Lightweight Privacy-preserving Training and Evaluation for Discretized Neural NetworksShow others and affiliations
2020 (English)In: IEEE Internet of Things Journal, ISSN 2327-4662, Vol. 7, no 4, p. 2663-2678Article in journal (Refereed) Published
Abstract [en]
Machine learning, particularly the neural network, is extensively exploited in dizzying applications. In order to reduce the burden of computing for resource-constrained clients, a large number of historical private datasets are required to be outsourced to the semi-trusted or malicious cloud for model training and evaluation. To achieve privacy preservation, most of the existing work either exploited the technique of public key fully homomorphic encryption (FHE) resulting in considerable computational cost and ciphertext expansion, or secure multiparty computation (SMC) requiring multiple rounds of interactions between user and cloud. To address these issues, in this paper, a lightweight privacy-preserving model training and evaluation scheme LPTE for discretized neural networks is proposed. Firstly, we put forward an efficient single key fully homomorphic data encapsulation mechanism (SFH-DEM) without exploiting public key FHE. Based on SFH-DEM, a series of atomic calculations over the encrypted domain including multivariate polynomial, nonlinear activation function, gradient function and maximum operations are devised as building blocks. Furthermore, a lightweight privacy-preserving model training and evaluation scheme LPTE for discretized neural networks is proposed, which can also be extended to convolutional neural network. Finally, we give the formal security proofs for dataset privacy, model training privacy and model evaluation privacy under the semi-honest environment and implement the experiment on real dataset MNIST for recognizing handwritten numbers in discretized neural network to demonstrate the high efficiency and accuracy of our proposed LPTE.
Place, publisher, year, edition, pages
IEEE, 2020. Vol. 7, no 4, p. 2663-2678
Keywords [en]
Discretized neural networks, privacy-preserving, secure outsourced computation, efficiency, Neural networks, Training, Computational modeling, Data privacy, Public key
National Category
Media and Communication Technology
Research subject
Pervasive Mobile Computing
Identifiers
URN: urn:nbn:se:ltu:diva-76111DOI: 10.1109/JIOT.2019.2942165ISI: 000537136400018Scopus ID: 2-s2.0-85083744687OAI: oai:DiVA.org:ltu-76111DiVA, id: diva2:1354389
Note
Validerad;2020;Nivå 2;2020-04-23 (alebob)
2019-09-252019-09-252020-07-01Bibliographically approved