Privacy-Preserving Machine Learning in Untrusted Clouds Made Simple

• URL: http://arxiv.org/abs/2009.04390v1
• Date: Wed, 9 Sep 2020 16:16:06 GMT
• Title: Privacy-Preserving Machine Learning in Untrusted Clouds Made Simple
• Authors: Dayeol Lee, Dmitrii Kuvaiskii, Anjo Vahldiek-Oberwagner, Mona Vij
• Abstract summary: We present a practical framework to deploy privacy-preserving machine learning applications in untrusted clouds. We shield unmodified PyTorch ML applications by running them in Intel SGX enclaves with model parameters and encrypted input data. Our approach is completely transparent to the machine learning application: the developer and the end-user do not need to modify the application in any way.
• Score: 2.3518279773643287
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: We present a practical framework to deploy privacy-preserving machine learning (PPML) applications in untrusted clouds based on a trusted execution environment (TEE). Specifically, we shield unmodified PyTorch ML applications by running them in Intel SGX enclaves with encrypted model parameters and encrypted input data to protect the confidentiality and integrity of these secrets at rest and during runtime. We use the open-source Graphene library OS with transparent file encryption and SGX-based remote attestation to minimize porting effort and seamlessly provide file protection and attestation. Our approach is completely transparent to the machine learning application: the developer and the end-user do not need to modify the ML application in any way.

Related papers

• Confidential Prompting: Protecting User Prompts from Cloud LLM Providers [0.688204255655161]
  We introduce Secure Multi-party Decoding (SMD) to confine user prompts to a trusted execution environment. We also introduce a novel cryptographic method, Prompt Obfuscation (PO) to ensure robustness against reconstruction attacks. Our solution can enable privacy-preserving cloud LLM services that handle sensitive prompts, such as clinical records, financial data, and personal information.
  arXiv  Detail & Related papers  (2024-09-27T20:32:42Z)
• CRISP: Confidentiality, Rollback, and Integrity Storage Protection for Confidential Cloud-Native Computing [0.757843972001219]
  Cloud-native applications rely on orchestration and have their services frequently restarted. During restarts, attackers can revert the state of confidential services to a previous version that may aid their malicious intent. This paper presents CRISP, a rollback protection mechanism that uses an existing runtime for Intel SGX and transparently prevents rollback.
  arXiv  Detail & Related papers  (2024-08-13T11:29:30Z)
• Instructional Fingerprinting of Large Language Models [57.72356846657551]
  We present a pilot study on fingerprinting Large language models (LLMs) as a form of very lightweight instruction tuning. Results on 11 popularly-used LLMs showed that this approach is lightweight and does not affect the normal behavior of the model. It also prevents publisher overclaim, maintains robustness against fingerprint guessing and parameter-efficient training, and supports multi-stage fingerprinting akin to MIT License.
  arXiv  Detail & Related papers  (2024-01-21T09:51:45Z)
• HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
  Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
  arXiv  Detail & Related papers  (2024-01-17T00:56:23Z)
• DP-OPT: Make Large Language Model Your Privacy-Preserving Prompt Engineer [57.04801796205638]
  Large Language Models (LLMs) have emerged as dominant tools for various tasks. However, concerns surrounding data privacy present obstacles due to the tuned prompts' dependency on sensitive private information. We present Differentially-Private Offsite Prompt Tuning (DP-OPT) to address this challenge.
  arXiv  Detail & Related papers  (2023-11-27T02:01:10Z)
• Learning in the Dark: Privacy-Preserving Machine Learning using Function Approximation [1.8907108368038215]
  Learning in the Dark is a privacy-preserving machine learning model that can classify encrypted images with high accuracy. It is capable of performing high accuracy predictions by performing computations directly on encrypted data.
  arXiv  Detail & Related papers  (2023-09-15T06:45:58Z)
• THE-X: Privacy-Preserving Transformer Inference with Homomorphic Encryption [112.02441503951297]
  Privacy-preserving inference of transformer models is on the demand of cloud service users. We introduce $textitTHE-X$, an approximation approach for transformers, which enables privacy-preserving inference of pre-trained models.
  arXiv  Detail & Related papers  (2022-06-01T03:49:18Z)
• secureTF: A Secure TensorFlow Framework [1.1006321791711173]
  secureTF is a distributed machine learning framework based on the onflow for the cloud infrastructure. SecureTF supports unmodified applications, while providing end-to-end security for the input data, ML model, and application code. This paper reports on our experiences about the system design choices and the system deployment in production use-cases.
  arXiv  Detail & Related papers  (2021-01-20T16:36:53Z)
• Privacy-Preserving XGBoost Inference [0.6345523830122165]
  A major barrier to adoption is the sensitive nature of predictive queries. One central goal of privacy-preserving machine learning (PPML) is to enable users to submit encrypted queries to a remote ML service. We propose a privacy-preserving XGBoost prediction algorithm, which we have implemented and evaluated empirically on AWS SageMaker.
  arXiv  Detail & Related papers  (2020-11-09T21:46:07Z)
• A Privacy-Preserving Distributed Architecture for Deep-Learning-as-a-Service [68.84245063902908]
  This paper introduces a novel distributed architecture for deep-learning-as-a-service. It is able to preserve the user sensitive data while providing Cloud-based machine and deep learning services.
  arXiv  Detail & Related papers  (2020-03-30T15:12:03Z)
• CryptoSPN: Privacy-preserving Sum-Product Network Inference [84.88362774693914]
  We present a framework for privacy-preserving inference of sum-product networks (SPNs) CryptoSPN achieves highly efficient and accurate inference in the order of seconds for medium-sized SPNs.
  arXiv  Detail & Related papers  (2020-02-03T14:49:18Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.