Privacy-Preserving Gaussian Process Regression – A Modular Approach to the Application of Homomorphic Encryption

Fenner, Peter; Pyzer‐Knapp, Edward O.

doi:10.1609/aaai.v34i04.5799

Cited by 14 publications

(6 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…HE allows models to use encrypted data as input and ouput encrypted results, then the clients can decrypt them and get the results they want without data leakage. Many basic machine learning algorithms can be implemented with HE (Du et al, 2017;Bost et al, 2014;Fenner & Pyzer-Knapp, 2020). In some cases, data from different enterprises must be used to obtain a better model, but no one wants to leak their data.…”

Section: Privacy-preserving Methods For Machine Learningmentioning

confidence: 99%

DPSNN: A Differentially Private Spiking Neural Network

Wang¹,

Zhao²,

Shen³

et al. 2022

Preprint

View full text Add to dashboard Cite

Privacy-preserving is a key problem for the machine learning algorithm. Spiking neural network (SNN) plays an important role in many domains, such as image classification, object detection, and speech recognition, but the study on the privacy protection of SNN is urgently needed. This study combines the differential privacy (DP) algorithm and SNN and proposes differentially private spiking neural network (DPSNN). DP injects noise into the gradient, and SNN transmits information in discrete spike trains so that our differentially private SNN can maintain strong privacy protection while still ensuring high accuracy. We conducted experiments on MNIST, Fashion-MNIST, and the face recognition dataset Extended YaleB. When the privacy protection is improved, the accuracy of the artificial neural network(ANN) drops significantly, but our algorithm shows little change in performance. Meanwhile, we analyzed different factors that affect the privacy protection of SNN. Firstly, the less precise the surrogate gradient is, the better the privacy protection of the SNN. Secondly, the Integrate-And-Fire (IF) neurons perform better than leaky Integrate-And-Fire (LIF) neurons. Thirdly, a large time window contributes more to privacy protection and performance.

show abstract

Section: Privacy-preserving Methods For Machine Learningmentioning

confidence: 99%

DPSNN: A Differentially Private Spiking Neural Network

Wang¹,

Zhao²,

Shen³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Finally, HE has been introduced in constructing the GP [25] for protecting data privacy. HE requires that the ciphertext can be directly operated algebraically (typically by addition or multiplication), and the result must be the same as that obtained by using plaintext operations followed by encryption.…”

Section: B Privacy-preserving Mechanisms In Bayesian Optimizationmentioning

confidence: 99%

“…HE is also studied along the line of BO to handle expensive problems, where computational cost is a key consideration. To reduce the computational cost, a modular approach to GP modeling is suggested [25]. As an extension of privacy-preserving GP regression to BO, the GP must be updated iteratively, making it computationally prohibitive.…”

Section: B Privacy-preserving Mechanisms In Bayesian Optimizationmentioning

confidence: 99%

A Secure Federated Data-Driven Evolutionary Multi-objective Optimization Algorithm

Liu¹,

Yan²,

Ligeti³

et al. 2022

Preprint

View full text Add to dashboard Cite

“…being exposed to the cloud server. A lot of work [91,79,66,37,174,125,168,100,142,169,34,163,97,271,164] emerged in order to address data leakage in the inference phase, and we will describe these studies in detail afterwards.…”

Section: Threats In Development Of Federated Learningmentioning

confidence: 99%

“…By using polynomials to approximate nonlinear activation functions, such as ReLU, Sigmoid, etc., they achieve the expected prediction performance of 99% on MNIST. Subsequently, to address the problem that HE is difficult to achieve secure computation of nonlinear operations, Fenner and Pyzer-Knapp [66] proposes a way of server-user interaction. Specifically, the server first completes the linear computation of SFI in the ciphertext state and sends the computation result to the user.…”

Section: Model Securitymentioning

confidence: 99%

A survey on security and privacy threats to federated learning

Zhang

Zeng

et al. 2021

2021 International Conference on Networking and Network Applications (NaNA)

View full text Add to dashboard Cite

Trustworthy artificial intelligence (AI) technology has revolutionized daily life and greatly benefited human society. Among various AI technologies, Federated Learning (FL) stands out as a promising solution for diverse real-world scenarios, ranging from risk evaluation systems in finance to cutting-edge technologies like drug discovery in life sciences. However, challenges around data isolation and privacy threaten the trustworthiness of FL systems. Adversarial attacks against data privacy, learning algorithm stability, and system confidentiality are particularly concerning in the context of distributed training in federated learning. Therefore, it is crucial to develop FL in a trustworthy manner, with a focus on security, robustness, and privacy. In this survey, we propose a comprehensive roadmap for developing trustworthy FL systems and summarize existing efforts from three key aspects: security, robustness, and privacy. We outline the threats that pose vulnerabilities to trustworthy federated learning across different stages of development, including data processing, model training, and deployment. To guide the selection of the most appropriate defense methods, we discuss specific technical solutions for realizing each aspect of Trustworthy FL (TFL). Our approach differs from previous work that primarily discusses TFL from a legal perspective or presents FL from a high-level, non-technical viewpoint.

show abstract

Privacy-Preserving Gaussian Process Regression – A Modular Approach to the Application of Homomorphic Encryption

Cited by 14 publications

References 7 publications

DPSNN: A Differentially Private Spiking Neural Network

DPSNN: A Differentially Private Spiking Neural Network

A Secure Federated Data-Driven Evolutionary Multi-objective Optimization Algorithm

A survey on security and privacy threats to federated learning

Contact Info

Product

Resources

About