PFDLIS: Privacy-Preserving and Fair Deep Learning Inference Service under Publicly Verifiable Covert Security Setting

Fengyi Tang; Jialu Hao; Jian Liu; Huimei Wang; Ming Xian

doi:10.3390/electronics8121488

PFDLIS: Privacy-Preserving and Fair Deep Learning Inference Service under Publicly Verifiable Covert Security Setting

Electronics ◽

10.3390/electronics8121488 ◽

2019 ◽

Vol 8 (12) ◽

pp. 1488

Author(s):

Fengyi Tang ◽

Jialu Hao ◽

Jian Liu ◽

Huimei Wang ◽

Ming Xian

Keyword(s):

Artificial Intelligence ◽

Deep Learning ◽

Prediction Accuracy ◽

Data Privacy ◽

Input Data ◽

Computational Cost ◽

Privacy Preserving ◽

Model Parameters ◽

Privacy Model ◽

Security Properties

The recent popularity and widespread use of deep learning heralds an era of artificial intelligence. Thanks to the emergence of a deep learning inference service, non-professional clients can enjoy the improvements and profits brought by artificial intelligence as well. However, the input data of the client may be sensitive so that the client does not want to send its input data to the server. Similarly, the pre-trained model of the server is valuable and the server is unwilling to make the model parameters public. Therefore, we propose a privacy-preserving and fair scheme for a deep learning inference service based on secure three-party computation and making commitments under the publicly verifiable covert security setting. We demonstrate that our scheme has the following desirable security properties—input data privacy, model privacy and defamation freeness. Finally, we conduct extensive experiments to evaluate the performance of our scheme on MNIST dataset. The experimental results verify that our scheme can achieve the same prediction accuracy as the pre-trained model with acceptable extra computational cost.

Privacy-Preserving Distributed Deep Learning via Homomorphic Re-Encryption

Electronics ◽

10.3390/electronics8040411 ◽

2019 ◽

Vol 8 (4) ◽

pp. 411 ◽

Cited By ~ 3

Author(s):

Fengyi Tang ◽

Wei Wu ◽

Jian Liu ◽

Huimei Wang ◽

Ming Xian

Keyword(s):

Deep Learning ◽

Data Privacy ◽

Computational Cost ◽

Privacy Preserving ◽

Learning System ◽

Stochastic Gradient Descent ◽

Work Related ◽

Learning Scheme ◽

Security Properties ◽

Secure Channels

The flourishing deep learning on distributed training datasets arouses worry about data privacy. The recent work related to privacy-preserving distributed deep learning is based on the assumption that the server and any learning participant do not collude. Once they collude, the server could decrypt and get data of all learning participants. Moreover, since the private keys of all learning participants are the same, a learning participant must connect to the server via a distinct TLS/SSL secure channel to avoid leaking data to other learning participants. To fix these problems, we propose a privacy-preserving distributed deep learning scheme with the following improvements: (1) no information is leaked to the server even if any learning participant colludes with the server; (2) learning participants do not need different secure channels to communicate with the server; and (3) the deep learning model accuracy is higher. We achieve them by introducing a key transform server and using homomorphic re-encryption in asynchronous stochastic gradient descent applied to deep learning. We show that our scheme adds tolerable communication cost to the deep learning system, but achieves more security properties. The computational cost of learning participants is similar. Overall, our scheme is a more secure and more accurate deep learning scheme for distributed learning participants.

NIMG-46. SYSTEMATIC LITERATURE REVIEW OF ARTIFICIAL INTELLIGENCE ALGORITHMS USING PRE-THERAPY MR IMAGING FOR GLIOMA MOLECULAR SUBTYPE CLASSIFICATION

Neuro-Oncology ◽

10.1093/neuonc/noab196.545 ◽

2021 ◽

Vol 23 (Supplement_6) ◽

pp. vi139-vi139

Author(s):

Jan Lost ◽

Tej Verma ◽

Niklas Tillmanns ◽

W R Brim ◽

Harry Subramanian ◽

...

Keyword(s):

Artificial Intelligence ◽

Machine Learning ◽

Deep Learning ◽

Literature Review ◽

Prediction Accuracy ◽

Molecular Subtypes ◽

Molecular Subtype ◽

Tumor Resection ◽

Support Vector ◽

Hospital Data

Abstract PURPOSE Identifying molecular subtypes in gliomas has prognostic and therapeutic value, traditionally after invasive neurosurgical tumor resection or biopsy. Recent advances using artificial intelligence (AI) show promise in using pre-therapy imaging for predicting molecular subtype. We performed a systematic review of recent literature on AI methods used to predict molecular subtypes of gliomas. METHODS Literature review conforming to PRSIMA guidelines was performed for publications prior to February 2021 using 4 databases: Ovid Embase, Ovid MEDLINE, Cochrane trials (CENTRAL), and Web of Science core-collection. Keywords included: artificial intelligence, machine learning, deep learning, radiomics, magnetic resonance imaging, glioma, and glioblastoma. Non-machine learning and non-human studies were excluded. Screening was performed using Covidence software. Bias analysis was done using TRIPOD guidelines. RESULTS 11,727 abstracts were retrieved. After applying initial screening exclusion criteria, 1,135 full text reviews were performed, with 82 papers remaining for data extraction. 57% used retrospective single center hospital data, 31.6% used TCIA and BRATS, and 11.4% analyzed multicenter hospital data. An average of 146 patients (range 34-462 patients) were included. Algorithms predicting IDH status comprised 51.8% of studies, MGMT 18.1%, and 1p19q 6.0%. Machine learning methods were used in 71.4%, deep learning in 27.4%, and 1.2% directly compared both methods. The most common algorithm for machine learning were support vector machine (43.3%), and for deep learning convolutional neural network (68.4%). Mean prediction accuracy was 76.6%. CONCLUSION Machine learning is the predominant method for image-based prediction of glioma molecular subtypes. Major limitations include limited datasets (60.2% with under 150 patients) and thus limited generalizability of findings. We recommend using larger annotated datasets for AI network training and testing in order to create more robust AI algorithms, which will provide better prediction accuracy to real world clinical datasets and provide tools that can be translated to clinical practice.

Detection of prostate cancer and determination of its significance using explainable artificial intelligence.

Journal of Clinical Oncology ◽

10.1200/jco.2020.38.15_suppl.5555 ◽

2020 ◽

Vol 38 (15_suppl) ◽

pp. 5555-5555

Author(s):

Okyaz Eminaga ◽

Andreas Loening ◽

Andrew Lu ◽

James D Brooks ◽

Daniel Rubin

Keyword(s):

Prostate Cancer ◽

Artificial Intelligence ◽

Deep Learning ◽

Input Data ◽

Human Perception ◽

Diagnostic Potential ◽

Explainable Artificial Intelligence ◽

Multiple Biopsy ◽

Validation Set

5555 Background: The variation of the human perception has limited the potential of multi-parametric magnetic resonance imaging (mpMRI) of the prostate in determining prostate cancer and identifying significant prostate cancer. The current study aims to overcome this limitation and utilizes an explainable artificial intelligence to leverage the diagnostic potential of mpMRI in detecting prostate cancer (PCa) and determining its significance. Methods: A total of 6,020 MR images from 1,498 cases were considered (1,785 T2 images, 2,719 DWI images, and 1,516 ADC maps). The treatment determined the significance of PCa. Cases who received radical prostatectomy were considered significant, whereas cases with active surveillance and followed for at least two years were considered insignificant. The negative biopsy cases have either a single biopsy setting or multiple biopsy settings with the PCa exclusion. The images were randomly divided into development (80%) and test sets (20%) after stratifying according to the case in each image type. The development set was then divided into a training set (90%) and a validation set (10%). We developed deep learning models for PCa detection and the determination of significant PCa based on the PlexusNet architecture that supports explainable deep learning and volumetric input data. The input data for PCa detection was T2-weighted images, whereas the input data for determining significant PCa include all images types. The performance of PCa detection and determination of significant PCa was measured using the area under receiving characteristic operating curve (AUROC) and compared to the maximum PiRAD score (version 2) at the case level. The 10,000 times bootstrapping resampling was applied to measure the 95% confidence interval (CI) of AUROC. Results: The AUROC for the PCa detection was 0.833 (95% CI: 0.788-0.879) compared to the PiRAD score with 0.75 (0.718-0.764). The DL models to detect significant PCa using the ADC map or DWI images achieved the highest AUROC [ADC: 0.945 (95% CI: 0.913-0.982; DWI: 0.912 (95% CI: 0.871-0.954)] compared to a DL model using T2 weighted (0.850; 95% CI: 0.791-0.908) or PiRAD scores (0.604; 95% CI: 0.544-0.663). Finally, the attention map of PlexusNet from mpMRI with PCa correctly showed areas that contain PCa after matching with corresponding prostatectomy slice. Conclusions: We found that explainable deep learning is feasible on mpMRI and achieves high accuracy in determining cases with PCa and identifying cases with significant PCa.

A Practical Tutorial on Graph Neural Networks

ACM Computing Surveys ◽

10.1145/3503043 ◽

2022 ◽

Author(s):

Isaac Ronald Ward ◽

Jack Joyner ◽

Casey Lickfold ◽

Yulan Guo ◽

Mohammed Bennamoun

Keyword(s):

Neural Network ◽

Artificial Intelligence ◽

Neural Networks ◽

Deep Learning ◽

Input Data ◽

Unstructured Data ◽

Data Types ◽

Learning Techniques ◽

Graph Neural Networks ◽

Unique Ability

Graph neural networks (GNNs) have recently grown in popularity in the field of artificial intelligence (AI) due to their unique ability to ingest relatively unstructured data types as input data. Although some elements of the GNN architecture are conceptually similar in operation to traditional neural networks (and neural network variants), other elements represent a departure from traditional deep learning techniques. This tutorial exposes the power and novelty of GNNs to AI practitioners by collating and presenting details regarding the motivations, concepts, mathematics, and applications of the most common and performant variants of GNNs. Importantly, we present this tutorial concisely, alongside practical examples, thus providing a practical and accessible tutorial on the topic of GNNs.

An Efficient Distributive Framework for Preserving Data Privacy through Block Chain

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.b1052078219 ◽

2019 ◽

Vol 8 (2) ◽

pp. 5236-5239

Keyword(s):

Artificial Intelligence ◽

Deep Learning ◽

Data Privacy ◽

Learning Models ◽

Smart Contract ◽

Block Chain

Deep Learning Models has gained much attention to perform various artificial intelligence tasks. The accuracy of the models relies on the availability of data. Privacy and auditability has become the major concern for data providers. First issue is the centralised server which may become malicious causing break in privacy. Second is no incentives are given for data providers and trainers. Block chain is the most emerging innovation as of late. Decentralised connectivity of block chains gives another approach to interface information without the overheads of security, trust and controls. To address the above issues we propose an algorithm where clients send the model to the block chain for training where the honest trainers are incentivized for training, sharing weights. The weights are averaged; parameters are updated by a smart contract that resides on block chain which guarantees privacy and audit ability Keywords — Block chain, Network,Privacy

An Efficient Approach Based on Privacy-Preserving Deep Learning for Satellite Image Classification

Remote Sensing ◽

10.3390/rs13112221 ◽

2021 ◽

Vol 13 (11) ◽

pp. 2221

Author(s):

Munirah Alkhelaiwi ◽

Wadii Boulila ◽

Jawad Ahmad ◽

Anis Koubaa ◽

Maha Driss

Keyword(s):

Deep Learning ◽

Data Privacy ◽

Satellite Images ◽

Homomorphic Encryption ◽

Satellite Image ◽

Privacy Preserving ◽

Cloud Services ◽

Encryption Scheme ◽

Privacy Concerns ◽

Efficient Approach

Satellite images have drawn increasing interest from a wide variety of users, including business and government, ever since their increased usage in important fields ranging from weather, forestry and agriculture to surface changes and biodiversity monitoring. Recent updates in the field have also introduced various deep learning (DL) architectures to satellite imagery as a means of extracting useful information. However, this new approach comes with its own issues, including the fact that many users utilize ready-made cloud services (both public and private) in order to take advantage of built-in DL algorithms and thus avoid the complexity of developing their own DL architectures. However, this presents new challenges to protecting data against unauthorized access, mining and usage of sensitive information extracted from that data. Therefore, new privacy concerns regarding sensitive data in satellite images have arisen. This research proposes an efficient approach that takes advantage of privacy-preserving deep learning (PPDL)-based techniques to address privacy concerns regarding data from satellite images when applying public DL models. In this paper, we proposed a partially homomorphic encryption scheme (a Paillier scheme), which enables processing of confidential information without exposure of the underlying data. Our method achieves robust results when applied to a custom convolutional neural network (CNN) as well as to existing transfer learning methods. The proposed encryption scheme also allows for training CNN models on encrypted data directly, which requires lower computational overhead. Our experiments have been performed on a real-world dataset covering several regions across Saudi Arabia. The results demonstrate that our CNN-based models were able to retain data utility while maintaining data privacy. Security parameters such as correlation coefficient (−0.004), entropy (7.95), energy (0.01), contrast (10.57), number of pixel change rate (4.86), unified average change intensity (33.66), and more are in favor of our proposed encryption scheme. To the best of our knowledge, this research is also one of the first studies that applies PPDL-based techniques to satellite image data in any capacity.

Artificial Intelligence, Machine Learning, and Cardiovascular Disease

Clinical Medicine Insights Cardiology ◽

10.1177/1179546820927404 ◽

2020 ◽

Vol 14 ◽

pp. 117954682092740

Author(s):

Pankaj Mathur ◽

Shweta Srivastava ◽

Xiaowei Xu ◽

Jawahar L Mehta

Keyword(s):

Artificial Intelligence ◽

Machine Learning ◽

Deep Learning ◽

Prescription Drugs ◽

Drug Targets ◽

Data Privacy ◽

Clinical Medicine ◽

Treatment Strategies ◽

Learning Networks ◽

Cardiovascular Medicine

Artificial intelligence (AI)-based applications have found widespread applications in many fields of science, technology, and medicine. The use of enhanced computing power of machines in clinical medicine and diagnostics has been under exploration since the 1960s. More recently, with the advent of advances in computing, algorithms enabling machine learning, especially deep learning networks that mimic the human brain in function, there has been renewed interest to use them in clinical medicine. In cardiovascular medicine, AI-based systems have found new applications in cardiovascular imaging, cardiovascular risk prediction, and newer drug targets. This article aims to describe different AI applications including machine learning and deep learning and their applications in cardiovascular medicine. AI-based applications have enhanced our understanding of different phenotypes of heart failure and congenital heart disease. These applications have led to newer treatment strategies for different types of cardiovascular diseases, newer approach to cardiovascular drug therapy and postmarketing survey of prescription drugs. However, there are several challenges in the clinical use of AI-based applications and interpretation of the results including data privacy, poorly selected/outdated data, selection bias, and unintentional continuance of historical biases/stereotypes in the data which can lead to erroneous conclusions. Still, AI is a transformative technology and has immense potential in health care.

SoK: Privacy-Preserving Computation Techniques for Deep Learning

Proceedings on Privacy Enhancing Technologies ◽

10.2478/popets-2021-0064 ◽

2021 ◽

Vol 2021 (4) ◽

pp. 139-162

Author(s):

José Cabrero-Holgueras ◽

Sergio Pastrana

Keyword(s):

Deep Learning ◽

Data Science ◽

Homomorphic Encryption ◽

Computational Cost ◽

Privacy Preserving ◽

Third Party ◽

Sensitive Information ◽

Computation Techniques ◽

Practical Applications ◽

Advantages And Disadvantages

Abstract Deep Learning (DL) is a powerful solution for complex problems in many disciplines such as finance, medical research, or social sciences. Due to the high computational cost of DL algorithms, data scientists often rely upon Machine Learning as a Service (MLaaS) to outsource the computation onto third-party servers. However, outsourcing the computation raises privacy concerns when dealing with sensitive information, e.g., health or financial records. Also, privacy regulations like the European GDPR limit the collection, distribution, and use of such sensitive data. Recent advances in privacy-preserving computation techniques (i.e., Homomorphic Encryption and Secure Multiparty Computation) have enabled DL training and inference over protected data. However, these techniques are still immature and difficult to deploy in practical scenarios. In this work, we review the evolution of the adaptation of privacy-preserving computation techniques onto DL, to understand the gap between research proposals and practical applications. We highlight the relative advantages and disadvantages, considering aspects such as efficiency shortcomings, reproducibility issues due to the lack of standard tools and programming interfaces, or lack of integration with DL frameworks commonly used by the data science community.

Power Consumption Data Privacy-preserving Scheme Based on Improved Multi-key Fully Homomorphic Encryption

Recent Advances in Electrical & Electronic Engineering (Formerly Recent Patents on Electrical & Electronic Engineering) ◽

10.2174/2352096514666210713115244 ◽

2021 ◽

Vol 14 ◽

Author(s):

Yuancheng Li ◽

Jiawen Yu

Keyword(s):

Power Consumption ◽

Data Privacy ◽

Privacy Preservation ◽

Homomorphic Encryption ◽

Computational Cost ◽

Privacy Preserving ◽

Secret Key ◽

Multiple Data ◽

Consumption Data ◽

Secret Keys

Background: In the power Internet of Things (IoT), power consumption data faces the risk of privacy leakage. Traditional privacy-preserving schemes cannot ensure data privacy on the system, as the secret key pairs shall be shared between all the interior nodes once leaked. In addition, the general schemes only support summation algorithms, resulting in a lack of extensibility. Objective: To preserve the privacy of power consumption data, ensure the privacy of secret keys, and support multiple data processing methods, we propose an improved power consumption data privacy-preserving scheme. Method: Firstly, we have established a power IoT architecture based on edge computing. Then the data is encrypted with the multi-key fully homomorphic algorithm to realize the operation of ciphertext, without the restrictions of calculation type. Through the improved decryption algorithm, ciphertext that can be separately decrypted in cloud nodes is generated, which contributes to reducing communication costs and preventing data leakage. Results: The experimental results show that our scheme is more efficient than traditional schemes in privacy preservation. According to the variance calculation result, the proposed scheme has reached the application standard in terms of computational cost and is feasible for practical operation. Discussion: In the future, we plan to adopt a secure multi-party computation based scheme so that data can be managed locally with homomorphic encryption, so as to ensure data privacy.

A Multi-Level Privacy-Preserving Approach to Hierarchical Data Based on Fuzzy Set Theory

Symmetry ◽

10.3390/sym10080333 ◽

2018 ◽

Vol 10 (8) ◽

pp. 333

Author(s):

Jinyan Wang ◽

Guoqing Cai ◽

Chen Liu ◽

Jingli Wu ◽

Xianxian Li

Keyword(s):

Data Privacy ◽

Clinical Decision ◽

Privacy Preserving ◽

Computer Assisted ◽

Hierarchical Data ◽

Knowledge Based ◽

Privacy Model ◽

Multi Level ◽

Categorical Attribute ◽

Attribute Value

Nowadays, more and more applications are dependent on storage and management of semi-structured information. For scientific research and knowledge-based decision-making, such data often needs to be published, e.g., medical data is released to implement a computer-assisted clinical decision support system. Since this data contains individuals’ privacy, they must be appropriately anonymized before to be released. However, the existing anonymization method based on l-diversity for hierarchical data may cause a serious similarity attack, and cannot protect data privacy very well. In this paper, we utilize fuzzy sets to divide levels for sensitive numerical and categorical attribute values uniformly (a categorical attribute value can be converted into a numerical attribute value according to its frequency of occurrences), and then transform the value levels to sensitivity levels. The privacy model ( α l e v h , k)-anonymity for hierarchical data with multi-level sensitivity is proposed. Furthermore, we design a privacy-preserving approach to achieve this privacy model. Experiment results demonstrate that our approach is obviously superior to existing anonymous approach in hierarchical data in terms of utility and security.