Research On Privacy Protection In Neural Networks

With the development of artificial intelligence,neural network has been widely used in face recognition,medical diagnosis and other fields,and attracts more and more attention.The training and prediction of neural networks need data support.However,data always inevitably contains sensitive and confidential information.Therefore,while neural networks bring convenience to our life,they also bring hidden dangers of privacy disclosure.How to use neural networks without revealing privacy information has become an important research field.This thesis focuses on several typical neural network structures: perceptron and convolutional neural network for privacy protection.Perceptron is a simple neural network.Although it is simple in structure,it can effectively deal with complex binary classification problems.In order to realize the privacy protection of neural network,the first consideration is how to realize the privacy protection of the basic unit of neural network-perceptron.For the training of perceptrons,this thesis proposes a privacy-preserving training protocol based on additively homomorphic encryptions(AHE),which can ensure that the training data will not be leaked when the data provider provides training data to the training institution.For perceptron prediction,a cloud-assisted privacy-preserving prediction protocol based on AHE is proposed.This protocol can effectively protect the privacy of input features and model parameters in the prediction process,while effectively reducing the burden of user management and data processing by virtue of the powerful computing and storage capabilities of cloud platform.Finally,we validate the accuracy and efficiency of the privacy protection protocol using real data sets.Convolutional neural network(CNN)is a special neural network which is good at analyzing visual images.It has a wide range of applications in image and video recognition,image classification and natural language processing.Compared with other image classification algorithms,CNN does not need complex image preprocessing.Therefore,CNN has been widely used in practice.At present,many existing privacy protection schemes of convolutional neural networks are implemented by fully homomorphic encryption,and the protection of the output of the last layer of the network is neglected.This thesis proposes a privacy-preserving protocol of convolution neural network based on AHE.The protocol in this thesis can protect user's privacy input,server's model parameters,and the calculated median.Finally,the validity and usability of the protocol are verified by real data sets.