Research On Privacy Protection Of Machine Learning Based On Secure Multi-party Computin

Machine learning is the core of artificial intelligence and the fundamental way to make computers intelligent.Its applications span all areas of artificial intelligence,especially in fault detection,face recognition and medical diagnosis,which have shown excellent performance.In machine learning applications,it is often necessary for multiple participants to interact with each other and work together to complete the computation.However,transmitting data in plaintext may lead to serious privacy information leakage problems.Secure multi-party computation provides a solution to this problem,which allows participants to perform computations together without revealing any input data and intermediate results,thus enabling the preservation of private information.While secure multi-party computation can be effective in making data "usable but invisible," its high communication and computation costs limit its practicality.Even in LAN environments,machine learning based on secure multi-party computation is 40 to 1000 times slower than in plaintext.Therefore,more and more scholars are investigating how to implement efficient and practical privacy-preserving machine learning schemes based on secure multi-party computation.In this thesis,machine learning privacy-preserving schemes are designed for semihonest models based on secure multi-party computation,including:(1)A secure outsourcing algorithm for decision tree evaluation.The algorithm allows decision tree model providers to outsource the prediction service to cloud servers,thus making the decision tree secure evaluation service available to resource-constrained clients.Clients do not have to stay online after uploading the secret share of feature vectors,and can obtain the evaluation results at any time,which saves a lot of time and resources for clients.The algorithm avoids hiding structure information of decision trees by padding dummy nodes via matrix representation of path cost method and compresses path encryption matrix by a recursive algorithm,which significantly reduces the computation and communication overhead of model provider and cloud server.Detailed theoretical analysis and experimental results prove the security,correctness,and practicality of the algorithm.(2)A privacy-preserving scheme for neural network evaluation.The algorithm transforms the high communication overhead steps in secure exponentiation and secure division operations into local operations for participants,thus dramatically reducing the communication overhead of the associated activation functions.In addition,the algorithm achieves secure comparison through function secret sharing technique,which further reduces the communication overhead in the online phase.Experiments show that the communication cost required by the algorithm in the online phase is smaller than that required by existing algorithms when computing the nonlinear layers of the neural network.Detailed theoretical analysis and experimental results demonstrate the security,privacy and practicality of the algorithm.