
@Article{jihpp.2021.026944,
AUTHOR = {Yichuan Liu, Chungen Xu, Lei Xu, Lin Mei, Xing Zhang, Cong Zuo},
TITLE = {Verifiable Privacy-Preserving Neural Network on Encrypted Data},
JOURNAL = {Journal of Information Hiding and Privacy Protection},
VOLUME = {3},
YEAR = {2021},
NUMBER = {4},
PAGES = {151--164},
URL = {http://www.techscience.com/jihpp/v3n4/47055},
ISSN = {2637-4226},
ABSTRACT = {The widespread acceptance of machine learning, particularly of neural 
networks leads to great success in many areas, such as recommender systems, 
medical predictions, and recognition. It is becoming possible for any individual 
with a personal electronic device and Internet access to complete complex 
machine learning tasks using cloud servers. However, it must be taken into 
consideration that the data from clients may be exposed to cloud servers. Recent 
work to preserve data confidentiality has allowed for the outsourcing of services 
using homomorphic encryption schemes. But these architectures are based on 
honest but curious cloud servers, which are unable to tell whether cloud servers 
have completed the computation delegated to the cloud server. This paper 
proposes a verifiable neural network framework which focuses on solving the 
problem of data confidentiality and training integrity in machine learning. 
Specifically, we first leverage homomorphic encryption and extended diagonal 
packing method to realize a privacy-preserving neural network model efficiently, 
it enables the user training over encrypted data, thereby protecting the user’s 
private data. Then, considering the problem that malicious cloud servers are 
likely to return a wrong result for saving cost, we also integrate a training 
validation modular Proof-of-Learning, a strategy for verifying the correctness of 
computations performed during training. Moreover, we introduce practical 
byzantine fault tolerance to complete the verification progress without a 
verifiable center. Finally, we conduct a series of experiments to evaluate the 
performance of the proposed framework, the results show that our construction 
supports the verifiable training of PPNN based on HE without introducing much 
computational cost.},
DOI = {10.32604/jihpp.2021.026944}
}