Evaluating Privacy-Preserving Machine Learning in Critical Infrastructures: A Case Study on Time-Series Classification

With the advent of machine learning in applications of critical infrastructure such as healthcare and energy, privacy is a growing concern in the minds of stakeholders. It is pivotal to ensure that neither the model nor the data can be used to extract sensitive information used by attackers against individuals or to harm whole societies through the exploitation of critical infrastructure. The applicability of machine learning in these domains is mostly limited due to a lack of trust regarding the transparency and the privacy constraints. Various safety-critical use cases (mostly relying on time-series data) are currently underrepresented in privacy-related considerations. By evaluating several privacy-preserving methods regarding their applicability on time-series data, we validated the inefficacy of encryption for deep learning, the strong dataset dependence of differential privacy, and the broad applicability of federated methods.

[1]  Zehong Cao,et al.  Privacy-preserving time series medical images analysis using a hybrid deep learning framework , 2020, ACM Trans. Internet Techn..

[2]  Úlfar Erlingsson,et al.  The Secret Sharer: Evaluating and Testing Unintended Memorization in Neural Networks , 2018, USENIX Security Symposium.

[3]  Anca D. Dragan,et al.  Model Reconstruction from Model Explanations , 2018, FAT.

[4]  Ian Goodfellow,et al.  Deep Learning with Differential Privacy , 2016, CCS.

[5]  Anand D. Sarwate,et al.  Differentially Private Empirical Risk Minimization , 2009, J. Mach. Learn. Res..

[6]  Morten Dahl,et al.  Private Machine Learning in TensorFlow using Secure Computation , 2018, ArXiv.

[7]  Mohammad Al-Rubaie,et al.  Privacy-Preserving Machine Learning: Threats and Solutions , 2018, IEEE Security & Privacy.

[8]  Arutyun Avetisyan,et al.  Privacy-preserving neural networks with Homomorphic encryption: Challenges and opportunities , 2021, Peer-to-Peer Networking and Applications.

[9]  Deniz Gündüz,et al.  Privacy-Aware Time-Series Data Sharing With Deep Reinforcement Learning , 2021, IEEE Transactions on Information Forensics and Security.

[10]  Jun Sakuma,et al.  Differentially Private Empirical Risk Minimization with Input Perturbation , 2017, DS.

[11]  Shashi Narayan,et al.  Privacy-preserving Neural Representations of Text , 2018, EMNLP.

[12]  Peng Cheng,et al.  Challenges of Privacy-Preserving Machine Learning in IoT , 2019, Proceedings of the First International Workshop on Challenges in Artificial Intelligence and Machine Learning for Internet of Things.

[13]  Blaise Agüera y Arcas,et al.  Communication-Efficient Learning of Deep Networks from Decentralized Data , 2016, AISTATS.

[14]  Harry Chandra Tanuwidjaja,et al.  Privacy-Preserving Deep Learning on Machine Learning as a Service—a Comprehensive Survey , 2020, IEEE Access.

[15]  Seong Joon Oh,et al.  Towards Reverse-Engineering Black-Box Neural Networks , 2017, ICLR.

[16]  Li Zhang,et al.  Rényi Differential Privacy of the Sampled Gaussian Mechanism , 2019, ArXiv.

[17]  Vitaly Shmatikov,et al.  Membership Inference Attacks Against Machine Learning Models , 2016, 2017 IEEE Symposium on Security and Privacy (SP).

[18]  Seth Flaxman,et al.  European Union Regulations on Algorithmic Decision-Making and a "Right to Explanation" , 2016, AI Mag..

[19]  Hassan Nazeer Chaudhry,et al.  Privacy Preserving Time-Series Forecasting of User Health Data Streams , 2020, 2020 IEEE International Conference on Big Data (Big Data).

[20]  Charles Elkan,et al.  Differential Privacy and Machine Learning: a Survey and Review , 2014, ArXiv.

[21]  Kwangjo Kim,et al.  A Survey on Deep Learning Techniques for Privacy-Preserving , 2019, ML4CS.

[22]  Jinqiao Shi,et al.  A Survey on Collaborative Deep Learning and Privacy-Preserving , 2018, 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC).

[23]  P. Johri,et al.  Survey on Privacy Preserving Data Mining , 2014 .

[24]  Shobha Venkataraman,et al.  CrypTen: Secure Multi-Party Computation Meets Machine Learning , 2021, NeurIPS.

[25]  Rickmer Braren,et al.  Secure, privacy-preserving and federated machine learning in medical imaging , 2020, Nature Machine Intelligence.

[26]  Dirk Van,et al.  Ensemble Methods: Foundations and Algorithms , 2012 .

[27]  Somesh Jha,et al.  Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures , 2015, CCS.