Advertisement

PINFER: Privacy-Preserving Inference

Logistic Regression, Support Vector Machines, and More, over Encrypted Data
  • Marc JoyeEmail author
  • Fabien Petitcolas
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11737)

Abstract

The foreseen growing role of outsourced machine learning services is raising concerns about the privacy of user data. This paper proposes a variety of protocols for privacy-preserving regression and classification that (i) only require additively homomorphic encryption algorithms, (ii) limit interactions to a mere request and response, and (iii) that can be used directly for important machine-learning algorithms such as logistic regression and SVM classification. The basic protocols are then extended and applied to simple feed-forward neural networks.

Keywords

Machine learning as a service Linear regression Logistic regression Support vector machines Feed-forward neural networks Data privacy Additively homomorphic encryption 

References

  1. 1.
    Abu-Mostafa, Y.S., Magdon-Ismail, M., Lin, H.T.: Learning From Data: A Short Course. AMLbook.com, New York (2012). http://amlbook.comGoogle Scholar
  2. 2.
    Agrawal, R., Srikant, R.: Privacy-preserving data mining. ACM SIGMOD Rec. 29(2), 439–450 (2000).  https://doi.org/10.1145/335191.335438CrossRefGoogle Scholar
  3. 3.
    Barni, M., Orlandi, C., Piva, A.: A privacy-preserving protocol for neural-network-based computation. In: MM&Sec 2006, pp. 146–151. ACM (2006).  https://doi.org/10.1145/1161366.1161393
  4. 4.
    Bos, J.W., Lauter, K., Naehrig, M.: Private predictive analysis on encrypted medical data. J. Biomed. Inf. 50, 234–243 (2014).  https://doi.org/10.1016/j.jbi.2014.04.003CrossRefGoogle Scholar
  5. 5.
    Bost, R., Popa, R.A., Tu, S., Goldwasser, S.: Machine learning classification over encrypted data. In: NDSS 2015. The Internet Society (2015).  https://doi.org/10.14722/ndss.2015.23241
  6. 6.
    Damgård, I., Geisler, M., Krøigaard, M.: Homomorphic encryption and secure comparison. Int. J. Appl. Cryptogr. 1(1), 22–31 (2008).  https://doi.org/10.1504/IJACT.2008.017048MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Damgård, I., Geisler, M., Krøigaard, M.: A correction to ‘efficient and secure comparison for on-line auctions’. Int. J. Appl. Cryptogr. 1(4), 323–324 (2009).  https://doi.org/10.1504/IJACT.2009.028031MathSciNetCrossRefzbMATHGoogle Scholar
  8. 8.
    Dwork, C., Feldman, V.: Privacy-preserving prediction. In: COLT 2018. PMLR, vol. 75, pp. 1693–1702. PMLR (2018). http://proceedings.mlr.press/v75/dwork18a/dwork18a.pdf
  9. 9.
    Erkin, Z., Franz, M., Guajardo, J., Katzenbeisser, S., Lagendijk, I., Toft, T.: Privacy-preserving face recognition. In: Goldberg, I., Atallah, M.J. (eds.) PETS 2009. LNCS, vol. 5672, pp. 235–253. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03168-7_14CrossRefGoogle Scholar
  10. 10.
    Glorot, X., Bordes, A., Bengjio, Y.: Deep sparse rectifier neural networks. In: AISTAT 2011. PMLR, vol. 15, pp. 315–323. PMLR (2011). http://proceedings.mlr.press/v15/glorot11a/glorot11a.pdf
  11. 11.
    Goethals, B., Laur, S., Lipmaa, H., Mielikäinen, T.: On private scalar product computation for privacy-preserving data mining. In: Park, C., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 104–120. Springer, Heidelberg (2005).  https://doi.org/10.1007/11496618_9CrossRefGoogle Scholar
  12. 12.
    Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984).  https://doi.org/10.1016/0022-0000(84)90070-9MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Hastie, T., Tibshirani, R., Friedman, J.: The Elements of Statistical Learning. Springer Series in Statistics, 2nd edn. Springer, New York (2009).  https://doi.org/10.1007/978-0-387-84858-7CrossRefzbMATHGoogle Scholar
  14. 14.
    Hubara, I., Courbariaux, M., Soudry, D., El-Yaniv, R., Bengio, Y.: Binarized neural networks. In: NISP 2016, pp. 4107–4115. Curran Associates, Inc. http://papers.nips.cc/paper/6573-binarized-neural-networks.pdf
  15. 15.
    Joye, M., Salehi, F.: Private yet efficient decision tree evaluation. In: Kerschbaum, F., Paraboschi, S. (eds.) DBSec 2018. LNCS, vol. 10980, pp. 243–259. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-95729-6_16CrossRefGoogle Scholar
  16. 16.
    Kim, M., Song, Y., Wang, S., Xia, Y., Jiang, X.: Secure logistic regression based on homomorphic encryption: design and evaluation. JMIR Med. Inform. 6(2), e19 (2018).  https://doi.org/10.2196/medinform.8805CrossRefGoogle Scholar
  17. 17.
    Lindell, Y., Pinkas, B.: Privacy preserving data mining. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 36–54. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-44598-6_3CrossRefGoogle Scholar
  18. 18.
    Mohassel, P., Zhang, Y.: SecureML: A system for scalable privacy-preserving machine learning. In: IEEE S&P 2017, pp. 19–38. IEEE Computer Society (2017).  https://doi.org/10.1109/SP.2017.12
  19. 19.
    Tramèr, F., Zhang, F., Juels, A., Reiter, M.K., Ristenpart, T.: Stealing machine learning models via prediction APIs. In: USENIX Security 2016, pp. 601–618. USENIX Association (2016). https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_tramer.pdf
  20. 20.
    Veugen, T.: Improving the DGK comparison protocol. In: WIFS 2012, pp. 49–54. IEEE (2012).  https://doi.org/10.1109/WIFS.2012.6412624
  21. 21.
    Zhang, J., Wang, X., Yiu, S.M., Jiang, Z.L., Li, J.: Secure dot product of outsourced encrypted vectors and its application to SVM. In: SCC@AsiaCCS 2017, pp. 75–82. ACM (2017).  https://doi.org/10.1145/3055259.3055270

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.OneSpanBrusselsBelgium

Personalised recommendations