-
摘要:
依靠机器学习,传统产业的数字化转型带来了海量数据增长,而产品服务的智能化提升则刺激了算力需求. 云计算的灵活资源调配可以为资源有限的企业和用户提供便宜便捷的外包计算服务,实现机器学习的模型训练和模型托管,加快产品和服务的智能化建设,促进数字经济增长. 然而,数据和模型外包伴随控制权转移,可能带来数据泄露风险和计算安全问题. 近年来,机器学习的外包安全问题受到越来越多研究者的关注,并取得了一些显著成果. 通过对2018—2022年这5年国内外机器学习安全外包研究工作调研,首先对现有主流的外包模型进行分类和特征归纳,依据任务阶段将外包模型划分为模型训练和模型托管模式,以及依据云服务商数量将外包模式划分为单云模式和多云模式. 其次重点从逻辑回归、朴素贝叶斯分类、支持向量机、决策树和神经网络等典型机器学习算法角度对机器学习安全外包计算相关研究进展进行了深入阐述和分析. 最后从不同角度分析和讨论了目前机器学习安全外包研究存在的不足,并展望未来面临的挑战和机遇.
Abstract:Based on machine learning, the digital transformation of traditional industries brings a massive data growth, while the intelligent enhancement of products services raises the demand for computing power. Cloud computing, relying on flexible resource deployment, can provide inexpensive and convenient outsourced computing services for users with limited resources, enabling them to complete model training and model hosting for machine learning. It also contributes to the intelligent improvement of products and services and promotes the growth of the digital economy. However, data and model outsourcing come with a transfer of control, which may pose data leakage risk and computational security issues. In recent years, the security issues of machine learning outsourcing have received increasing public attentions and academic concerns. In this paper, we systematically reviewed the research work on machine learning security outsourcing in the year of 2018−2022 the past five years. We first present different outsourced modes, including model training and model hosting modes classified by the task phase, single-cloud and multi-cloud modes classified by the number of cloud service providers. Then we summarize the characteristics of outsourced models under different modes. Next, we focus on the research progress related to machine learning secure outsourced computing from the perspective of typical machine learning algorithms such as logistic regression, Bayesian classification, support vector machine, decision tree and neural network, and provide an in-depth description and analysis. Finally, we analyze and discuss the limitations from different perspectives, as well as potential challenges and opportunities.
-
Keywords:
- cloud computing /
- outsourced computing /
- machine learning /
- transfer learning /
- privacy preserving
-
-
![]()
图 1 2018—2022年调研文献来源统计分析
Figure 1. Statistics analysis of research literature source from 2018 to 2022
![]()
图 5 按云服务商数量分类的2种模式
Figure 5. Two modes classified by the number of cloud service providers
![]()
图 6 机器学习安全外包研究模型统计
Figure 6. Model statistics of machine learning security outsourced research
表 1 机器学习外包计算模型的特点
Table 1 Features of Machine Learning Outsourced Computing Modes
模式应用趋势 特点 由模型训练到模型托管 支持多用户 减少用户与云服务商交互 支持密文托管 支持用户离线 支持模型机密性保护 考虑半可信云服务器威胁 由单云到多云 分摊计算,支持MPC协议 减少用户与云服务商交互 支持用户离线 增加恶意云服务器的威胁 
下载: 导出CSV
表 5 决策树外包方案对比
Table 5 Comparison of Decision Tree Outsourced Schemes
来源 单云/多云 加密模型 外包阶段 加密工具 威胁模型 支持随机森林 离线 文献[46] 单云 × 推理 HE+ GC+OT 半可信 × × 文献[47] 单云 × 推理 GC, OT, ORAM 半可信 × × 文献[49] 多云 √ 推理 秘密共享 半可信 × √ 文献[50] 多云 √ 训练+推理 FHE 半可信 √ √ 文献[51] 多云 √ 推理 GC+秘密共享 恶意用户 × √ 文献[52] 单云 √ 推理 对称加密 半可信 × √ 文献[53] 单云 √ 推理 HE 恶意用户 × × 文献[54] 多云 √ 推理 HE+秘密共享 半可信 × √ 文献[55] 多云 × 训练+推理 DT-PKC+秘密共享 半可信 × √ 文献[56] 单云 √ 推理 多密钥HE+OT 半可信 √ × 文献[57] 单云 √ 训练+推理 矩阵盲化 半可信 × √ 文献[58] 单云 √ 推理 HE 半可信 × √
下载: 导出CSV
表 6 神经网络外包方案对比
Table 6 Comparison of Neural Network Outsourced Schemes
来源 算法 单云/多云 外包阶段 加密工具 威胁模型 可验证 模型隐私 文献[60] SLP 单云 训练+推理 矩阵盲化 半可信 × √ 文献[61] SLP 单云 训练+推理 矩阵盲化 恶意云 √ √ 文献[62] DNN 单云 训练+推理 DT-PKC 半可信 × √ 文献[63] R-CNN 多云 训练 秘密共享 半可信 × √ 文献[64] DNN 单云 训练 加噪 半可信 × × 文献[65] CNN 多云 训练 秘密共享 半可信 × × 文献[66] DNN 单云 训练 矩阵盲化 半可信 × √ 文献[67] DNN 多云 推理 秘密共享 半可信 × √ 文献[68] DNN 多云 推理 秘密共享 半可信 × × 文献[69] CNN 多云 推理 秘密共享 半可信 × × 文献[70] DNN 多云 推理 秘密共享 半可信 × √ 文献[71] CNN 单云 推理 加性HE 半可信 × × 文献[72] DNN 单云 推理 HE+ GC+秘密共享 半可信 × √ 文献[73] CNN 单云 推理 HE+秘密共享 半可信 × √ 文献[74] CNN 单云 推理 HE+ GC+秘密共享 恶意用户 × √ 文献[75] CNN 多云 推理 GC+秘密共享 半可信 × √ 文献[76] DNN 多云 推理 GC 恶意云 × √ 文献[77] DNN 多云 推理 HE+秘密共享 半可信 × √ 文献[78] DNN 多云 训练+推理 GC+秘密共享 半可信 × √ 文献[79−80] DNN 多云 推理 秘密共享 半可信 × √ 文献[81−84] CNN 多云 推理 GC+秘密共享 恶意云 × √
下载: 导出CSV
-
[1] 李印,陈勇,赵景欣,等. 泛在计算安全综述[J]. 计算机研究与发展,2022,59(5):1054−1081 doi: 10.7544/issn1000-1239.20211248 Li Yin, Chen Yong, Zhao Jingxin, et al. Survey of ubiquitous computing security[J]. Journal of Computer Research and Development, 2022, 59(5): 1054−1081 (in Chinese) doi: 10.7544/issn1000-1239.20211248
[2] 周俊,沈华杰,林中允,等. 边缘计算隐私保护研究进展[J]. 计算机研究与发展,2020,57(10):2027−2051 doi: 10.7544/issn1000-1239.2020.20200614 Zhou Jun, Shen Huajie, Lin Zhongyun, et al. Research advances on privacy preserving in edge computing[J]. Journal of Computer Research and Development, 2020, 57(10): 2027−2051 (in Chinese) doi: 10.7544/issn1000-1239.2020.20200614
[3] Statista. Public cloud services end-user spending worldwide from 2017 to 2023[EB/OL]. [2022-08-15]. https://www.statista.com/statistics/273818/global-revenue-generated-with-cloud-computing-since-2009/
[4] Shan Zihao, Ren Kui, Blanton M, et al. Practical secure computation outsourcing: A survey[J]. ACM Computing Surveys, 2019, 51(2): 1−40
[5] Zhou Lei, Fu Anmin, Yang Guomin, et al. Efficient certificateless multi-copy integrity auditing scheme supporting data dynamics[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(2): 1118−1132
[6] Liu Bo, Ding Ming, Shaham S, et al. When machine learning meets privacy: A survey and outlook[J]. ACM Computing Surveys, 2022, 54(2): 1−36
[7] 李帅,付安民,苏铓,等. 基于单服务器的群上幂指数安全外包计算方案[J]. 计算机研究与发展,2018,55(11):2482−2489 doi: 10.7544/issn1000-1239.2018.20170420 Li Shuai, Fu Anmin, Su Mang, et al. Secure and verifiable protocol for outsourcing group power exponent to a single server[J]. Journal of Computer Research and Development, 2018, 55(11): 2482−2489 (in Chinese) doi: 10.7544/issn1000-1239.2018.20170420
[8] 聂恒太,王少辉. 云环境下矩阵乘法外包计算方案[J]. 计算机技术与发展,2018,28(8):119−123 doi: 10.3969/j.issn.1673-629X.2018.08.025 Nie Hengtai, Wang Shaohui. A matrix multiplication outsourcing calculation scheme in cloud environment[J]. Computer Technology and Development, 2018, 28(8): 119−123 (in Chinese) doi: 10.3969/j.issn.1673-629X.2018.08.025
[9] Fu Anmin, Chen Zhenzhu, Mu Yi, et al. Cloud-based outsourcing for enabling privacy-preserving large-scale non-negative matrix factorization[J]. IEEE Transactions on Services Computing, 2022, 15(1): 266−278 doi: 10.1109/TSC.2019.2937484
[10] 李晓伟,陈本辉,杨邓奇,等. 边缘计算环境下安全协议综述[J]. 计算机研究与发展,2022,59(4):765−780 doi: 10.7544/issn1000-1239.20210644 Li Xiaowei, Chen Benhui, Yang Dengqi, et al. Review of security protocols in edge computing environments[J]. Journal of Computer Research and Development, 2022, 59(4): 765−780 (in Chinese) doi: 10.7544/issn1000-1239.20210644
[11] Kumar M, Sharma S C, Goel A, et al. A comprehensive survey for scheduling techniques in cloud computing[J]. Journal of Network and Computer Applications, 2019, 143: 1−33 doi: 10.1016/j.jnca.2019.06.006
[12] Domingo-Ferrer J, Farras O, Ribes-González J, et al. Privacy-preserving cloud computing on sensitive data: A survey of methods, products and challenges[J]. Computer Communications, 2019, 140: 38−60
[13] Shama T, Wang Tian, Giulio C D, et al. Towards inclusive privacy protections in the cloud[C]//Prof of the 18th Int Conf on Applied Cryptography and Network Security. Berlin: Springer, 2020: 337−359
[14] 周纯毅,陈大卫,王尚,等. 分布式深度学习隐私与安全攻击研究进展与挑战[J]. 计算机研究与发展,2021,58(5):927−943 doi: 10.7544/issn1000-1239.2021.20200966 Zhou Chunyi, Chen Dawei, Wang Shang, et al. Research and challenge of distributed deep learning privacy and security attack[J]. Journal of Computer Research and Development, 2021, 58(5): 927−943 (in Chinese) doi: 10.7544/issn1000-1239.2021.20200966
[15] Kleinbaum D G, Klein M. Logistic Regression: A Self-learning Text[M]. Berlin: Springer, 2010
[16] Han K, Hong S, Cheon J H, et al. Logistic regression on homomorphic encrypted data at scale[C]//Proc of the 31st AAAI Conf on Artificial Intelligence. Palo Alto, CA: AAAI, 2019: 9466−9471
[17] Bos J W, Lauter K, Naehrig M. Private predictive analysis on encrypted medical data[J]. Journal of Biomedical Informatics, 2014, 50: 234−243 doi: 10.1016/j.jbi.2014.04.003
[18] Aono Y, Hayashi T, Trieu P L, et al. Scalable and secure logistic regression via homomorphic encryption[C]//Proc of the 6th ACM Conf on Data and Application Security and Privacy. New York: ACM, 2016: 142−144
[19] Jiang Yichen, Hamer J, Wang Chenghong, et al. SecureLR: Secure logistic regression model via a hybrid cryptographic protocol[J]. IEEE/ACM Transactions on Computational Biology and Bioinformatics, 2018, 16(1): 113−123
[20] Fan Yongkai, Bai Jianrong, Lei Xia, et al. Privacy preserving based logistic regression on big data[J]. Journal of Network and Computer Applications, 2020, 171: 1−10
[21] Yu Xiaopeng, Zhao Wei, Huang Yunfan, et al. Privacy-preserving outsourced logistic regression on encrypted data from homomorphic encryption[J]. Security and Communication Networks, 2022, 2022: 1−17
[22] Byun J, Lee W, Lee J. Parameter-free HE-friendly logistic regression[J]. Advances in Neural Information Processing Systems, 2021, 34: 8457−8468
[23] Murphy K P. Naive Bayes classifiers[EB/OL]. [2022-08-15]. https://www.cs.ubc.ca/~murphyk/Teaching/CS340-Fall06/reading/NB.pdf
[24] Li Tong, Huang Zhengan, Li Ping, et al. Outsourced privacy-preserving classification service over encrypted data[J]. Journal of Network and Computer Applications, 2018, 106: 100−110 doi: 10.1016/j.jnca.2017.12.021
[25] Li Tong, Li Xuan, Zhong Xingyi, et al. Communication-efficient outsourced privacy-preserving classification service using trusted processor[J]. Information Sciences, 2019, 505: 473−486 doi: 10.1016/j.ins.2019.07.047
[26] Chai Yanting, Zhan Yu, Wang Baocang, et al. Improvement on a privacy-preserving outsourced classification protocol over encrypted data[J]. Wireless Networks, 2020, 26(6): 4363−4374 doi: 10.1007/s11276-020-02329-9
[27] Okamoto T, Uchiyama S. A new public-key cryptosystem as secure as factoring[C]//Proc of the 17th Int Conf on the Theory and Applications of Cryptographic Techniques. Berlin: Springer, 1998: 308−318
[28] Li Tong, Li Jin, Liu Zheli, et al. Differentially private naive Bayes learning over multiple data sources[J]. Information Sciences, 2018, 444: 89−104 doi: 10.1016/j.ins.2018.02.056
[29] Vaidya J, Shafiq B, Basu A, et al. Differentially private naive Bayes classification[C]//Proc of 2013 IEEE/WIC/ACM Int Joint Conf on Web Intelligence and Intelligent Agent Technologies. Piscataway, NJ: IEEE, 2013: 571−576
[30] Huai Mengdi, Huang Liusheng, Yang Wei, et al. Privacy-preserving naive Bayes classification[C]//Proc of the 8th Int Conf on Knowledge Science, Engineering and Management. Berlin: Springer, 2015: 627−638
[31] Wang Fengwei, Zhu Hui, Lu Rongxing, et al. Achieve efficient and privacy-preserving disease risk assessment over multi-outsourced vertical datasets[J]. IEEE Transactions on Dependable and Secure Computing, 2020, 19(33): 1492−1504
[32] Pisner D A, Schnyer D M. Support Vector Machine[M]. New York: Academic Press, 2020
[33] Lin K P, Chen M S. Privacy-preserving outsourcing support vector machines with random transformation[C]//Proc of the 16th ACM SIGKDD Int Conf on Knowledge Discovery and Data Mining. New York: ACM, 2010: 363−372
[34] Rahulamathavan Y, Phan R C W, Veluru S, et al. Privacy-preserving multi-class support vector machine for outsourcing the data classification in cloud[J]. IEEE Transactions on Dependable and Secure Computing, 2014, 11(5): 467−479 doi: 10.1109/TDSC.2013.51
[35] Li Xingxin, Zhu Youwen, Wang Jian, et al. On the soundness and security of privacy-preserving SVM for outsourcing data classification[J]. IEEE Transactions on Dependable and Secure Computing, 2017, 15(5): 906−912
[36] Liu Ximeng, Deng R H, Choo K K R, et al. Privacy-preserving outsourced support vector machine design for secure drug discovery[J]. IEEE Transactions on Cloud Computing, 2018, 8(2): 610−622
[37] Wang Jing, Wu Libing, Wang Huaqun, et al. An efficient and privacy-preserving outsourced support vector machine training for Internet of medical things[J]. IEEE Internet of Things Journal, 2020, 8(1): 458−473
[38] Huang Hai, Wang Yongjian, Zong Haoren. Support vector machine classification over encrypted data[J]. Applied Intelligence, 2022, 52(6): 5938−5948 doi: 10.1007/s10489-021-02727-2
[39] Barnett A, Santokhi J, Simpson M, et al. Image classification using non-linear support vector machines on encrypted data[EB/OL]. [2022-08-15].https://eprint.iacr.org/2017/857.pdf
[40] Shao Yuhang, Tian Chengliang, Han Lidong, et al. Privacy-preserving and verifiable cloud-aided disease diagnosis and prediction with hyperplane decision-based classifier[J]. IEEE Internet of Things Journal, 2022, 9(21): 21648−21661 doi: 10.1109/JIOT.2022.3181734
[41] Chen Yange, Mao Qinyu, Wang Baocang, et al. Privacy-preserving multi-class support vector machine model on medical diagnosis[J]. IEEE Journal of Biomedical and Health Informatics, 2022, 26(7): 3342−3353 doi: 10.1109/JBHI.2022.3157592
[42] Charbuty B, Abdulazeez A. Classification based on decision tree algorithm for machine learning[J]. Journal of Applied Science and Technology Trends, 2021, 2(1): 20−28 doi: 10.38094/jastt20165
[43] Bost R, Popa R A, Tu S, et al. Machine learning classification over encrypted data[C/OL]//Proc of the 22nd Symp on Network and Distributed System Security. Piscataway, NJ: IEEE, 2015[2022-08-15]. https://www.ndss-symposium.org/wp-content/uploads/2017/09/04_1_2.pdf
[44] Wu D J, Feng T, Naehrig M, et al. Privately evaluating decision trees and random forests[C]//Proc of Privacy Enhancing Technologies Symp. Berlin: Springer, 2016: 335−355
[45] Tai R K H, Ma J P K, Zhao Yongjun, et al. Privacy-preserving decision trees evaluation via linear functions[C]//Proc of European Symp on Research in Computer Security. Berlin: Springer, 2017: 494−512
[46] Kiss Á, Naderpour M, Liu Jian, et al. Sok: Modular and efficient private decision tree evaluation[C]//Proc of Privacy Enhancing Technologies Symp. Berlin: Springer, 2019: 187−208
[47] Tueno A, Kerschbaum F, Katzenbeisser S. Private evaluation of decision trees using sublinear cost[C]//Proc of Privacy Enhancing Technologies Symp. Berlin: Springer, 2019: 266−286
[48] Zheng Yifeng, Duan Huayi, Wang Cong. Towards secure and efficient outsourcing of machine learning classification[C]//Proc of the 24th European Symp on Research in Computer Security. Berlin: Springer, 2019: 22−40
[49] Zheng Yifeng, Duan Huayi, Wang Cong, et al. Securely and efficiently outsourcing decision tree inference[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(3): 1841−1855 doi: 10.1109/TDSC.2020.3040012
[50] Akavia A, Leibovich M, Resheff Y S, et al. Privacy-preserving decision trees training and prediction[J]. ACM Transactions on Privacy and Security, 2022, 25(3): 1−30
[51] Ma J P K, Zhao Yongjun, Tai R K H. Let's stride blindfolded in a forest: Sublinear multi-client decision trees evaluation[C/OL]//Proc of the 28th Symp on Network and Distributed System Security. Piscataway, NJ: IEEE, 2021[2022-08-15]. https://www.ndss-symposium.org/wp-content/uploads/ndss2021_5C-1_23166_paper.pdf
[52] Liang Jinwen, Qin Zheng, Xiao Sheng, et al. Efficient and secure decision tree classification for cloud-assisted online diagnosis services[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(4): 1632−1644 doi: 10.1109/TDSC.2019.2922958
[53] Wang Chen, Wang Andi, Xu Jian, et al. Outsourced privacy-preserving decision tree classification service over encrypted data[J]. Journal of Information Security and Applications, 2020, 53: 1−13
[54] Liu Liu, Su Jinshu, Zhao Baokang, et al. Towards an efficient privacy-preserving decision tree evaluation service in the Internet of things[J]. Symmetry, 2020, 12(1): 1−16
[55] Liu Liu, Chen Rongmao, Liu Ximeng, et al. Towards practical privacy-preserving decision tree training and evaluation in the cloud[J]. IEEE Transactions on Information Forensics and Security, 2020, 15: 2914−2929 doi: 10.1109/TIFS.2020.2980192
[56] Aloufi A, Hu Peizhao, Wong H W H, et al. Blindfolded evaluation of random forests with multi-key homomorphic encryption[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(4): 1821−1835
[57] Wang Qinfan, Cui Shujie, Zhou Lei, et al. EnclaveTree: Privacy-preserving data stream training and inference using TEE[C]//Proc of the 17th ACM Asia Conf on Computer and Communications Security. New York: ACM, 2022: 741−755
[58] Bai Jianli, Song Xiangfu, Cui Shujie, et al. Scalable private decision tree evaluation with sublinear communication[C]//Proc of the 17th ACM Asia Conf on Computer and Communications Security. New York: ACM, 2022: 843−857
[59] Jain A K, Mao Jianchang, Mohiuddin K M. Artificial neural networks: A tutorial[J]. Computer, 1996, 29(3): 31−44 doi: 10.1109/2.485891
[60] Zhang Chuan, Zhu Liehuang, Xu Chang, et al. PPDP: An efficient and privacy-preserving disease prediction scheme in cloud-based e-Healthcare system[J]. Future Generation Computer Systems, 2018, 79: 16−25 doi: 10.1016/j.future.2017.09.002
[61] Zhang Xiaoyu, Chen Xiaofeng, Wang Jianfeng, et al. Verifiable privacy-preserving single-layer perceptron training scheme in cloud computing[J]. Soft Computing, 2018, 22(23): 7719−7732 doi: 10.1007/s00500-018-3233-7
[62] Ma Xindi, Ma Jianfeng, Li Hui, et al. PDLM: Privacy-preserving deep learning model on cloud with multiple keys[J]. IEEE Transactions on Services Computing, 2018, 14(4): 1251−1263
[63] Liu Yang, Ma Zhuo, Liu Ximeng, et al. Privacy-preserving object detection for medical images with faster R-CNN[J]. IEEE Transactions on Information Forensics and Security, 2019, 17: 69−84
[64] Osia S A, Shamsabadi A S, Sajadmanesh S, et al. A hybrid deep learning architecture for privacy-preserving mobile analytics[J]. IEEE Internet of Things Journal, 2020, 7(5): 4505−4518 doi: 10.1109/JIOT.2020.2967734
[65] Wagh S, Gupta D, Chandran N. SecureNN: 3-Party secure computation for neural network training[C]//Proc of Privacy Enhancing Technologies Symp. Berlin: Springer, 2019: 26−49
[66] Melissourgos D, Gao Hanzhi, Ma Chaoyi, et al. On outsourcing artificial neural network learning of privacy-sensitive medical data to the cloud[C]//Prof of the 33rd Int Conf on Tools with Artificial Intelligence. Piscataway, NJ: IEEE, 2021: 381−385
[67] Shamsabadi A S, Gascón A, Haddadi H, et al. PrivEdge: From local to distributed private training and prediction[J]. IEEE Transactions on Information Forensics and Security, 2020, 15: 3819−3831
[68] Liu Xiaoning, Zheng Yifeng, Yuan Xingliang, et al. MediSC: Towards secure and lightweight deep learning as a medical diagnostic service[C]//Prof of the 26th European Symp on Research in Computer Security. Berlin: Springer, 2021: 519−541
[69] Huang Kai, Liu Ximeng, Fu Shaojing, et al. A lightweight privacy-preserving CNN feature extraction framework for mobile sensing[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(3): 1441−1455
[70] Zheng Yifeng, Duan Huayi, Tang Xiaoting, et al. Denoising in the dark: Privacy-preserving deep neural network-based image denoising[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(3): 1261−1275 doi: 10.1109/TDSC.2019.2907081
[71] Juvekar C, Vaikuntanathan V, Chandrakasan A. GAZELLE: A low latency framework for secure neural network inference[C]//Proc of the 28th USENIX Security Symp. Berkeley, CA: USENIX Association, 2018: 1651−1669
[72] Mishra P, Lehmkuhl R, Srinivasan A, et al. Delphi: A cryptographic inference service for neural networks[C]//Proc of the 29th USENIX Security Symp. Berkeley, CA: USENIX Association, 2020: 2505−2522
[73] Zhang Qiao, Xin Chunsheng, Wu Hongyi. GALA: Greedy computation for linear algebra in privacy-preserved neural networks[C/OL]//Proc of the 28th Symp on Network and Distributed System Security. Piscataway, NJ: IEEE, 2021 [2022-08-15]. https://www.ndss-symposium.org/wp-content/uploads/ndss2021_5C-3_24351_paper.pdf
[74] Lehmkuhl R, Mishra P, Srinivasan A, et al. Muse: Secure inference resilient to malicious clients[C]//Proc of the 30th USENIX Security Symp. Berkeley, CA: USENIX Association, 2021: 2201−2218
[75] Riazi M S, Weinert C, Tkachenko O, et al. Chameleon: A hybrid secure computation framework for machine learning applications[C]//Proc of the 13th ACM Asia Conf on Computer and Communications Security. New York: ACM, 2018: 707−721
[76] Riazi M S, Samragh M, Chen Hao, et al. XNOR: XNOR-based oblivious deep neural network inference[C]//Proc of the 28th USENIX Security Symp. Berkeley, CA: USENIX Association, 2019: 1501−1518
[77] Rathee D, Rathee M, Kumar N, et al. CrypTFlow2: Practical 2-party secure inference[C]//Proc of ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2020: 325−342
[78] Agrawal N, Shahin S A, Kusner M J, et al. QUOTIENT: Two-party secure neural network training and prediction[C]//Proc of ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2019: 1231−1247
[79] Liu Xiaoning, Wu Bang, Yuan Xingliang, et al. Leia: A lightweight cryptographic neural network inference system at the edge[J]. IEEE Transactions on Information Forensics and Security, 2021, 17: 237−252
[80] Liu Xiaoning, Zheng Yifeng, Yuan Xingliang, et al. Securely outsourcing neural network Inference to the cloud with lightweight techniques[J/OL]. IEEE Transactions on Dependable and Secure Computing, 2022[2022-10-25]. https://ieeexplore.ieee.org/document/9674792
[81] Chaudhari H, Rachuri R, Suresh A. Trident: Efficient 4PC framework for privacy preserving machine learning[C/OL]//Proc of the 27th Symp on Network and Distributed System Security. Piscataway, NJ: IEEE, 2020[2022-08-15]. https://www.ndss-symposium.org/wp-content/uploads/2020/02/23005-paper.pdf
[82] Mohassel P, Rindal P. ABY3: A mixed protocol framework for machine learning[C]//Proc of ACM SIGSAC Conf on Computer and Communications Security. New York: ACM, 2018: 35−52
[83] Koti N, Pancholi M, Patra A, et al. SWIFT: Super-fast and robust privacy-preserving machine learning[C]//Proc of the 30th USENIX Security Symp. Berkeley, CA: USENIX Association, 2021: 2651−2668
[84] Koti N, Patra A, Rachuri R, et al. Tetrad: Actively secure 4PC for secure training and inference[C/OL]//Proc of the 29th Symp on Network and Distributed System Security. Piscataway, NJ: IEEE, 2022[2022-08-15]. https://www.ndss-symposium.org/wp-content/uploads/2022−120-paper.pdf
[85] Liu Yingqi, Ma Shiqing, Aafer Y, et al. Trojaning attack on neural networks[C/OL]//Proc of the 25th Symp on Network and Distributed System Security. Piscataway, NJ: IEEE, 2018[2022-08-15]. https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss2018_03A-5_Liu_paper.pdf
-
期刊类型引用(7)
1. 张淑芬,张宏扬,任志强,陈学斌. 联邦学习的公平性综述. 计算机应用. 2025(01): 1-14 . 
百度学术
2. 朱智韬,司世景,王健宗,程宁,孔令炜,黄章成,肖京. 联邦学习的公平性研究综述. 大数据. 2024(01): 62-85 . 百度学术
3. 李锦辉,吴毓峰,余涛,潘振宁. 数据孤岛下基于联邦学习的用户电价响应刻画及其应用. 电力系统保护与控制. 2024(06): 164-176 . 百度学术
4. 刘新,刘冬兰,付婷,王勇,常英贤,姚洪磊,罗昕,王睿,张昊. 基于联邦学习的时间序列预测算法. 山东大学学报(工学版). 2024(03): 55-63 . 百度学术
5. 赵泽华,梁美玉,薛哲,李昂,张珉. 基于数据质量评估的高效强化联邦学习节点动态采样优化. 智能系统学报. 2024(06): 1552-1561 . 百度学术
6. 杨秀清,彭长根,刘海,丁红发,汤寒林. 基于数据质量评估的公平联邦学习方案. 计算机与数字工程. 2022(06): 1278-1285 . 百度学术
7. 黎志鹏. 高可靠的联邦学习在图神经网络上的聚合方法. 工业控制计算机. 2022(10): 85-87+90 . 百度学术
其他类型引用(10)
计量
- 文章访问数: 388
- HTML全文浏览量: 92
- PDF下载量: 202
- 被引次数: 17
