Abstract
Machine learning classification has been successfully applied in numerous applications, such as healthcare, finance, and more. Outsourcing classification services to the cloud has become an intriguing practice as this brings many prominent benefits like ease of management and scalability. Such outsourcing, however, raises critical privacy concerns to both the machine learning model provider and the client interested in using the classification service. In this paper, we focus on classification outsourcing with decision trees, one of the most popular classifiers. We propose for the first time a secure framework allowing decision tree based classification outsourcing while maintaining the confidentiality of the provider’s model (parameters) and the client’s input feature vector. Our framework requires no interaction from the provider and the client—they can go offline after the initial submission of their respective encrypted inputs to the cloud. This is a distinct advantage over prior art for practical deployment, as they all work under the client-provider setting where synchronous online interactions between the provider and client is required. Leveraging the lightweight additive secret sharing technique, we build our protocol from the ground up to enable secure and efficient outsourcing of decision tree evaluation, tailored to address the challenges posed by secure in-the-cloud dealing with versatile components including input feature selection, decision node evaluation, path evaluation, and classification generation. Through evaluation we show the practical performance of our design, and the substantial client-side savings over prior art, say up to four orders of magnitude in computation and 163\(\times \) in communication.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Azar, A.T., El-Metwally, S.M.: Decision tree classifiers for automated medical diagnosis. Neural Comput. Appl. 23(7–8), 2387–2403 (2013)
Baldimtsi, F., Papadopoulos, D., Papadopoulos, S., Scafuro, A., Triandopoulos, N.: Server-aided secure computation with off-line parties. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10492, pp. 103–123. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66402-6_8
Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420–432. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_34
Bost, R., Popa, R.A., Tu, S., Goldwasser, S.: Machine learning classification over encrypted data. In: Proceedings of NDSS (2015)
Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. In: Proceediongs of ITCS (2012)
Cai, C., Zheng, Y., Wang, C.: Leveraging crowdsensed data streams to discover and sell knowledge: a secure and efficient realization. In: Proceedings of IEEE ICDCS (2018)
Cock, M.D., et al.: Efficient and private scoring of decision trees, support vector machines and logistic regression models based on pre-computation. IEEE Trans. Dependable Secure Comput. 16(2), 217–230 (2017). 101109/TDSC20172679189
Erkin, Z., Veugen, T., Toft, T., Lagendijk, R.L.: Generating private recommendations efficiently using homomorphic encryption and data packing. IEEE Trans. Inf. Forensics Secur. 7(3), 1053–1066 (2012)
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or A completeness theorem for protocols with honest majority. In: Proceedings of ACM STOC (1987)
Joye, M., Salehi, F.: Private yet efficient decision tree evaluation. In: Kerschbaum, F., Paraboschi, S. (eds.) DBSec 2018. LNCS, vol. 10980, pp. 243–259. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-95729-6_16
Juvekar, C., Vaikuntanathan, V., Chandrakasan, A.: GAZELLE: A low latency framework for secure neural network inference. In: Proceedings of USENIX Security Symposium (2018)
Kiss, Á., Naderpour, M., Liu, J., Asokan, N., Schneider, T.: Sok: modular and efficient private decision tree evaluation. PoPETs 2019(2), 187–208 (2019)
Libbrecht, M.W., Noble, W.S.: Machine learning applications in genetics and genomics. Nat. Rev. Genet. 16(6), 321–332 (2015)
Liu, J., Juuti, M., Lu, Y., Asokan, N.: Oblivious neural network predictions via minionn transformations. In: Proceedings of ACM CCS (2017)
Min, J.H., Lee, Y.: Bankruptcy prediction using support vector machine with optimal choice of kernel function parameters. Expert Syst. Appl. 28(4), 603–614 (2005)
Mohassel, P., Zhang, Y.: Secureml: a system for scalable privacy-preserving machine learning. In: Proceedings of IEEE S&P (2017)
Nikolaenko, V., Ioannidis, S., Weinsberg, U., Joye, M., Taft, N., Boneh, D.: Privacy-preserving matrix factorization. In: Proceedings of ACM CCS (2013)
Nikolaenko, V., Weinsberg, U., Ioannidis, S., Joye, M., Boneh, D., Taft, N.: Privacy-preserving ridge regression on hundreds of millions of records. In: Proceedings of IEEE SP (2013)
Riazi, M.S., Weinert, C., Tkachenko, O., Songhori, E.M., Schneider, T., Koushanfar, F.: Chameleon: a hybrid secure computation framework for machine learning applications. In: Proceedings of AsiaCCS (2018)
Tai, R.K.H., Ma, J.P.K., Zhao, Y., Chow, S.S.M.: Privacy-preserving decision trees evaluation via linear functions. In: Proceedins of ESORICS (2017)
Tueno, A., Kerschbaum, F., Katzenbeisser, S.: Private evaluation of decision trees using sublinear cost. PoPETs 2019(1), 266–286 (2019)
Wagh, S., Gupta, D., Chandran, N.: Securenn: efficient and private neural network training. PoPETs 2019(3), 26–49 (2019)
Wang, Q., Wang, J., Hu, S., Zou, Q., Ren, K.: Sechog: privacy-preserving outsourcing computation of histogram of oriented gradients in the cloud. In: Proceedings of ACM AsiaCCS (2016)
Wu, D.J., Feng, T., Naehrig, M., Lauter, K.E.: Privately evaluating decision trees and random forests. PoPETs 2016(4), 335–355 (2016)
Yao, A.C.: How to generate and exchange secrets. In: Proceedings of FOCS (1986)
Yap, B.W., Ong, S., Husain, N.H.M.: Using data mining to improve assessment of credit worthiness via credit scoring models. Expert Syst. Appl. 38(10), 13274–13283 (2011)
Zheng, Y., Cui, H., Wang, C., Zhou, J.: Privacy-preserving image denoising from external cloud databases. IEEE Trans. Inf. Forensics Secur. 12(6), 1285–1298 (2017)
Zheng, Y., Duan, H., Wang, C.: Learning the truth privately and confidently: encrypted confidence-aware truth discovery in mobile crowdsensing. IEEE Trans. Inf. Forensics Secur. 13(10), 2475–2489 (2018)
Ziegeldorf, J.H., Metzke, J., Rüth, J., Henze, M., Wehrle, K.: Privacy-preserving HMM forward computation. In: Proceedings of CODASPY (2017)
Acknowledgement
This work was supported in part by the Research Grants Council of Hong Kong under Grants CityU 11276816, CityU 11212717, and CityU C1008-16G, by the Innovation and Technology Commission of Hong Kong under ITF Project ITS/168/17, and by the National Natural Science Foundation of China under Grant 61572412.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Zheng, Y., Duan, H., Wang, C. (2019). Towards Secure and Efficient Outsourcing of Machine Learning Classification. In: Sako, K., Schneider, S., Ryan, P. (eds) Computer Security – ESORICS 2019. ESORICS 2019. Lecture Notes in Computer Science(), vol 11735. Springer, Cham. https://doi.org/10.1007/978-3-030-29959-0_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-29959-0_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-29958-3
Online ISBN: 978-3-030-29959-0
eBook Packages: Computer ScienceComputer Science (R0)