1–11

2022
[26]

On the Design of a Searchable Encryption Protocol for Keyword Search using Proactive Secret Sharing

Praveen K, KS GA, Ray IG, Adhikari A, Datta S, Biswas AK. On the Design of a Searchable Encryption Protocol for Keyword Search using Proactive Secret Sharing. In: 2024 IEEE 20th International Conference on e-Science (e-Science). IEEE; 2024. p. 1–8

2024
[27]

Trust-aware and incentive-based offloading scheme for secure multi-party computation in Internet of Things [Journal Article]

Olakanmi OO, Odeyemi KO. Trust-aware and incentive-based offloading scheme for secure multi-party computation in Internet of Things [Journal Article]. Internet of Things. 2022;19:100527

2022
[28]

Distributed Computation Offloading with Low Latency for Artificial Intelligence in Vehicular Net- working [Journal Article]

Liu D, Sun F, Wang W, Dev K. Distributed Computation Offloading with Low Latency for Artificial Intelligence in Vehicular Net- working [Journal Article]. IEEE Communica- tions Standards Magazine. 2023;7(1):74–80

2023
[29]

Fog-enabled secure multiparty computa- tion based aggregation scheme in smart grid [Journal Article]

Khan HM, Khan A, Jabeen F, Anjum A, Jeon G. Fog-enabled secure multiparty computa- tion based aggregation scheme in smart grid [Journal Article]. Computers & Electrical Engineering. 2021;94:107358

2021
[30]

Homomorphic Encryption Based 25 Privacy-Preservation for IoMT [Journal Arti- cle]

Salim MM, Kim I, Doniyor U, Lee C, Park JH. Homomorphic Encryption Based 25 Privacy-Preservation for IoMT [Journal Arti- cle]. Applied Sciences. 2021;11(18):8757

2021
[31]

A secure time synchronization protocol against fake timestamps for large-scale Internet of Things [Journal Article]

Qiu T, Liu X, Han M, Ning H, Wu DO. A secure time synchronization protocol against fake timestamps for large-scale Internet of Things [Journal Article]. IEEE Internet of Things Journal. 2017;4(6):1879–1889

2017
[32]

Introduction to homomorphic encryption and schemes

Cheon JH, Costache A, Moreno RC, Dai W, Gama N, Georgieva M, et al. Introduction to homomorphic encryption and schemes. In: Protecting Privacy through Homomorphic Encryption. Springer; 2022. p. 3–28

2022
[33]

Secure Edge of Things for Smart Health- care Surveillance Framework [Journal Arti- cle]

Alabdulatif A, Khalil I, Yi X, Guizani M. Secure Edge of Things for Smart Health- care Surveillance Framework [Journal Arti- cle]. IEEE Access. 2019;7:31010–31021

2019
[34]

A Privacy-Protection Model for Patients [Journal Article]

Cheng W, Ou W, Yin X, Yan W, Liu D, Liu C. A Privacy-Protection Model for Patients [Journal Article]. Security and Communica- tion Networks. 2020;2020:1–12

2020
[35]

Privacy-enhanced data fusion for COVID-19 applications in intel- ligent Internet of medical Things [Journal Article]

Lin H, Garg S, Hu J, Wang X, Piran MJ, Hossain MS. Privacy-enhanced data fusion for COVID-19 applications in intel- ligent Internet of medical Things [Journal Article]. IEEE Internet of Things Journal. 2020;8(21):15683–15693

2020
[36]

Privacy-preserving deep learning model for decentralized vanets using fully homomorphic encryption and blockchain [Journal Article]

Chen J, Li K, Philip SY. Privacy-preserving deep learning model for decentralized vanets using fully homomorphic encryption and blockchain [Journal Article]. IEEE Transac- tions on Intelligent Transportation Systems. 2021;23(8):11633–11642

2021
[37]

A homomorphic encryption service to secure data processing in a cloud/edge continuum context

Catalfamo A, Celesti A, Fazio M, Villari M. A homomorphic encryption service to secure data processing in a cloud/edge continuum context. In: 2022 9th International Confer- ence on Future Internet of Things and Cloud (FiCloud). IEEE; 2022. p. 55–61

2022
[38]

Experimen- tal evaluation of homomorphic encryption in cloud and edge machine learning

Hrzich J, Basra G, Halabi T. Experimen- tal evaluation of homomorphic encryption in cloud and edge machine learning. In: 2022 14th International Conference on Knowledge and Systems Engineering (KSE). IEEE; 2022. p. 1–6

2022
[39]

An edge comput- ing data privacy-preserving scheme based on blockchain and homomorphic encryption

Xu G, Zhang J, Wang L. An edge comput- ing data privacy-preserving scheme based on blockchain and homomorphic encryption. In: 2022 International Conference on Blockchain Technology and Information Security (ICBC- TIS). IEEE; 2022. p. 156–159

2022
[40]

Membership inference attacks against machine learning models

Shokri R, Stronati M, Song C, Shmatikov V. Membership inference attacks against machine learning models. In: 2017 IEEE sym- posium on security and privacy (SP). IEEE

2017
[41]

False Data Detector for Electrical Vehi- cles Temporal-Spatial Charging Coordina- tion Secure Against Evasion and Privacy Adversarial Attacks

Shafee A, Mahmoud M, Bruce J, Sri- vastava G, Balamsh A, Aljohani AJ. False Data Detector for Electrical Vehi- cles Temporal-Spatial Charging Coordina- tion Secure Against Evasion and Privacy Adversarial Attacks. IEEE Transactions on Dependable and Secure Computing. 2023;21(4):2027–2044

2023
[42]

Privacy and security vulnerabilities in edge intelligence: An analysis and countermeasures

Shafee A, Hasan S, Awaad TA. Privacy and security vulnerabilities in edge intelligence: An analysis and countermeasures. Computers and Electrical Engineering. 2025;123:110146

2025
[43]

Machine learning at scale with differential privacy in TensorFlow

Papernot N. Machine learning at scale with differential privacy in TensorFlow. In: 2019 {USENIX}Conference on Privacy Engineer- ing Practice and Respect ({PEPR}19); 2019

2019
[44]

Crypten: Secure multi-party compu- tation meets machine learning

Knott B, Venkataraman S, Hannun A, Sengupta S, Ibrahim M, van der Maaten L. Crypten: Secure multi-party compu- tation meets machine learning. Advances in Neural Information Processing Systems. 2021;34:4961–4973

2021
[45]

TFHE: fast fully homo- morphic encryption over the torus [Journal Article]

Chillotti I, Gama N, Georgieva M, Izabach` ene M. TFHE: fast fully homo- morphic encryption over the torus [Journal Article]. Journal of Cryptology. 2020;33(1):34–91

2020
[46]

Concrete: Concrete operates on ciphertexts rapidly by extending tfhe

Chillotti I, Joye M, Ligier D, Orfila JB, Tap S. Concrete: Concrete operates on ciphertexts rapidly by extending tfhe. In: WAHC 2020- 8th Workshop on Encrypted Computing & Applied Homomorphic Cryptography; 2020. . 26

2020
[47]

Optimizing Edge AI: A Comprehensive Survey on Data, Model, and System Strategies

Wang X, Jia W. Optimizing Edge AI: A Comprehensive Survey on Data, Model, and System Strategies. arXiv preprint arXiv:250103265. 2025

2025
[48]

Ima- geNet Classification with Deep Convolutional Neural Networks

Krizhevsky A, Sutskever I, Hinton G. Ima- geNet Classification with Deep Convolutional Neural Networks. In: Advances in Neu- ral Information Processing Systems. vol. 25. Curran Associates, Inc.; 2012. p. 1097–1105

2012
[49]

http: //www.timeseriesclassification.com

Bagnall A, Lines J, Vickers W, Keogh E.: The UEA & UCR Time Series Classification Repository. http: //www.timeseriesclassification.com. Online
[50]

Accessed: 2024-10-08

Zama.: Concrete-ML: Get Started. Accessed: 2024-10-08. https://docs.zama.ai/ concrete-ml/get-started/concepts

2024
[51]

EdgeS- imPy: Python-Based Modeling and Simula- tion of Edge Computing Resource Manage- ment Policies

Souza PS, Ferreto T, Calheiros RN. EdgeS- imPy: Python-Based Modeling and Simula- tion of Edge Computing Resource Manage- ment Policies. Future Generation Computer Systems. 2023;148:446–459

2023
[52]

Edge com- puting in healthcare: Innovations, oppor- tunities, and challenges

Rancea A, Anghel I, Cioara T. Edge com- puting in healthcare: Innovations, oppor- tunities, and challenges. Future internet. 2024;16(9):329

2024
[53]

Efficacy of wearable cardiac monitoring devices versus traditional methods in detect- ing atrial fibrillation: a systematic review and meta-analysis

Ochoa GFT, Clavijo PEC, Tonato JLM, Guartatanga PGP, Vela MPM, Nu˜ nez FIN, et al. Efficacy of wearable cardiac monitoring devices versus traditional methods in detect- ing atrial fibrillation: a systematic review and meta-analysis. Salud, Ciencia y Tecnolog ˜Aa. 2024;4

2024
[54]

A smartwatch to identify atrial fibrillation

Qiu J, Wang Y. A smartwatch to identify atrial fibrillation. The New England journal of medicine. 2020;382(10):974–975

2020
[55]

3D object detection for autonomous driving: A com- prehensive survey

Mao J, Shi S, Wang X, Li H. 3D object detection for autonomous driving: A com- prehensive survey. International Journal of Computer Vision. 2023;131(8):1909–1963

2023
[56]

The algorithmic foundations of differential privacy

Dwork C, Roth A, et al. The algorithmic foundations of differential privacy. Founda- tions and trends®in theoretical computer science. 2014;9(3–4):211–407

2014
[57]

Generalization techniques empirically outperform differen- tial privacy against membership inference

Liu J, Oya S, Kerschbaum F. Generalization techniques empirically outperform differen- tial privacy against membership inference. arXiv preprint arXiv:211005524. 2021

2021
[58]

A systematic survey of model extraction attacks and defenses: State-of- the-art and perspectives

Zhao K, Li L, Ding K, Gong NZ, Zhao Y, Dong Y. A systematic survey of model extraction attacks and defenses: State-of- the-art and perspectives. arXiv preprint arXiv:250815031. 2025

2025
[59]

Privacy-preserving machine learning (PPML) inference for clini- cally actionable models

Balaban B, Magara SS, Yilgor C, Yucekul A, Obeid I, Pizones J, et al. Privacy-preserving machine learning (PPML) inference for clini- cally actionable models. IEEE Access. 2025;. 27

2025