Neural Network Training on Encrypted Data with TFHE

• URL: http://arxiv.org/abs/2401.16136v1
• Date: Mon, 29 Jan 2024 13:07:08 GMT
• Title: Neural Network Training on Encrypted Data with TFHE
• Authors: Luis Montero, Jordan Frery, Celia Kherfallah, Roman Bredehoft, Andrei Stoian
• Abstract summary: We present an approach to outsourcing of training neural networks while preserving data confidentiality from malicious parties. We use fully homomorphic encryption to build a unified training approach that works on encrypted data and learns quantized neural network models.
• Score: 0.0
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: We present an approach to outsourcing of training neural networks while preserving data confidentiality from malicious parties. We use fully homomorphic encryption to build a unified training approach that works on encrypted data and learns quantized neural network models. The data can be horizontally or vertically split between multiple parties, enabling collaboration on confidential data. We train logistic regression and multi-layer perceptrons on several datasets.

Related papers

• Deep Internal Learning: Deep Learning from a Single Input [88.59966585422914]
  In many cases there is value in training a network just from the input at hand. This is particularly relevant in many signal and image processing problems where training data is scarce and diversity is large. This survey paper aims at covering deep internal-learning techniques that have been proposed in the past few years for these two important directions.
  arXiv  Detail & Related papers  (2023-12-12T16:48:53Z)
• Assessing Neural Network Representations During Training Using Noise-Resilient Diffusion Spectral Entropy [55.014926694758195]
  Entropy and mutual information in neural networks provide rich information on the learning process. We leverage data geometry to access the underlying manifold and reliably compute these information-theoretic measures. We show that they form noise-resistant measures of intrinsic dimensionality and relationship strength in high-dimensional simulated data.
  arXiv  Detail & Related papers  (2023-12-04T01:32:42Z)
• Reconstructing Training Data from Model Gradient, Provably [68.21082086264555]
  We reconstruct the training samples from a single gradient query at a randomly chosen parameter value. As a provable attack that reveals sensitive training data, our findings suggest potential severe threats to privacy.
  arXiv  Detail & Related papers  (2022-12-07T15:32:22Z)
• Reconstructing Training Data from Trained Neural Networks [42.60217236418818]
  We show in some cases a significant fraction of the training data can in fact be reconstructed from the parameters of a trained neural network classifier. We propose a novel reconstruction scheme that stems from recent theoretical results about the implicit bias in training neural networks with gradient-based methods.
  arXiv  Detail & Related papers  (2022-06-15T18:35:16Z)
• Secure & Private Federated Neuroimaging [17.946206585229675]
  Federated Learning enables distributed training of neural network models over multiple data sources without sharing data. Each site trains the neural network over its private data for some time, then shares the neural network parameters with a Federation Controller. Our Federated Learning architecture, MetisFL, provides strong security and privacy.
  arXiv  Detail & Related papers  (2022-05-11T03:36:04Z)
• Truth Serum: Poisoning Machine Learning Models to Reveal Their Secrets [53.866927712193416]
  We show that an adversary who can poison a training dataset can cause models trained on this dataset to leak private details belonging to other parties. Our attacks are effective across membership inference, attribute inference, and data extraction. Our results cast doubts on the relevance of cryptographic privacy guarantees in multiparty protocols for machine learning.
  arXiv  Detail & Related papers  (2022-03-31T18:06:28Z)
• Data-driven emergence of convolutional structure in neural networks [83.4920717252233]
  We show how fully-connected neural networks solving a discrimination task can learn a convolutional structure directly from their inputs. By carefully designing data models, we show that the emergence of this pattern is triggered by the non-Gaussian, higher-order local structure of the inputs.
  arXiv  Detail & Related papers  (2022-02-01T17:11:13Z)
• NeuraCrypt: Hiding Private Health Data via Random Neural Networks for Public Training [64.54200987493573]
  We propose NeuraCrypt, a private encoding scheme based on random deep neural networks. NeuraCrypt encodes raw patient data using a randomly constructed neural network known only to the data-owner. We show that NeuraCrypt achieves competitive accuracy to non-private baselines on a variety of x-ray tasks.
  arXiv  Detail & Related papers  (2021-06-04T13:42:21Z)
• NN-EMD: Efficiently Training Neural Networks using Encrypted Multi-Sourced Datasets [7.067870969078555]
  Training a machine learning model over an encrypted dataset is an existing promising approach to address the privacy-preserving machine learning task. We propose a novel framework, NN-EMD, to train a deep neural network (DNN) model over multiple datasets collected from multiple sources. We evaluate our framework for performance with regards to the training time and model accuracy on the MNIST datasets.
  arXiv  Detail & Related papers  (2020-12-18T23:01:20Z)
• Towards Scalable and Privacy-Preserving Deep Neural Network via Algorithmic-Cryptographic Co-design [28.789702559193675]
  We propose SPNN - a Scalable and Privacy-preserving deep Neural Network learning framework. From cryptographic perspective, we propose using two types of cryptographic techniques, i.e., secret sharing and homomorphic encryption. Experimental results conducted on real-world datasets demonstrate the superiority of SPNN.
  arXiv  Detail & Related papers  (2020-12-17T02:26:16Z)
• POSEIDON: Privacy-Preserving Federated Neural Network Learning [8.103262600715864]
  POSEIDON is a first of its kind in the regime of privacy-preserving neural network training. It employs multiparty lattice-based cryptography to preserve the confidentiality of the training data, the model, and the evaluation data. It trains a 3-layer neural network on the MNIST dataset with 784 features and 60K samples distributed among 10 parties in less than 2 hours.
  arXiv  Detail & Related papers  (2020-09-01T11:06:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.