8,420 research outputs found
VGAN-Based Image Representation Learning for Privacy-Preserving Facial Expression Recognition
Reliable facial expression recognition plays a critical role in human-machine
interactions. However, most of the facial expression analysis methodologies
proposed to date pay little or no attention to the protection of a user's
privacy. In this paper, we propose a Privacy-Preserving Representation-Learning
Variational Generative Adversarial Network (PPRL-VGAN) to learn an image
representation that is explicitly disentangled from the identity information.
At the same time, this representation is discriminative from the standpoint of
facial expression recognition and generative as it allows expression-equivalent
face image synthesis. We evaluate the proposed model on two public datasets
under various threat scenarios. Quantitative and qualitative results
demonstrate that our approach strikes a balance between the preservation of
privacy and data utility. We further demonstrate that our model can be
effectively applied to other tasks such as expression morphing and image
completion
Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications
We present Chameleon, a novel hybrid (mixed-protocol) framework for secure
function evaluation (SFE) which enables two parties to jointly compute a
function without disclosing their private inputs. Chameleon combines the best
aspects of generic SFE protocols with the ones that are based upon additive
secret sharing. In particular, the framework performs linear operations in the
ring using additively secret shared values and nonlinear
operations using Yao's Garbled Circuits or the Goldreich-Micali-Wigderson
protocol. Chameleon departs from the common assumption of additive or linear
secret sharing models where three or more parties need to communicate in the
online phase: the framework allows two parties with private inputs to
communicate in the online phase under the assumption of a third node generating
correlated randomness in an offline phase. Almost all of the heavy
cryptographic operations are precomputed in an offline phase which
substantially reduces the communication overhead. Chameleon is both scalable
and significantly more efficient than the ABY framework (NDSS'15) it is based
on. Our framework supports signed fixed-point numbers. In particular,
Chameleon's vector dot product of signed fixed-point numbers improves the
efficiency of mining and classification of encrypted data for algorithms based
upon heavy matrix multiplications. Our evaluation of Chameleon on a 5 layer
convolutional deep neural network shows 133x and 4.2x faster executions than
Microsoft CryptoNets (ICML'16) and MiniONN (CCS'17), respectively
XONN: XNOR-based Oblivious Deep Neural Network Inference
Advancements in deep learning enable cloud servers to provide
inference-as-a-service for clients. In this scenario, clients send their raw
data to the server to run the deep learning model and send back the results.
One standing challenge in this setting is to ensure the privacy of the clients'
sensitive data. Oblivious inference is the task of running the neural network
on the client's input without disclosing the input or the result to the server.
This paper introduces XONN, a novel end-to-end framework based on Yao's Garbled
Circuits (GC) protocol, that provides a paradigm shift in the conceptual and
practical realization of oblivious inference. In XONN, the costly
matrix-multiplication operations of the deep learning model are replaced with
XNOR operations that are essentially free in GC. We further provide a novel
algorithm that customizes the neural network such that the runtime of the GC
protocol is minimized without sacrificing the inference accuracy.
We design a user-friendly high-level API for XONN, allowing expression of the
deep learning model architecture in an unprecedented level of abstraction.
Extensive proof-of-concept evaluation on various neural network architectures
demonstrates that XONN outperforms prior art such as Gazelle (USENIX
Security'18) by up to 7x, MiniONN (ACM CCS'17) by 93x, and SecureML (IEEE
S&P'17) by 37x. State-of-the-art frameworks require one round of interaction
between the client and the server for each layer of the neural network,
whereas, XONN requires a constant round of interactions for any number of
layers in the model. XONN is first to perform oblivious inference on Fitnet
architectures with up to 21 layers, suggesting a new level of scalability
compared with state-of-the-art. Moreover, we evaluate XONN on four datasets to
perform privacy-preserving medical diagnosis.Comment: To appear in USENIX Security 201
Privacy-preserving scoring of tree ensembles : a novel framework for AI in healthcare
Machine Learning (ML) techniques now impact a wide variety of domains. Highly regulated industries such as healthcare and finance have stringent compliance and data governance policies around data sharing. Advances in secure multiparty computation (SMC) for privacy-preserving machine learning (PPML) can help transform these regulated industries by allowing ML computations over encrypted data with personally identifiable information (PII). Yet very little of SMC-based PPML has been put into practice so far. In this paper we present the very first framework for privacy-preserving classification of tree ensembles with application in healthcare. We first describe the underlying cryptographic protocols that enable a healthcare organization to send encrypted data securely to a ML scoring service and obtain encrypted class labels without the scoring service actually seeing that input in the clear. We then describe the deployment challenges we solved to integrate these protocols in a cloud based scalable risk-prediction platform with multiple ML models for healthcare AI. Included are system internals, and evaluations of our deployment for supporting physicians to drive better clinical outcomes in an accurate, scalable, and provably secure manner. To the best of our knowledge, this is the first such applied framework with SMC-based privacy-preserving machine learning for healthcare
Towards Fleet-wide Sharing of Wind Turbine Condition Information through Privacy-preserving Federated Learning
Terabytes of data are collected every day by wind turbine manufacturers from
their fleets. The data contain valuable real-time information for turbine
health diagnostics and performance monitoring, for predicting rare failures and
the remaining service life of critical parts. And yet, this wealth of data from
wind turbine fleets remains inaccessible to operators, utility companies, and
researchers as manufacturing companies prefer the privacy of their fleets'
turbine data for business strategic reasons. The lack of data access impedes
the exploitation of opportunities, such as improving data-driven turbine
operation and maintenance strategies and reducing downtimes. We present a
distributed federated machine learning approach that leaves the data on the
wind turbines to preserve the data privacy, as desired by manufacturers, while
still enabling fleet-wide learning on those local data. We demonstrate in two
case studies that wind turbines which are scarce in representative training
data benefit from more accurate fault detection models with federated learning,
while no turbine experiences a loss in model performance by participating in
the federated learning process. When comparing conventional and federated
training processes, the average model training time rises significantly by a
factor of up to 14 in the federated training due to increased communication and
overhead operations. Thus, model training times might constitute an impediment
that needs to be further explored and alleviated in federated learning
applications, especially for large wind turbine fleets
- …