| In the era of data intelligence,machine learning technology has achieved explosive applications for various industries.Training a machine learning model requires massive data,server resources,and the input of algorithm scientists.There is a certain threshold,so machine learning inference services have emerged: service providers encapsulate the trained machine learning model as an interface and serve as a service externally provide.Anyone can submit their own data and get inferred results.The popularity of machine learning inference services has greatly reduced the threshold for machine learning,but in the current system,users need to directly submit data to the service provider in clear text,sacrificing their own privacy.At the same time,the machine learning model is service provider' own private asset,so the model cannot be sent directly to the customer,and the customer performs the inference locally.More importantly,in recent years,many countries have introduced many laws and regulations on data security,which have stricter regulations on data security and privacy protection.In machine learning inference service systems,decision tree models occupy half of the world.Therefore,how to design an efficient decision tree inference service system with privacy protection characteristics has become a research focus.The main research contents of this article are as follows:1.The requirements of privacy protection for decision tree inference service system are analyzed in detail.The reason why the size of the decision tree model of the service provider cannot be protected is clarified,and a solution is provided for blinding the size of the decision tree model by adding dummy nodes for preprocessing.After the size of the blinded decision tree model is made public,the system design can be performed using secure multiparty computation techniques based on secret sharing.Therefore,the system avoids expensive public key cryptography primitives,greatly reducing computing overhead,reducing communication overhead,and enabling it to run on lightweight devices such as mobile phones.2.In order for the decision tree inference service system with privacy protection features to operate,service providers are generally required to inform the participants of the structure of the decision tree model.To this end,service providers need to expand the decision tree to a perfect binary tree,but this directly increases performance.The overhead has increased exponentially.Based on the characteristics of logical NOT gate operation in the secret sharing scheme,this paper proposes a scheme in which the client can run the secure computing protocol without obtaining the full structure of the decision tree model,thereby eliminating the need to expand the decision tree model to a full binary tree.While protecting the requirements,an exponential increase in overall system overhead is avoided.3.According to the characteristics of the decision tree inference service system,this paper divides the entire system design into four basic modules: attribute selection module,comparison operation module,decision index vector generation module,and decision result evaluation module.According to the characteristics of these four modules,a customized and efficient secure two-party computation protocol based on secret sharing is designed,and the security of each protocol is proved.Compared with the straightforward universal solution,the performance has been greatly improved.Through the sequential combination of basic modules,the decision tree inference service system with privacy protection features designed in this paper is efficient,concise and easy to understand,and does not require the participation of trusted third parties,which is conducive to implementation in real scenarios.At the same time,the security of the scheme was proved,and experiments were performed by simulating the realworld network environment to prove the practicability of the scheme. |
PDF Full Text Request