Privacy-Preserving Machine Learning Training in Aggregation Scenarios

TL;DR

This paper introduces Heda, a novel privacy-preserving machine learning training framework for IoT aggregation scenarios, which ensures data privacy and security against collusion without relying on untrusted servers.

Contribution

Heda provides a flexible library of building blocks based on partial homomorphic encryption for secure ML training without server assistance and under collusion threats.

Findings

Heda maintains model accuracy comparable to non-private training.

The protocols effectively protect participant privacy in honest-but-curious and collusion scenarios.

Experiments demonstrate Heda's efficiency in real-world IoT environments.

Abstract

To develop Smart City, the growing popularity of Machine Learning (ML) that appreciates high-quality training datasets generated from diverse IoT devices raises natural questions about the privacy guarantees that can be provided in such settings. Privacy-preserving ML training in an aggregation scenario enables a model demander to securely train ML models with the sensitive IoT data gathered from personal IoT devices. Existing solutions are generally server-aided, cannot deal with the collusion threat between the servers or between the servers and data owners, and do not match the delicate environments of IoT. We propose a privacy-preserving ML training framework named Heda that consists of a library of building blocks based on partial homomorphic encryption (PHE) enabling constructing multiple privacy-preserving ML training protocols for the aggregation scenario without the assistance of untrusted servers and defending the security under collusion situations. Rigorous security analysis demonstrates the proposed protocols can protect the privacy of each participant in the honest-but-curious model and defend the security under most collusion situations. Extensive experiments validate the efficiency of Heda which achieves the privacy-preserving ML training without losing the model accuracy.