Abstract
Support vector machine is one of the most extensively used machine learning algorithms. A typical application scenario of support vector machine classification is the client-server model where a client holding an image requests a server holding a support vector machine model to provide image classification services. However, applying support vector machine in the client-server model requires careful attention to maintain data privacy. In this paper, we will propose a privacy-preserving support vector machine classification scheme based on fully homomorphic encryption. Our scheme guarantees that the server cannot learn the user’s image while providing classification service and the client eventually obtains the classification result without learning about the support vector machine model. We introduce several novel techniques to optimize our proposal. Specifically, we use the single instruction multiple data techniques to accelerate the linear component and the approximate method to compute the non-linear component. Our scheme significantly improves computational and communication performance compared to the state-of-the-art work. Experimental results show that our scheme takes only seconds to classify an encrypted image while the state-of-the-art work takes several hundred seconds.
Similar content being viewed by others
References
Corinna C, Vladimir V (1995) Support vector networks. Mach Learn 20(3):273–297
Gentry C Fully homomorphic encryption using ideal lattices. In: Proceedings of the forty-first annual ACM symposium on Theory of computing (STOC’09). ACM, New York, pp 169–s178
Rahulamathavan Y, Phan RC-W, Veluru S, Cumanan K, Rajarajan M (2014) Privacy-preserving multi-class support vector machine for outsourcing the data classification in cloud. IEEE Trans Dependable Sec Comput 11(5):467–479
Paillier P (1592) Public-Key Cryptosystems based on composite degree residuosity classes. In: Stern J (ed) Advances in cryptology -EUROCRYPT’99. EUROCRYPT 1999. Springer, Berlin
Barnett A, Santokhi J, Simpson M, Smart NP, Stainton-Bygrave C, Vivek S, Waller A (2017) Image Classification using non-linear Support Vector Machines on Encrypted Data. IACR Cryptol ePrint Arch 2017:857
Sadegh Riazi M, Weinert C, Tkachenko O, Songhori EM, Schneider T, Koushanfar F Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications[C]. Proceedings of the 2018 on Asia Conference on Computer and Communications Security. In cheon, Republic of Korea
De Cock M, et al. (2019) Efficient and Private Scoring of Decision Trees, Support Vector Machines and Logistic Regression Models Based on Pre-Computation. IEEE Trans Dependable Sec Comput 16(2), pp 217–230
Goldreich O (2004) Foundations of cryptography: Volume 2, basic applications. Cambridge University Press, USA
Makri E, Rotaru D, Smart NP, Vercauteren F (2019) EPIC: Efficient Private Image Classification (or: Learning from the Masters). CT-RSA:473–492
Yu H, Jiang X, Vaidya J (2006) Privacy-preserving SVM using nonlinear kernels on horizontally partitioned data[C]. In: Proceedings of the ACM Symposium on Applied Computing (SAC), Dijon, pp 603–610
Yu H, Vaidya J, Jiang X (2006) Privacy-Preserving SVM Classification on vertically partitioned data. In: Ng WK, Kitsuregawa M, Li J, Chang K (eds) Advances in knowledge discovery and data mining. PAKDD 2006. Lecture notes in computer science, vol 3918. Springer, Berlin
Laur S, Lipmaa H, Mielikainen T (2006) Cryptographically private support vector Machines[C]. In: proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining, pp 618–624
Vaidya J, Yu H, Jiang X (2008) Privacy-Preserving SVM Classification[J]. Knowl Inf Syst 14(2):161–178
Lin K, Chen M (2010) Privacy-preserving outsourcing support vector machines with random transformation. Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Washington, pp 363–372
Katz J, Lindell Y (2014) Introduction to Modern Cryptography, 2nd. ed. Chapman and Hall/CRC
Liu X, Deng R, Choo KKR, et al. (2018) Privacy-Preserving outsourced support vector machine design for secure drug Discovery[J]. IEEE Trans Cloud Comput:1–1
Liu X, Choo K-KR, Deng RH, Lu R, Weng J (2016) Efficient and privacy-preserving outsourced computation of rational numbers. IEEE J Biomed Health Inform 20:655–668
Crawford JLH, Gentry C, Halevi S, Platt D, Shoup V (2018) Doing Real Work with FHE: The Case of Logistic Regression. In: Proceedings of the 6th Workshop on Encrypted Computing and Applied Homomorphic Cryptography (WAHC ’18). Association for Computing Machinery, New York, pp 1–12
Kim M, Song Y, Wang S, Xia Y, Jiang X (2018) Secure Logistic Regression based on Homomorphic Encryption. https://eprint.iacr.org/2018/074. Cryptology ePrint Archive, Report 2018/074
Kim A, Song Y, Kim M, Lee K, Cheon JH (2018) Logistic regression model training based on the approximate homomorphic encryption. BMC Med Genet 11:2018
Chen H, Gilad-Bachrach R, Han K, et al. (2018) Logistic regression over encrypted data from fully homomorphic encryption. BMC Med Genomics 11:81
Dowlin N, Gilad-Bachrach R, Laine K, Lauter K, Naehrig M, Wernsing J CryptoNets: applying neural networks to encrypted data with high throughput and accuracy. In: Proceedings of the 33rd International Conference on International Conference on Machine Learning (ICML’16), vol 48. JMLR.org 201-210
Jiang X, Kim M, Lauter K, Song Y (2018) Secure Outsourced Matrix Computation and Application to Neural Networks. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS’18). Association for Computing Machinery, New York, pp 1209–1222
Brutzkus A, Gilad-Bachrach R, Elisha O (2019) Low latency privacy preserving inference. ICML, pp 812–821
Brakerski Z, Vaikuntanathan V (2011) Efficient fully homomorphic encryption from (standard) LWE. IEEE 52nd Annual Symposium on Foundations of Computer Science, FOCS 2011, Palm, pp 97–106
Smart NP, Vercauteren F (April 2014) Fully homomorphic SIMD operations. Des Codes Cryptogr 71(1):57–81
Bishop MLA, Christopher M (2006) Pattern recognition and machine learning. Springer, New York
Halevi S, Shoup V (2014) Algorithms in HElib. In: Garay J.A, Gennaro R (eds) Advances in Cryptology-CRYPTO 2014, Lecture Notes in Computer Science, vol 8616. Springer, Berlin
Cheon JH, Kim D, Kim D, Lee HH, Lee K (2019) Numerical Method for Comparison on Homomorphically Encrypted Numbers. Cryptology ePrint Archive: Report 2019/417. To appear in ASIACRYPT 2019
CIFAR-10, https://www.kaggle.com/c/cifar-10/data
Dala N, Triggs B (2005) Histograms of oriented gradients for human detection. In: 2005 IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR 2005), San Diego, pp 886–893
Alpaydin E, Learning Introduction to Machine. 2nd edn. MIT Press (2010)
Microsoft SEAL release 3.4 (2019). https://github.com/Microsoft/SEAL
Cheon JH, Kim A, Kim M, Song Y Homomorphic encryption for arithmetic of approximate numbers. In: Advances in Cryptology-ASIACRYPT 2017: 23rd International Conference on the Theory and Application of Cryptology and Information Security. Springer, pp 409–437
Tramär F, Zhang F, Juels A, Reiter MK, Ristenpart T Stealing Machine Learning Models via Prediction APIs. In: 25th USENIX Security Symposium (USENIX Security 16). USENIX Association, Austin, pp 601–618
Liu J, Juuti M, Lu Y, Asokan N (2017) Oblivious Neural Network Predictions via miniONN Transformations. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’17). Association for Computing Machinery, New York, pp 619–631
Funding
Not applicable.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflicts of interest
The authors declare that they have no conflict of interest.
Additional information
Availability of data and material
The data is publicly available.
Code availability
The code is available upon request.
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Huang, H., Wang, Y. & Zong, H. Support vector machine classification over encrypted data. Appl Intell 52, 5938–5948 (2022). https://doi.org/10.1007/s10489-021-02727-2
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10489-021-02727-2