A novel secure deep ensemble learning protocol based on Conjugacy search problem homomorphic encryption scheme
DOI:
https://doi.org/10.54654/isj.v1i15.830Keywords:
Deep learning, Privacy Preserving machine learning, secure multi-participant computationTóm tắt
Abstract—Nowadays, machine learning and
deep learning have been widely employed. User
privacy is an issue to consider in problems such as
medicine, and finance. Machine learning models
not only require accurate predictions but also
ensure the privacy and security of data for users.
In this paper, we propose a method to ensure the
privacy for training and using deep learning
models that employs a homomorphic encryption
scheme based on the conjugate search problem.
This method implements encryption on the data
before transferring them to a cloud server, which
stores local deep learning models from
participants to predict the encrypted data, then
the encrypted prediction results are sent back to
users, and they perform decryption to get the
model’s prediction result. These results can also be
assembled to create a new training dataset for a
model from the client. It is evident that our
proposed model on the MNIST dataset produces
an accuracy over 98% with some very simple
network architectures and approximates the
accuracy of centralized complex models, which
does not ensure privacy.
Tóm tắt— Hiện nay, học máy và học sâu nói
chung đã và đang được ứng dụng rất rộng rãi. Tuy
nhiên, trong nhiều bài toán như y tế, tài chính, dữ
liệu riêng tư của người dùng là một vấn đề cần xem
xét. Các mô hình học máy không chỉ yêu cầu dự
đoán chính xác mà còn cần đảm bảo được tính
riêng tư và bảo mật của dữ liệu cho người dùng.
Trong bài báo này, nhóm tác giả trình bày một
phương pháp đảm bảo tính riêng tư cho việc huấn
luyện và sử dụng các mô hình học máy đặc biệt là
học sâu sử dụng hệ mã hóa đồng cấu dựa trên bài
toán tìm kiếm liên hợp. Phương pháp pháp mã hóa
đồng cấu này thực hiện mã hóa dữ liệu trước khi
gửi lên các máy chủ đám mây, nơi lưu trữ mô hình
học học sâu cục bộ của các bên tham gia để đưa ra
các dự đoán tương ứng trên dữ liệu đầu vào ở dạng
mã hóa, sau đó kết quả dự đoán sẽ được trả về
người dùng và người dùng thực hiện giả mã để
nhận được kết quả dự đoán của mô hình. Các kết
quả này cũng có thể được xây dựng thành một bộ
dữ liệu huấn luyện để thực hiện quá trình xây
dựng và huấn luyện lại một mô hình cho máy
khách. Nhóm tác giả chỉ ra rằng, mô hình đề xuất
của nhóm tác giả trên bộ dữ liệu chuẩn MNIST
cho độ chính xác lên tới gần 99% với kiến trúc
mạng rất đơn giản và gần như có độ chính xác xấp
xỉ với các mô hình phức tạp tập trung không đảm
bảo tính riêng tư cho dữ liệu.
Downloads
References
C. Aggarwal. Neural Networks and Deep
Learning. Springer, Cham, 2018..
C. C. Aggarwal and P. S. Yu, editors. PrivacyPreserving Data Mining - Models and
Algorithms, volume 34 of Advances in Database
Systems. Springer, 2008
U. M. A¨ıvodji, S. Gambs, and A. Martin. Iotfla:
A secured and privacy-preserving smart home
architecture implementing federated learning. In
IEEE Security and Privacy Workshops
(SPW), pages 175–180. IEEE, 2019.
M. Al-Rubaie and J. M. Chang. Privacypreserving machine learning: Threats and
solutions. IEEE Security Privacy,
(2):49–58, 2019.
Y. Bengio, I. Goodfellow, and A. Courville. Deep
learning, volume 1. MIT press Massachusetts,
USA:, 2017.
Boles and P. Rad. Voice biometrics: Deep
learning-based voiceprint authentication system.
In 2017 12th System of Systems Engineering
Conference (SoSE), pages 1–6. IEEE, 2017.
Bu, Y. Ma, Z. Chen, and H. Xu. Privacy
preserving backpropagation based on bgv on
cloud. In 2015 IEEE 17th International
Conference on High Performance Computing and
Communications, 2015 IEEE 7th International
Symposium on Cyberspace Safety and Security,
and 2015 IEEE 12th International Conference on
Embedded Software and Systems, pages 1791–
, 2015.
J. Chen, X. Pan, R. Monga, S. Bengio, and R.
Jozefowicz. Revisiting distributed synchronous
sgd. arXiv preprint arXiv:1604.00981, 2016.
Guo and N. Zhang. A survey on deep learning
based face recognition. Computer vision and
image understanding, 189:102805, 2019.
Gupta and R. Raskar. Distributed learning of deep
neural network over multiple agents. Journal of
Network and Computer Applications,
:1 – 8, 2018.
Hard, C. M. Kiddon, D. Ramage, F. Beaufays, H.
Eichner, K. Rao, R. Mathews, and S. Augenstein.
Federated learning for mobile keyboard
prediction, 2018.
Hitaj, G. Ateniese, and F. Perez-Cruz. Deep
models under the gan: Information leakage from
collaborative deep learning. In Proceedings of the
ACM SIGSAC Conference on Computer
and Communications Security, CCS ’17, page
–618, New York, NY, USA, 2017.
Association for Computing Machinery.
P. Li, J. Li, Z. Huang, T. Li, C.-Z. Gao, S.-M. Yiu,
and K. Chen. Multi-key privacy-preserving deep
learning in cloud computing. Future Generation
Computer Systems, 74:76 – 85, 2017.
T. Li, A. K. Sahu, A. Talwalkar, and V. Smith.
Federated learning: Challenges, methods, and
future directions. IEEE Signal Processing
Magazine, 37(3):50–60, 2020.
L. Lyu, X. He, Y. W. Law, and M. Palaniswami.
Privacypreserving collaborative deep learning
with application to human activity recognition. In
Proceedings of the 2017 ACM on Conference on
Information and Knowledge Management, CIKM
’17, page 1219–1228, New York, NY, USA,
Association for Computing Machinery.
P. Mohassel and Y. Zhang. Secureml: A system
for scalable privacy-preserving machine learning.
In 2017 IEEE Symposium on Security and
Privacy (SP), pages 19–38, 2017.
N. Papernot, M. Abadi, U. Erlingsson, I.
Goodfellow, and K. Talwar. Semi-supervised
knowledge transfer for deep learning from private
training data. arXiv preprint
arXiv:1610.05755, 2016.
L. T. Phong, Y. Aono, T. Hayashi, L. Wang, and
S. Moriai. Privacy-preserving deep learning via
additively homomorphic encryption. Trans. Info.
For. Sec., 13(5):1333–1345, May 2018.
M. I. Razzak, S. Naz, and A. Zaib. Deep learning
for medical image processing: Overview,
challenges and the future. Classification in
BioApps, pages 323–350, 2018.
L. Rokach. Ensemble Learning: Pattern
Classification Using Ensemble Methods (Second
Edition). World Scientific Publishing Co Pte Ltd,
Singapore, 2nd edition, 2019.
R. Shokri and V. Shmatikov. Privacy-preserving
deep learning. In Proceedings of the 22nd ACM
SIGSAC conference on computer and
communications security, pages
–1321, 2015.
Voulodimos, N. Doulamis, A. Doulamis, and E.
Protopapadakis. Deep learning for computer
vision: A brief review. Computational
intelligence and neuroscience, 2018.
S. Wagh, D. Gupta, and N. Chandran. Securenn:
Efficient and private neural network training. In
Privacy Enhancing Technologies Symposium.
(PETS 2019), February 2019.
X. Wang, Y. Zhao, and F. Pourpanah. Recent
advances in deep learning, 2020.
J. Yuan and S. Yu. Privacy preserving backpropagation neural network learning made
practical with cloud computing. IEEE
Transactions on Parallel and Distributed Systems,
(1):212– 221, 2014.
Q. Zhang, L. T. Yang, and Z. Chen. Privacy
preserving deep computation model on cloud for
big data feature learning. IEEE Trans. Comput.,
(5):1351–1362, May 2016
Downloads
Abstract views: 0 / PDF downloads: 0
Published
How to Cite
Issue
Section
License
Proposed Policy for Journals That Offer Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
Proposed Policy for Journals That Offer Delayed Open Access
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication, with the work [SPECIFY PERIOD OF TIME] after publication simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).