NoPeek: Information leakage reduction to share activations in distributed deep learning

For distributed machine learning with sensitive data, we demonstrate how minimizing distance correlation between raw data and intermediary representations reduces leakage of sensitive raw data patterns across client communications while maintaining model accuracy. Leakage (measured using distance correlation between input and intermediate representations) is the risk associated with the invertibility of raw data from intermediary representations. This can prevent client entities that hold sensitive data from using distributed deep learning services. We demonstrate that our method is resilient to such reconstruction attacks and is based on reduction of distance correlation between raw data and learned representations during training and inference with image datasets. We prevent such reconstruction of raw data while maintaining information required to sustain good classification accuracies

BLIND: A privacy preserving truth discovery system for mobile crowdsensing

Nowadays, an increasing number of applications exploit users who act as intelligent sensors and can quickly provide high-level information. These users generate valuable data that, if mishandled, could potentially reveal sensitive information. Protecting user privacy is thus of paramount importance for crowdsensing systems. In this paper, we propose BLIND, an innovative open-source truth discovery system designed to improve the quality of information (QoI) through the use of privacy-preserving computation techniques in mobile crowdsensing scenarios. The uniqueness of BLIND lies in its ability to preserve user privacy by ensuring that none of the parties involved are able to identify the source of the information provided. The system uses homomorphic encryption to implement a novel privacy-preserving version of the well-known K-Means clustering algorithm, which directly groups encrypted user data. Outliers are then removed privately without revealing any useful information to the parties involved. We extensively evaluate the proposed system for both server-side and client-side scalability, as well as truth discovery accuracy, using a real-world dataset and a synthetic one, to test the system under challenging conditions. Comparisons with four state-of-the-art approaches show that BLIND optimizes QoI by effectively mitigating the impact of four different security attacks, with higher accuracy and lower communication overhead than its competitors. With the optimizations proposed in this paper, BLIND is up to three times faster than the baseline system, and the obtained Root Mean Squared Error (RMSE) values are up to 42% lower than other state-of-the-art approaches

Image Classification using non-linear Support Vector Machines on Encrypted Data

In image processing, algorithms for object classification are typically based around machine learning. From the algorithm developer\u27s perspective, these can involve a considerable amount of effort and expertise to develop, which makes them commercially valuable. On the other hand, other parties may want to make use of these algorithms to classify their images, while protecting the privacy of their data. In this paper, we show how non-linear Support Vector Machines (SVMs) can be practically used for image classification on data encrypted with a Somewhat Homomorphic Encryption (SHE) scheme. Previous work has shown how an SVM with a linear kernel can be computed on encrypted data, but this only has limited applicability. By enabling SVMs with polynomial kernels, a much larger class of applications are possible with more accuracy in classification results