Secure neuroimaging analysis using federated learning with homomorphic encryption

Stripelis, Dimitris; Saleem, Hamza; Ghai, Tanmay; Dhinagar, Nikhil J.; Gupta, Umang; Anastasiou, Chrysovalantis; Steeg, Greg Ver; Ravi, Srivatsan; Naveed, Muhammad; Thompson, Paul M.; Ambite, José Luis

doi:10.1117/12.2606256

Cited by 42 publications

(27 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Cryptographic techniques require that both the client and aggregation ES operate on encrypted messages. Two of the most widely used privacy-preserving algorithms are homomorphic encryption [73,74,75,76] and multi-party computation [77,78,79]. On the other hand, differential privacy introduces random noise to either the data or the model parameters [80,81,82,83].…”

Section: ) Federated Learningmentioning

confidence: 99%

Enabling All In-Edge Deep Learning: A Literature Review

et al. 2023

View full text Add to dashboard Cite

In recent years, deep learning (DL) models have demonstrated remarkable achievements on non-trivial tasks such as speech recognition, image processing, and natural language understanding. One of the significant contributors to its success is the proliferation of end devices that acted as a catalyst to provide data for data-hungry DL models. However, computing DL training and inference is the main challenge. Usually, central cloud servers are used for the computation, but it opens up other significant challenges, such as high latency, increased communication costs, and privacy concerns. To mitigate these drawbacks, considerable efforts have been made to push the processing of DL models to edge servers (a mesh of computing devices near end devices). Moreover, the confluence point of DL and edge has given rise to edge intelligence (EI). International Electrotechnical Commission (IEC) defines EI as the concept where the data is acquired, stored, and processed utilizing edge computing with DL and advanced networking capabilities. Broadly, EI has six levels of categories based on where the training and inference of DL take place, e.g., cloud server, edge server and end devices. This survey paper focuses primarily on the fifth level of EI, called all in-edge level, where DL training and inference (deployment) are performed solely by edge servers. All in-edge is suitable when the end devices have low computing resources, e.g., Internet-of-Things, and other requirements such as latency and communication cost are important such as in mission-critical applications (e.g., health care). Besides, 5G/6G networks are envisioned to use all in-edge. Firstly, this paper presents all in-edge computing architectures, including centralized, decentralized, and distributed. Secondly, this paper presents enabling technologies, such as model parallelism, data parallelism, and split learning, which facilitates DL training and deployment at edge servers. Thirdly, model adaptation techniques based on model compression and conditional computation are described because the standard cloud-based DL deployment cannot be directly applied to all in-edge due to its limited computational resources. Fourthly, this paper discusses eleven key performance metrics to evaluate the performance of DL at all in-edge efficiently. Finally, several open research challenges in the area of all in-edge are presented. INDEX TERMS Artificial intelligence, all in-edge, deep learning, distributed systems, decentralized systems, edge intelligence I. INTRODUCTION T HE global community is increasingly becoming a datadriven environment in which end devices are generating vast quantities of data outside of the traditional data centers. International Telecommunication Union anticipates that global internet traffic per month will reach 607 Exabytes (EB) in 2025 and 5016 EB in 2030 [1]. This enormous amount of data has a positive impact on artificial intelligence (AI) applications. In particular, deep learning (DL) rely on the availability of large quantities of data for its d...

show abstract

Section: ) Federated Learningmentioning

confidence: 99%

Enabling All In-Edge Deep Learning: A Literature Review

et al. 2023

View full text Add to dashboard Cite

show abstract

“…We use homomorphic encryption to communicate the (encrypted) local and global models between the Federation Controller and the learners, and compute the new global model by aggregating learners' local models in encrypted space. Figure 4 We had used a similar training pipeline in [61]. However, in our previous work we encrypted the entire model into a single ciphertext, which created scalability issues for large models.…”

Section: Learning Under Homomorphic Encryptionmentioning

confidence: 99%

Secure Federated Learning for Neuroimaging

Stripelis¹,

Gupta²,

Saleem³

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

The amount of biomedical data continues to grow rapidly. However, the ability to collect data from multiple sites for joint analysis remains challenging due to security, privacy, and regulatory concerns.We present a Secure Federated Learning architecture, MetisFL, which enables distributed training of neural networks over multiple data sources without sharing data. Each site trains the neural network over its private data for some time, then shares the neural network parameters (i.e., weights, gradients) with a Federation Controller, which in turn aggregates the local models, sends the resulting community model back to each site, and the process repeats.Our architecture provides strong security and privacy. First, sample data never leaves a site. Second, neural parameters are encrypted before transmission and the community model is computed under fully-homomorphic encryption. Finally, we use information-theoretic methods to limit information leakage from the neural model to prevent a "curious" site from performing membership attacks.We demonstrate this architecture in neuroimaging. Specifically, we investigate training neural models to classify Alzheimer's disease, and estimate Brain Age, from magnetic resonance imaging datasets distributed across multiple sites, including heterogeneous environments where sites have different amounts of data, statistical distributions, and computational capabilities.

show abstract

“…The secret key can be generated via interactions between users [108], [109], [110] or with the assistance of a trusted third party [111], [112], [113], [114], [115]. Besides, the crypto-system can be instantiated in different way to provide different security level, e.g., whether post-quantum or not, such as RSA-based [116], BGN-based [117], ElGamal-based [25], Paillier-based [108], [109], [112], [114], [118], [119], [120], [120], [121], lattice-based crypto-system [122], [123]. However, the above-mentioned schemes require rigorous security assumption that all users are at least semi-honest while there is no collusion between any user and the central server.…”

Section: He-based Aggregationmentioning

confidence: 99%

Privacy-Preserving Aggregation in Federated Learning: A Survey

Liu¹,

Guo²,

Yang³

et al. 2022

Preprint

View full text Add to dashboard Cite

Over the recent years, with the increasing adoption of Federated Learning (FL) algorithms and growing concerns over personal data privacy, Privacy-Preserving Federated Learning (PPFL) has attracted tremendous attention from both academia and industry. Practical PPFL typically allows multiple participants to individually train their machine learning models, which are then aggregated to construct a global model in a privacy-preserving manner. As such, Privacy-Preserving Aggregation (PPAgg) as the key protocol in PPFL has received substantial research interest. This survey aims to fill the gap between a large number of studies on PPFL, where PPAgg is adopted to provide a privacy guarantee, and the lack of a comprehensive survey on the PPAgg protocols applied in FL systems. In this survey, we review the PPAgg protocols proposed to address privacy and security issues in FL systems. The focus is placed on the construction of PPAgg protocols with an extensive analysis of the advantages and disadvantages of these selected PPAgg protocols and solutions. Additionally, we discuss the open-source FL frameworks that support PPAgg. Finally, we highlight important challenges and future research directions for applying PPAgg to FL systems and the combination of PPAgg with other technologies for further security improvement.

show abstract

Secure neuroimaging analysis using federated learning with homomorphic encryption

Cited by 42 publications

References 25 publications

Enabling All In-Edge Deep Learning: A Literature Review

Enabling All In-Edge Deep Learning: A Literature Review

Secure Federated Learning for Neuroimaging

Privacy-Preserving Aggregation in Federated Learning: A Survey

Contact Info

Product

Resources

About