Mostree : Malicious Secure Private Decision Tree Evaluation with Sublinear Communication

• URL: http://arxiv.org/abs/2309.17124v1
• Date: Fri, 29 Sep 2023 10:39:25 GMT
• Title: Mostree : Malicious Secure Private Decision Tree Evaluation with Sublinear Communication
• Authors: Jianli Bai, Xiangfu Song, Xiaowu Zhang, Qifan Wang, Shujie Cui, Ee-Chien Chang, Giovanni Russello,
• Abstract summary: Mostree is a PDTE protocol secure in the presence of malicious parties. Mostree combines OS protocols with a tree encoding method and three-party secure computation. We implement Mostree and compare it with the state-of-the-art.
• Score: 21.663065637676326
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: A private decision tree evaluation (PDTE) protocol allows a feature vector owner (FO) to classify its data using a tree model from a model owner (MO) and only reveals an inference result to the FO. This paper proposes Mostree, a PDTE protocol secure in the presence of malicious parties with sublinear communication. We design Mostree in the three-party honest-majority setting, where an (untrusted) computing party (CP) assists the FO and MO in the secure computation. We propose two low-communication oblivious selection (OS) protocols by exploiting nice properties of three-party replicated secret sharing (RSS) and distributed point function. Mostree combines OS protocols with a tree encoding method and three-party secure computation to achieve sublinear communication. We observe that most of the protocol components already maintain privacy even in the presence of a malicious adversary, and what remains to achieve is correctness. To ensure correctness, we propose a set of lightweight consistency checks and seamlessly integrate them into Mostree. As a result, Mostree achieves sublinear communication and malicious security simultaneously. We implement Mostree and compare it with the state-of-the-art. Experimental results demonstrate that Mostree is efficient and comparable to semi-honest PDTE schemes with sublinear communication. For instance, when evaluated on the MNIST dataset in a LAN setting, Mostree achieves an evaluation using approximately 768 ms with communication of around 168 KB.

Related papers

• Bicoptor 2.0: Addressing Challenges in Probabilistic Truncation for Enhanced Privacy-Preserving Machine Learning [6.733212399517445]
  This paper focuses on analyzing the problems and proposing solutions for the probabilistic truncation protocol in existing PPML works. In terms of accuracy, we reveal that precision selections recommended in some of the existing works are incorrect. We propose a solution and a precision selection guideline for future works.
  arXiv  Detail & Related papers  (2023-09-10T01:43:40Z)
• Noisy-Correspondence Learning for Text-to-Image Person Re-identification [50.07634676709067]
  We propose a novel Robust Dual Embedding method (RDE) to learn robust visual-semantic associations even with noisy correspondences. Our method achieves state-of-the-art results both with and without synthetic noisy correspondences on three datasets.
  arXiv  Detail & Related papers  (2023-08-19T05:34:13Z)
• ByzSecAgg: A Byzantine-Resistant Secure Aggregation Scheme for Federated Learning Based on Coded Computing and Vector Commitment [90.60126724503662]
  ByzSecAgg is an efficient secure aggregation scheme for federated learning. ByzSecAgg is protected against Byzantine attacks and privacy leakages.
  arXiv  Detail & Related papers  (2023-02-20T11:15:18Z)
• QuTE: decentralized multiple testing on sensor networks with false discovery rate control [130.7122910646076]
  This paper designs methods for decentralized multiple hypothesis testing on graphs equipped with provable guarantees on the false discovery rate (FDR) We consider the setting where distinct agents reside on the nodes of an undirected graph, and each agent possesses p-values corresponding to one or more hypotheses local to its node. Each agent must individually decide whether to reject one or more of its local hypotheses by only communicating with its neighbors, with the joint aim that the global FDR over the entire graph must be controlled at a predefined level.
  arXiv  Detail & Related papers  (2022-10-09T19:48:39Z)
• Bicoptor: Two-round Secure Three-party Non-linear Computation without Preprocessing for Privacy-preserving Machine Learning [5.774912335678817]
  This work introduces a family of novel secure three-party protocols, Bicoptor, which improve the efficiency of evaluating non-linear functions. Our 3PC sign determination protocol only requires two communication rounds, and does not involve any preprocessing. We evaluate Bicoptor under a 3-party LAN network over a public cloud, and achieve more than 370,000 DReLU/ReLU or 41,000 Maxpool operations per second.
  arXiv  Detail & Related papers  (2022-10-05T02:33:53Z)
• Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive Privacy Analysis and Beyond [57.10914865054868]
  We consider vertical logistic regression (VLR) trained with mini-batch descent gradient. We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
  arXiv  Detail & Related papers  (2022-07-19T05:47:30Z)
• Byzantine-Robust Federated Learning with Optimal Statistical Rates and Privacy Guarantees [123.0401978870009]
  We propose Byzantine-robust federated learning protocols with nearly optimal statistical rates. We benchmark against competing protocols and show the empirical superiority of the proposed protocols. Our protocols with bucketing can be naturally combined with privacy-guaranteeing procedures to introduce security against a semi-honest server.
  arXiv  Detail & Related papers  (2022-05-24T04:03:07Z)
• BEAS: Blockchain Enabled Asynchronous & Secure Federated Machine Learning [0.0]
  We present BEAS, the first blockchain-based framework for N-party Federated Learning. It provides strict privacy guarantees of training data using gradient pruning. Anomaly detection protocols are used to minimize the risk of data-poisoning attacks. We also define a novel protocol to prevent premature convergence in heterogeneous learning environments.
  arXiv  Detail & Related papers  (2022-02-06T17:11:14Z)
• Mitigating Leakage in Federated Learning with Trusted Hardware [0.0]
  In federated learning, multiple parties collaborate in order to train a global model over their respective datasets. Some partial information may still be leaked across parties if this is done non-judiciously. We propose two secure versions relying on trusted execution environments.
  arXiv  Detail & Related papers  (2020-11-10T07:22:51Z)
• An Accurate, Scalable and Verifiable Protocol for Federated Differentially Private Averaging [0.0]
  We tackle challenges regarding the privacy guarantees provided to participants and the correctness of the computation in the presence of malicious parties. Our first contribution is a scalable protocol in which participants exchange correlated Gaussian noise along the edges of a network graph. Our second contribution enables users to prove the correctness of their computations without compromising the efficiency and privacy guarantees of the protocol.
  arXiv  Detail & Related papers  (2020-06-12T14:21:10Z)
• User-Level Privacy-Preserving Federated Learning: Analysis and Performance Optimization [77.43075255745389]
  Federated learning (FL) is capable of preserving private data from mobile terminals (MTs) while training the data into useful models. From a viewpoint of information theory, it is still possible for a curious server to infer private information from the shared models uploaded by MTs. We propose a user-level differential privacy (UDP) algorithm by adding artificial noise to the shared models before uploading them to servers.
  arXiv  Detail & Related papers  (2020-02-29T10:13:39Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.