Secure Collaborative Training and Inference for XGBoost
Andrew Law, Chester Leung, Rishabh Poddar, Raluca Ada Popa, Chenyu, Shi, Octavian Sima, Chaofan Yu, Xingmeng Zhang, Wenting Zheng
TL;DR
Secure XGBoost is a privacy-preserving system enabling multiparty training and inference of XGBoost models, utilizing hardware enclaves and novel data-oblivious algorithms to prevent side-channel attacks.
Contribution
It introduces a secure system for collaborative XGBoost training and inference that combines hardware enclaves with data-oblivious algorithms for enhanced security.
Findings
Protects data privacy during collaborative training
Prevents access pattern side-channel attacks
Enables secure multiparty inference
Abstract
In recent years, gradient boosted decision tree learning has proven to be an effective method of training robust models. Moreover, collaborative learning among multiple parties has the potential to greatly benefit all parties involved, but organizations have also encountered obstacles in sharing sensitive data due to business, regulatory, and liability concerns. We propose Secure XGBoost, a privacy-preserving system that enables multiparty training and inference of XGBoost models. Secure XGBoost protects the privacy of each party's data as well as the integrity of the computation with the help of hardware enclaves. Crucially, Secure XGBoost augments the security of the enclaves using novel data-oblivious algorithms that prevent access side-channel attacks on enclaves induced via access pattern leakage.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Adversarial Robustness in Machine Learning · Advanced Malware Detection Techniques