Secure Privacy Preserving Deep Learning

Deep learning with neural networks has become a highly popular machine learning method due to recent breakthroughs in computer vision, speech recognition, and other areas. However, the deep learning algorithms requires access to raw data which is often privacy sensitive. On the other hand, deep learning systems can be fragile and easily fooled. For example, an attacker could add adversarial perturbations often invisible to human vision to an image to cause a deep neural network to misclassify the perturbed image. Such attacks go beyond image classification, and are effective across different neural network architectures and applications. This project investigates a novel combination of techniques enabling secure, privacy-preserving deep learning. Our approach employs a combination of homomorphic encryption, secure multi-party computation (SMC), differential privacy techniques to develop secure private deep learning algorithms to provide guaranteed privacy and provable security.

Related Publications:

  • Ehsan Hesamifard, Hassan Takabi, Mehdi Ghasemi, and Rebecca N. Wright. 2018. Privacy-preserving Machine Learning as a Service. Proceedings on Privacy Enhancing Technologies, 3, pp.123-142. Pdf  Bibtex
  • Ehsan Hesamifard, Hassan Takabi, Mehdi Ghasemi, and Catherine Jones. 2017. Privacy-preserving Machine Learning in Cloud. In Proceedings of the 2017 on Cloud Computing Security Workshop (CCSW ’17). ACM, New York, NY, USA, 39-43. DOI: Pdf  Bibtex
  • Ehsan Hesamifard, Hassan Takabi, and Mehdi Ghasemi. (2017). CryptoDL: Deep Neural Networks over Encrypted Data. ArXiv, 21. Retrieved from Pdf  Bibtex
  • Hassan Takabi, Ehsan Hesamifard, and Mehdi Ghasemi. (2016). Privacy Preserving Multi-party Machine Learning with Homomorphic Encryption. Proceedings of the Workshop on Private Multi-Party Machine Learning, (Nips), 1–5.  Pdf  Bibtex
  • Ehsan Hesamifard, Hassan Takabi, and Mehdi Ghasemi. CryptoDL: Towards Deep Learning over Encrypted Data. (2016). Conference 2016 Annual Computer Security Applications Conference (ACSAC 2016). Pdf  Bibtex