Abstract
Deep Learning (DL) has already shown tremendous potential in designing intelligent clinical support systems in biomedicine. Data privacy plays a significant role while training and testing DL models, especially for sensitive data. Privacy-Preserving Deep Learning (PPDL) applications in Healthcare are rapidly growing as medical informatics deals with sensitive data. This work reviews the recent advances in PPDL techniques in Healthcare. It first analyzes the need of PPDL in healthcare informatics using a threat model and then discusses privacy-preserving computation techniques for secure data processing and evaluation. Next, it focuses on DL applications over Healthcare in three categories: (i) PPDL in the private cloud, (ii) PPDL in the public cloud, and (iii) privacy based on modifications in DL architectures. Next, we examine data privacy at different stages of DL deployment in Healthcare, including input, model, training, and output. We also provide a summary of the evaluation outcomes of the solutions reviewed. Additionally, we highlight the unique challenges in PPDL for Healthcare and offer suggestions for future research directions.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Data availability
Data will be provided based on a request to the corresponding author.
References
Afshar P, Mohammadi A, Plataniotis KN (2018) Brain tumor type classification via capsule networks. IEEE international conference on image processing (ICIP). IEEE, New York, pp 3129–3133
Agwa NA, Kobayashi T, Sugimoto C, Kohno R (2020) Security of patient’s privacy in E-Health using secret sharing and homomorphism encryption scheme. International technical conference on circuits/systems, computers and communications (ITC-CSCC). IEEE, New York, pp 155–160
Ahamed SI, Ravi V (2022) Privacy-preserving wavelet wavelet neural network with fully homomorphic encryption. arXiv preprint arXiv:2205.13265
Alabdulatif A, Kaosar M (2016) Privacy-preserving cloud computation using the Domingo-Ferrer scheme. J King Saud Univ Comput Inform Sci 28(1):27–36
Alabdulatif A, Kumarage H, Khalil I, Yi X (2017) Privacy-preserving anomaly detection in the cloud with lightweight homomorphic encryption. J Comput Syst Sci 90:28–45
Ali A, Rahim HA, Ali J, Pasha MF, Masud M, Rehman AU, Baz M (2021) A novel secure blockchain framework for accessing electronic health records using multiple certificate authority. Appl Sci 11(21):9999
Ali A, Almaiah MA, Hajjej F, Pasha MF, Fang OH, Khan R, Zakarya M (2022a) An industrial IoT-based blockchain-enabled secure searchable encryption approach for healthcare systems using neural networks. Sensors 22(2):572
Ali A, Pasha MF, Ali J, Fang OH, Masud M, Jurcut AD, Alzain MA (2022b) Deep learning based homomorphic secure search-able encryption for keyword search in blockchain healthcare system: a novel approach to cryptography. Sensors 22(2):528
Almaiah MA, Ali A, Hajjej F, Pasha MF, Alohali MA (2022a) A lightweight hybrid deep learning privacy-preserving model for FC-based industrial internet of medical things. Sensors 22(6):2112
Almaiah MA, Hajjej F, Ali A, Pasha MF, Almomani O (2022b) A novel hybrid trustworthy decentralized authentication and data preservation model for digital Healthcare IoT-based CPS. Sensors 22(4):1448
Alzubi OA, Alzubi JA, Shankar K, Gupta D (2021) Blockchain and artificial intelligence-enabled privacy-preserving medical data transmission in the internet of things. Trans Emerg Telecommun Technol 32(12):e4360
Beaulieu-Jones BK, Wu ZS, Williams C, Lee R, Bhavnani SP, Byrd JB, Greene CS (2019) Privacy-preserving generative deep neural networks support clinical data sharing. Circul Cardiovasc Qual Outcomes 12(7):e005122
Biggio B, Corona I, Maiorca D, Nelson B, Šrndić N, Laskov P, Roli F (2013) Evasion attacks against machine learning at test time. Joint European conference on machine learning and knowledge discovery in databases. Springer, Heidelberg, pp 387–402
Bittner K, De Cock M, Dowsley R (2021) Private emotion recognition with secure multiparty computation
Boura C, Gama N, Georgieva M (2018) Chimera: a unified framework for B/FV, TFHE, and HEAAN fully homomorphic encryption and predictions for deep learning. IACR Cryptol Eprint Arch 2018:758
Carpov S, Nguyen TH, Sirdey R, Constantino G, Martinelli F (2016) Practical privacy-preserving medical diagnosis using homomorphic encryption. IEEE 9th international conference on cloud computing (CLOUD). IEEE, New York, pp 593–599
Chabanne H, De Wargny A, Milgram J, Morel C, Prouff E (2017) Privacy-preserving classification on deep neural network. Cryptology ePrint Archive
Chang S, Li C (2018) Privacy in neural network learning: threats and countermeasures. IEEE Network 32(4):61–67
Chen H, Zhang Y, Kalra MK, Lin F, Chen Y, Liao P, Wang G (2017) Low-dose CT with a residual encoder-decoder convolutional neural network. IEEE Trans Med Imaging 36(12):2524–2535
Chen X, Ji J, Luo C, Liao W, Li P (2018) When machine learning meets blockchain: a decentralized, privacy-preserving and secure design. IEEE international conference on big data (big data). IEEE, New York, pp 1178–1187
Cho H, Simmons S, Kim R, Berger B (2020) Privacy-preserving biomedical database queries with optimal privacy-utility trade-offs. Cell Syst 10(5):408–416
Choudhury O, Gkoulalas-Divanis A, Salonidis T, Sylla I, Park Y, Hsu G, Das A (2019) Differential privacy-enabled federated learning for sensitive health data. arXiv preprint arXiv:1910.02578
Collins A, Yao Y (2018) Machine learning approaches data integration for disease prediction and prognosis. Applied computational genomics. Springer, Singapore, pp 137–141
Deng L (2014) A tutorial survey of architectures, algorithms, and applications for deep learning. APSIPA Trans Signal Inform Process 3:e2
Dutil F, See A, Di Jorio L, Chandelier F (2021) Application of homomorphic encryption in medical imaging. arXiv preprint arXiv:2110.07768
Ermakova T, Fabian B (2013) Secret sharing for health data in multi-provider clouds. IEEE 15th conference on business informatics. IEEE, New York, pp 93–100
Esteva A, Kuprel B, Novoa RA, Ko J, Swetter SM, Blau HM, Thrun S (2017) Dermatologist-level classification of skin cancer with deep neural networks. Nature 542(7639):115–118
Fang L, Yin C, Zhu J, Ge C, Tanveer M, Jolfaei A, Cao Z (2020) Privacy protection for medical data sharing in smart Healthcare. ACM Trans Multimed Comput Commun Appl 16(3):1–18
Finlayson SG, Bowers JD, Ito J, Zittrain JL, Beam AL, Kohane IS (2019) Adversarial attacks on medical machine learning. Science 363(6433):1287–1289
Gondara L (2016) Medical image denoising using convolutional denoising autoencoders. IEEE 16th international conference on data mining workshops (ICDMW). IEEE, New York, pp 241–246
Gulshan V, Peng L, Coram M, Stumpe MC, Wu D, Narayanaswamy A, Webster DR (2016) Development and validation of a deep learning algorithm for detection of diabetic retinopathy in retinal fundus photographs. JAMA 316(22):2402–2410
Hayes J, Melis L, Danezis G, De Cristofaro E (2017) LOGAN: evaluating privacy leakage of generative models using generative adversarial networks. arXiv preprint arXiv:1705.07663, pp. 506–519
Hesamifard E, Takabi H, Ghasemi M (2017) Cryptodl: deep neural networks over encrypted data. arXiv preprint arXiv:1711.05189
Jiang X, Kim M, Lauter K, Song Y (2018) Secure outsourced matrix computation and application to neural networks. In Proceedings of the 2018 ACM SIGSAC conference on computer and communications security. pp. 1209–1222
Jordon J, Yoon J, Van Der Schaar M (2018) PATE-GAN: generating synthetic data with differential privacy guarantees. In International conference on learning representations
Juuti M, Szyller S, Marchal S, Asokan N (2019) PRADA: protecting against DNN model stealing attacks. IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, New York, pp 512–527
Juvekar C, Vaikuntanathan V, Chandrakasan A (2018) {GAZELLE}: a low latency framework for secure neural network inference. In 27th USENIX Security Symposium (USENIX Security 18). pp. 1651–1669
Kahrobaei D, Wood A, Kayvannajarian (2020) Homomorphic encryption for machine learning in medicine and bioinformatics. ACM Comput Surv 1:1–36
Kaplan D, Powell J, Woller T (2016) AMD memory encryption. White paper
Kim M, Lee J, Ohno-Machado L, Jiang X (2019) Secure and differentially private logistic regression for horizontally distributed data. IEEE Trans Inform Forens Secur 15:695–710
Kim J, Kim J, Chang H (2020) Research on behavior-based data leakage incidents for the sustainable growth of an organization. Sustainability 12(15):6217
Kuo TT (2020) The anatomy of a distributed predictive modeling framework: online learning, blockchain network, and consensus algorithm. JAMIA Open 3(2):201–208
LeCun Y, Bengio Y, Hinton G (2015) Deep learning. Nature 521(7553):436–444
Lee GH, Shin SY (2020) Federated learning on clinical benchmark data: performance assessment. J Med Internet Res 22(10):e20891
Lee J, Sun J, Wang F, Wang S, Jun CH, Jiang X (2018) Privacy-preserving patient similarity learning in a federated environment: development and analysis. JMIR Med Inform 6(2):e7744
Li Y, Wang Y, Li D (2019a) Privacy-preserving lightweight face recognition. Neurocomputing 363:212–222
Li W, Milletarì F, Xu D, Rieke N, Hancox J, Zhu W, Feng A (2019b) Privacy-preserving federated brain tumor segmentation. International workshop on machine learning in medical imaging. Springer, Cham, pp 133–141
Li Y, Zhang H, Bermudez C, Chen Y, Landman BA, Vorobeychik Y (2020a) Anatomical context protects deep learning from adversarial perturbations in medical imaging. Neurocomputing 379:370–378
Li Z, Liu J, Hao J, Wang H, Xian M (2020b) CrowdSFL: a secure crowd-computing framework based on blockchain and federated learning. Electronics 9(5):773
Lipton ZC, Kale DC, Elkan C, Wetzel R (2015) Learning to diagnose with LSTM recurrent neural networks. arXiv preprint arXiv:1511.03677
Liu W, Wang Z, Liu X, Zeng N, Liu Y, Alsaadi FE (2017b) A survey of deep neural network architectures and their applications. Neurocomputing 234:11–26
Liu W, Pan F, Wang XA, Cao Y, Tang D (2018a) Privacy-preserving all convolutional net based on homomorphic encryption. International conference on network-based information systems. Springer, Cham, pp 752–762
Liu X, Deng RH, Yang Y, Tran HN, Zhong S (2018b) Hybrid privacy-preserving clinical decision support system in fog–cloud computing. Futur Gener Comput Syst 78:825–837
Liu X, Xie L, Wang Y, Zou J, Xiong J, Ying Z, Vasilakos AV (2020) Privacy and security issues in deep learning: a survey. IEEE Access 9:4566–4593
Liu, J., Juuti, M., Lu, Y., & Asokan, N. (2017a). Oblivious neural network predictions via minion transformations. In Proceedings of the 2017a ACM SIGSAC conference on computer and communications security. pp. 619–631
Maitrey S, Jha CK (2015) MapReduce: simplified data analysis of big data. Procedia Computer Science 57:563–571
Malarvizhi Kumar P, Hong CS, Chandra Babu G, Selvaraj J, Gandhi UD (2021) Cloud-and IoT-based deep learning technique-incorporated secured health monitoring systems for deadly diseases. Soft Comput 25(18):12159–12174
Malin BA, Emam KE, O’Keefe CM (2013) Biomedical data privacy: problems, perspectives, and recent advances. J Am Med Inform Assoc 20(1):2–6
Mannam S (2020) Applications of deep learning in healthcare. J Young Invest 1:15–17
Mao Y, Hong W, Zhu B, Zhu Z, Zhang Y, Zhong S (2021) Secure deep neural network models publishing against membership inference attacks via training task parallelism. IEEE Trans Parallel Distrib Syst 33(11):3079–3091
Mazurowski MA, Buda M, Saha A, Bashir MR (2019) Deep learning in radiology: an overview of the concepts and a survey of the state of the art with a focus on MRI. J Magn Reson Imaging 49(4):939–954
Miotto R, Wang F, Wang S, Jiang X, Dudley JT (2018) Deep learning for healthcare: review, opportunities and challenges. Brief Bioinform 19(6):1236–1246
Moghimi A, Irazoqui G, Eisenbarth T (2017) Cachezoom: how SGX amplifies the power of cache attacks. International conference on cryptographic hardware and embedded systems. Springer, Cham, pp 69–90
Mohapatra S, Swarnkar T, Das J (2021) Deep convolutional neural network in medical image processing. Handbook of deep learning in biomedical engineering. Academic Press, Cambridge, pp 25–60
Moqurrab SA, Tariq N, Anjum A, Asheralieva A, Malik SU, Malik H, Gill SS (2022) A deep learning-based privacy-preserving model for smart healthcare in internet of medical things using fog computing. Wireless Pers Commun 126(3):2379–2401
Naresh VS, Thamarai M (2023) Privacy-preserving data mining and machine learning in healthcare: applications, challenges, and solutions. Wiley Interdiscip Rev: Data Mining Knowl Discovery 13(2):e1490
Onesimu JA, Karthikeyan J, Viswas DSJ, Sebastian RD (2021) Security and privacy challenges of deep learning: a comprehensive survey. Research anthology on privatizing and securing data. IGI Global, Hershey, pp 1258–1280
Orekondy T, Schiele B, Fritz M (2019) Knockoff nets: stealing functionality of black-box models. In Proceedings of the IEEE/CVF conference on computer vision and pattern recognition. pp. 4954–4963
Pettai M, Laud P (2015). Combining differential privacy and secure multiparty computation. In Proceedings of the 31st annual computer security applications conference. pp. 421–430
Pyrgelis A, Troncoso C, De Cristofaro E (2017) Knock knock, who’s there? Membership inference on aggregate location data. arXiv preprint arXiv:1708.06145
Ranbaduge T, Vatsalan D, Ding M (2022) Privacy-preserving deep learning based record linkage. arXiv preprint arXiv:2211.02161
Ravì D, Wong C, Deligianni F, Berthelot M, Andreu-Perez J, Lo B, Yang GZ (2016) Deep learning for health informatics. IEEE J Biomed Health Inform 21(1):4–21
Riazi MS, Samragh M, Chen H, Laine K, Lauter K, Koushanfar F (2019) {XONN}:{XNOR-based} oblivious deep neural network inference. In 28th USENIX Security Symposium (USENIX Security 19). pp. 1501–1518
Rieke N (2020) The future of digital health with federated learning. NPJ Digit Med 3:1–7
Shokri R, Stronati M, Song C, Shmatikov V (2017) Membership inference attacks against machine learning models. IEEE Symposium on security and privacy (SP). IEEE, New York, pp 3–18
Son Y, Han K, Lee YS, Yu J, Im YH, Shin SY (2021) Privacy-preserving breast cancer recurrence prediction based on homomorphic encryption and secure two-party computation. PLoS ONE 16(12):e0260681
Su J, Vargas DV, Sakurai K (2019) One pixel attack for fooling deep neural networks. IEEE Trans Evol Comput 23(5):828–841
Sumana M, Hareesha KS (2014) Privacy-preserving naïve Bayes classifier for horizontally partitioned data using secure division. Int J Network Secur Appl 6:17–17
Sun Y, Wen Q, Zhang Y, Li W (2014) Privacy-preserving self-helped medical diagnosis scheme based on secure two-party computation in wireless sensor networks. Comput Math Methods Med. https://doi.org/10.1155/2014/214841
Torkzadehmahani R, Nasirigerdeh R, Blumenthal DB, Kacprowski T, List M, Matschinske J, Baumbach J (2022) Privacy-preserving artificial intelligence techniques in biomedicine. Methods Inform Med 61:e12–e27
Tramer F, Boneh D (2018) Slalom: fast, verifiable, and private execution of neural networks in trusted hardware. arXiv preprint arXiv:1806.03287
Truex S, Baracaldo N, Anwar A, Steinke T, Ludwig H, Zhang R, Zhou Y (2019) A hybrid approach to privacy-preserving federated learning. In Proceedings of the 12th ACM workshop on artificial intelligence and security. pp. 1–11
Usman M, Latif S, Asim M, Lee BD, Qadir J (2020) Retrospective motion correction in multishot MRI using the generative adversarial network. Sci Rep 10(1):1–11
Vengadapurvaja AM, Nisha G, Aarthy R, Sasikaladevi N (2017) An efficient homomorphic medical image encryption algorithm for cloud storage security. Procedia Comput Sci 115:643–650
Vizitiu A, Niţă CI, Puiu A, Suciu C, Itu LM (2019) Towards privacy-preserving deep learning-based medical imaging applications. IEEE international symposium on medical measurements and applications (MeMeA). IEEE, New York, pp 1–6
Vulapula SR, Srinivas M (2018) Review on privacy preserving of medical data in cloud computing system. Indian J Public Health Res Dev 9(12):2261
Wang S, Bonomi L, Dai W, Chen F, Cheung C, Bloss CS, Jiang X (2016) Big data privacy in biomedical research. IEEE Trans Big Data 6(2):296–308
Waye L (2014) Privacy-integrated data stream queries. In Proceedings of the 2014 international workshop on privacy & security in programming. pp. 19–26
Yao ACC (1986) How to generate and exchange secrets. Annual symposium on foundations of computer science (FCS 1986). IEEE, New York, pp 162–167
Yao ZJ, Bi J, Chen YX (2018) Applying deep learning to individual and community health monitoring data: a survey. Int J Autom Comput 15(6):643–655
Yue Z, Ding S, Zhao L, Zhang Y, Cao Z, Tanveer M, Zheng X (2021) Privacy-preserving time-series medical images analysis using a hybrid deep learning framework. ACM Trans Internet Technol (TOIT) 21(3):1–21
Zhang D, Chen X, Wang D, Shi J (2018) A survey on collaborative deep learning and privacy-preserving. IEEE Third international conference on data science in cyberspace (DSC). IEEE, New York, pp 652–658
Zhang X, Ding J, Wu M, Wong ST, Van Nguyen H, Pan M (2021) Adaptive privacy-preserving deep learning algorithms for medical data. In Proceedings of the IEEE/CVF winter conference on applications of computer vision. pp. 1169–1178
Zheng T, Xie W, Xu L, He X, Zhang Y, You M, Chen Y (2017) A machine learning-based framework to identify type 2 diabetes through electronic health records. Int J Med Inform 97:120–127
Funding
No funding was received.
Author information
Authors and Affiliations
Contributions
Vankamamidi S Naresh Conceptualization-Lead, Data curation-Equal, Formal analysis-Lead, Investigation-Equal, Methodology-Lead, Writing – original draft-Equal, Writing – review & editing-Equal. Thamarai M Conceptualization-Supporting, Data curation-Equal, Formal analysis-Supporting, Investigation-Equal, Methodology-Supporting, Writing – original draft-Equal, Writing – review & editing-Equal. V V L Divakar A Prepared figures and all Review and editing Works
Corresponding author
Ethics declarations
Competing interests
The authors declare that they have no competing interests.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Naresh, V.S., Thamarai, M. & Allavarpu, V.V.L.D. Privacy-preserving deep learning in medical informatics: applications, challenges, and solutions. Artif Intell Rev 56 (Suppl 1), 1199–1241 (2023). https://doi.org/10.1007/s10462-023-10556-7
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10462-023-10556-7