35 research outputs found
NoPeek: Information leakage reduction to share activations in distributed deep learning
For distributed machine learning with sensitive data, we demonstrate how
minimizing distance correlation between raw data and intermediary
representations reduces leakage of sensitive raw data patterns across client
communications while maintaining model accuracy. Leakage (measured using
distance correlation between input and intermediate representations) is the
risk associated with the invertibility of raw data from intermediary
representations. This can prevent client entities that hold sensitive data from
using distributed deep learning services. We demonstrate that our method is
resilient to such reconstruction attacks and is based on reduction of distance
correlation between raw data and learned representations during training and
inference with image datasets. We prevent such reconstruction of raw data while
maintaining information required to sustain good classification accuracies
BLIND: A privacy preserving truth discovery system for mobile crowdsensing
Nowadays, an increasing number of applications exploit users who act as intelligent sensors and can quickly provide high-level information. These users generate valuable data that, if mishandled, could potentially reveal sensitive information. Protecting user privacy is thus of paramount importance for crowdsensing systems. In this paper, we propose BLIND, an innovative open-source truth discovery system designed to improve the quality of information (QoI) through the use of privacy-preserving computation techniques in mobile crowdsensing scenarios. The uniqueness of BLIND lies in its ability to preserve user privacy by ensuring that none of the parties involved are able to identify the source of the information provided. The system uses homomorphic encryption to implement a novel privacy-preserving version of the well-known K-Means clustering algorithm, which directly groups encrypted user data. Outliers are then removed privately without revealing any useful information to the parties involved. We extensively evaluate the proposed system for both server-side and client-side scalability, as well as truth discovery accuracy, using a real-world dataset and a synthetic one, to test the system under challenging conditions. Comparisons with four state-of-the-art approaches show that BLIND optimizes QoI by effectively mitigating the impact of four different security attacks, with higher accuracy and lower communication overhead than its competitors. With the optimizations proposed in this paper, BLIND is up to three times faster than the baseline system, and the obtained Root Mean Squared Error (RMSE) values are up to 42% lower than other state-of-the-art approaches
Image Classification using non-linear Support Vector Machines on Encrypted Data
In image processing, algorithms for object classification are typically based around machine learning. From the algorithm developer\u27s perspective, these can involve a considerable amount of effort and expertise to develop, which makes them commercially valuable. On the other hand, other parties may want to make use of these algorithms to classify their images, while protecting the privacy of their data. In this paper, we show how non-linear Support Vector Machines (SVMs) can be practically used for image classification on data encrypted with a Somewhat Homomorphic Encryption (SHE) scheme. Previous work has shown how an SVM with a linear kernel can be computed on encrypted data, but this only has limited applicability. By enabling SVMs with polynomial kernels, a much larger class of applications are possible with more accuracy in classification results