Advertisement

Private yet Efficient Decision Tree Evaluation

  • Marc Joye
  • Fariborz Salehi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10980)

Abstract

Decision trees are a popular method for a variety of machine learning tasks. A typical application scenario involves a client providing a vector of features and a service provider (server) running a trained decision-tree model on the client’s vector. Both inputs need to be kept private. In this work, we present efficient protocols for privately evaluating decision trees. Our design reduces the complexity of existing solutions with a more interactive setting, which improves the total number of comparisons to evaluate the decision tree. It crucially uses oblivious transfer protocols and leverages their amortized overhead. Furthermore, and of independent interest, we improve by roughly a factor of two the DGK comparison protocol.

Keywords

Data mining Privacy Integer comparison Decision trees 

References

  1. 1.
    Abu-Nimeh, S., Nappa, D., Wang, X., Nair, S.: A comparison of machine learning techniques for phishing detection. In: 2nd Annual eCrime Researchers Summit, pp. 60–69. ACM (2007).  https://doi.org/10.1145/1299015.1299021
  2. 2.
    Agrawal, R., Shrikant, R.: Privacy-preserving data mining. ACM SIGMOD Record 29(2), 439–450 (2000).  https://doi.org/10.1145/335191.335438CrossRefGoogle Scholar
  3. 3.
    Asharov, G., Lindell, Y., Schneider, T., Zohner, M.: More efficient oblivious transfer extensions. J. Cryptol. 30(3), 805–858 (2017).  https://doi.org/10.1007/s00145-016-9236-6MathSciNetCrossRefGoogle Scholar
  4. 4.
    Azar, A.T., El-Metwally, S.M.: Decision tree classifiers for automated medical diagnosis. Neural Comput. Appl. 23(7–8), 2387–2403 (2013).  https://doi.org/10.1007/s00521-012-1196-7CrossRefGoogle Scholar
  5. 5.
    Barni, M., et al.: Secure evaluation of private linear branching programs with medical applications. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 424–439. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-04444-1_26CrossRefGoogle Scholar
  6. 6.
    Benhamouda, F., Herranz, J., Joye, M., Libert, B.: Efficient cryptosystems from \(2^k\)-th power residue symbols. J. Cryptol. 30(2), 519–549 (2017).  https://doi.org/10.1007/s00145-016-9229-5
  7. 7.
    Bost, R., Popa, R.A., Tu, S., Goldwasser, S.: Machine learning classification over encrypted data. In: 22nd Annual Network and Distributed System Security Symposium (NDSS 2015). The Internet Society (2015).  https://doi.org/10.14722/ndss.2015.23241
  8. 8.
    Bunn, P., Ostrovsky, R.: Secure two-party \(k\)-means clustering. In: 14th ACM Conference on Computer and Communications Security (CCS 2007), pp. 486–497. ACM (2007).  https://doi.org/10.1145/1315245.1315306
  9. 9.
    Damgård, I., Geisler, M., Krøigaard, M.: Efficient and secure comparison for on-line auctions. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 416–430. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-73458-1_30CrossRefGoogle Scholar
  10. 10.
    Damgård, I., Geisler, M., Krøigaard, M.: Homomorphic encryption and secure comparison. Int. J. Appl. Cryptography 1(1), 22–31 (2008).  https://doi.org/10.1504/IJACT.2008.017048MathSciNetCrossRefGoogle Scholar
  11. 11.
    Damgård, I., Geisler, M., Krøigaard, M.: A correction to Efficient and secure comparison for on-line auctions. Int. J. Appl. Cryptography 1(4), 323–324 (2009).  https://doi.org/10.1504/IJACT.2009.028031MathSciNetCrossRefGoogle Scholar
  12. 12.
    Du, W., Zhan, Z.: Building decision tree classifier on private data. In: IEEE Workshop on Privacy, Security, and Data Mining. Conferences in Research and Practice in Information Technology, vol. 14. Australian Computer Society (2002). http://crpit.com/confpapers/CRPITV14Du.pdf
  13. 13.
    Erkin, Z., et al.: Privacy-preserving face recognition. In: Goldberg, I., Atallah, M.J. (eds.) PETS 2009. LNCS, vol. 5672, pp. 235–253. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03168-7_14CrossRefGoogle Scholar
  14. 14.
    Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. Commun. ACM 28(6), 637–647 (1985).  https://doi.org/10.1145/3812.3818MathSciNetCrossRefGoogle Scholar
  15. 15.
    Ho, T.K.: The random subspace method for constructing decision forests. IEEE Trans. Pattern Anal. Mach. Intell. 20(8), 832–844 (1998).  https://doi.org/10.1109/34.709601CrossRefGoogle Scholar
  16. 16.
    Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-68697-5_9CrossRefGoogle Scholar
  17. 17.
    Libbrecht, M.W., Noble, W.S.: Machine learning applications in genetics and genomics. Nat. Rev. Genet. 16(6), 321–332 (2015).  https://doi.org/10.1038/nrg3920CrossRefGoogle Scholar
  18. 18.
    Lin, H.-Y., Tzeng, W.-G.: An efficient solution to the millionaires’ problem based on homomorphic encryption. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 456–466. Springer, Heidelberg (2005).  https://doi.org/10.1007/11496137_31CrossRefGoogle Scholar
  19. 19.
    Lindell, Y. (ed.): Tutorials on the Foundations of Cryptography. Information Security and Cryptography. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-57048-8Google Scholar
  20. 20.
    Lindell, Y., Pinkas, B.: Privacy preserving data mining. J. Cryptol. 15(3), 177–206 (2002).  https://doi.org/10.1007/s00145-001-0019-2MathSciNetCrossRefzbMATHGoogle Scholar
  21. 21.
    Liu, C., Wechsler, H.: Gabor feature based classification using the enhanced Fisher linear discriminant model for face recognition. IEEE Trans. Image Process. 11(4), 467–476 (2002).  https://doi.org/10.1109/TIP.2002.999679CrossRefGoogle Scholar
  22. 22.
    Min, J.H., Lee, Y.C.: Bankruptcy prediction using support vector machine with optimal choice of kernel function parameters. Expert Syst. Appl. 28(4), 603–614 (2005).  https://doi.org/10.1016/j.eswa.2004.12.008CrossRefGoogle Scholar
  23. 23.
    Mohassel, P., Zhang, Y.: SecureML: A system for scalable privacy-preserving machine learning. In: 2017 IEEE Symposium on Security and Privacy, pp. 19–38. IEEE (2017).  https://doi.org/10.1109/SP.2017.12
  24. 24.
    Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: 12th Annual ACM-SIAM Symposium on Discrete Algorithms (SODA 2001), pp. 448–457. ACM/SIAM (2001). https://dl.acm.org/citation.cfm?id=365411.365502
  25. 25.
    Nasrabadi, N.M.: Pattern recognition and machine learning. J. Electronic Imaging 16(4), 049901 (2007).  https://doi.org/10.1117/1.2819119
  26. 26.
    Nikolaenko, V., Ioannidis, S., Weinsberg, U., Joye, M., Taft, N., Boneh, D.: Privacy-preserving matrix factorization. In: 20th ACM Conference on Computer and Communications Security (CCS 2013), pp. 801–812. ACM (2013).  https://doi.org/10.1145/2508859.2516751
  27. 27.
    Nikolaenko, V., Weinsberg, U., Ioannidis, S., Joye, M., Boneh, D., Taft, N.: Privacy-preserving ridge regression on hundreds of millions of records. In: 2013 IEEE Symposium on Security and Privacy, pp. 334–348. IEEE (2013).  https://doi.org/10.1109/SP.2013.30
  28. 28.
    Rabin, M.O.: How to exchange secrets by oblivious transfer. Technical report TR-81. Harvard University (1981). https://ia.cr/2005/187
  29. 29.
    Resnick, P., Varian, H.R.: Recommender systems. Commun. ACM 40(3), 56–58 (1997).  https://doi.org/10.1145/245108.245121CrossRefGoogle Scholar
  30. 30.
    Rivest, R.L., Adleman, L., Dertouzous, M.L.: On data banks and privacy homomorphisms. In: Foundations of Secure Computation, pp. 169–179. Academic Press (1978). https://people.csail.mit.edu/rivest/RivestAdlemanDertouzos-OnDataBanksAndPrivacyHomomorphisms.pdf
  31. 31.
    Tai, R.K.H., Ma, J.P.K., Zhao, Y., Chow, S.S.M.: Privacy-preserving decision trees evaluation via linear functions. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10493, pp. 494–512. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-66399-9_27CrossRefGoogle Scholar
  32. 32.
    Vaidya, J., Yu, H., Jiang, X.: Privacy-preserving SVM classification. Knowl. Inf. Syst. 14(2), 161–178 (2008).  https://doi.org/10.1007/s10115-007-0073-7CrossRefGoogle Scholar
  33. 33.
    Veugen, T.: Improving the DGK comparison protocol. In: 2012 IEEE International Workshop on Information Forensics and Security (WIFS 2012), pp. 49–54. IEEE (2012),  https://doi.org/10.1109/WIFS.2012.6412624
  34. 34.
    Wu, D.J., Feng, T., Naehrig, M., Lauter, K.: Privately evaluating decision trees and random forests. Proc. Priv. Enhancing Technol. 2016(4), 335–355 (2016).  https://doi.org/10.1515/popets-2016-0043
  35. 35.
    Yap, B.W., Ong, S.H., Husain, N.H.M.: Using data mining to improve assessment of credit worthiness via credit scoring models. Expert Syst. Appl. 38(10), 13274–13283 (2011).  https://doi.org/10.1016/j.eswa.2011.04.147CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2018

Authors and Affiliations

  1. 1.NXP SemiconductorsSan JoseUSA
  2. 2.California Institute of TechnologyPasadenaUSA

Personalised recommendations