69,094 research outputs found
Privacy-Preserving Deep Learning With Homomorphic Encryption: An Introduction
Privacy-preserving deep learning with homomorphic encryption (HE) is a novel and promising research area aimed at designing deep learning solutions that operate while guaranteeing the privacy of user data. Designing privacy-preserving deep learning solutions requires one to completely rethink and redesign deep learning models and algorithms to match the severe technological and algorithmic constraints of HE. This paper provides an introduction to this complex research area as well as a methodology for designing privacy-preserving convolutional neural networks (CNNs). This methodology was applied to the design of a privacy-preserving version of the well-known LeNet-1 CNN, which was successfully operated on two benchmark datasets for image classification. Furthermore, this paper details and comments on the research challenges and software resources available for privacy-preserving deep learning with HE
Preserving Differential Privacy in Convolutional Deep Belief Networks
The remarkable development of deep learning in medicine and healthcare domain
presents obvious privacy issues, when deep neural networks are built on users'
personal and highly sensitive data, e.g., clinical records, user profiles,
biomedical images, etc. However, only a few scientific studies on preserving
privacy in deep learning have been conducted. In this paper, we focus on
developing a private convolutional deep belief network (pCDBN), which
essentially is a convolutional deep belief network (CDBN) under differential
privacy. Our main idea of enforcing epsilon-differential privacy is to leverage
the functional mechanism to perturb the energy-based objective functions of
traditional CDBNs, rather than their results. One key contribution of this work
is that we propose the use of Chebyshev expansion to derive the approximate
polynomial representation of objective functions. Our theoretical analysis
shows that we can further derive the sensitivity and error bounds of the
approximate polynomial representation. As a result, preserving differential
privacy in CDBNs is feasible. We applied our model in a health social network,
i.e., YesiWell data, and in a handwriting digit dataset, i.e., MNIST data, for
human behavior prediction, human behavior classification, and handwriting digit
recognition tasks. Theoretical analysis and rigorous experimental evaluations
show that the pCDBN is highly effective. It significantly outperforms existing
solutions
Share your Model instead of your Data: Privacy Preserving Mimic Learning for Ranking
Deep neural networks have become a primary tool for solving problems in many
fields. They are also used for addressing information retrieval problems and
show strong performance in several tasks. Training these models requires large,
representative datasets and for most IR tasks, such data contains sensitive
information from users. Privacy and confidentiality concerns prevent many data
owners from sharing the data, thus today the research community can only
benefit from research on large-scale datasets in a limited manner. In this
paper, we discuss privacy preserving mimic learning, i.e., using predictions
from a privacy preserving trained model instead of labels from the original
sensitive training data as a supervision signal. We present the results of
preliminary experiments in which we apply the idea of mimic learning and
privacy preserving mimic learning for the task of document re-ranking as one of
the core IR tasks. This research is a step toward laying the ground for
enabling researchers from data-rich environments to share knowledge learned
from actual users' data, which should facilitate research collaborations.Comment: SIGIR 2017 Workshop on Neural Information Retrieval
(Neu-IR'17)}{}{August 7--11, 2017, Shinjuku, Tokyo, Japa
NegDL: Privacy-Preserving Deep Learning Based on Negative Database
In the era of big data, deep learning has become an increasingly popular
topic. It has outstanding achievements in the fields of image recognition,
object detection, and natural language processing et al. The first priority of
deep learning is exploiting valuable information from a large amount of data,
which will inevitably induce privacy issues that are worthy of attention.
Presently, several privacy-preserving deep learning methods have been proposed,
but most of them suffer from a non-negligible degradation of either efficiency
or accuracy. Negative database (\textit{NDB}) is a new type of data
representation which can protect data privacy by storing and utilizing the
complementary form of original data. In this paper, we propose a
privacy-preserving deep learning method named NegDL based on \textit{NDB}.
Specifically, private data are first converted to \textit{NDB} as the input of
deep learning models by a generation algorithm called \textit{QK}-hidden
algorithm, and then the sketches of \textit{NDB} are extracted for training and
inference. We demonstrate that the computational complexity of NegDL is the
same as the original deep learning model without privacy protection.
Experimental results on Breast Cancer, MNIST, and CIFAR-10 benchmark datasets
demonstrate that the accuracy of NegDL could be comparable to the original deep
learning model in most cases, and it performs better than the method based on
differential privacy
- …