Paper Accepted at PETS 2024

Wildest Dreams: Reproducible Research in Privacy-Preserving Neural Network Training
Wildest Dreams: Reproducible Research in Privacy-Preserving Neural Network Training

Title: Wildest Dreams: Reproducible Research in Privacy-Preserving Neural Network Training
Authors:Tanveer Khan, Mindaugas Budzys, Khoa Nguyen and Antonis Michalas
Venue: Proceedings of the 24th Privacy Enhancing Technologies Symposium (PETS’24), 15—20 July, 2024, Bristol, U.K.


Abstract: Machine Learning (ML), addresses a multitude of complex issues in multiple disciplines, including social sciences, finance, and medical research. ML models require substantial computing power and are only as powerful as the data utilized. Due to the high computational cost of ML methods, data scientists frequently use Machine Learning-as-a-Service (MLaaS) to outsource computation to external servers. However, when working with private information, like financial data or health records, outsourcing the computation might result in privacy issues. Recent advances in Privacy-Preserving Techniques (PPTs) have enabled ML training and inference over protected data through the use of Privacy-Preserving Machine Learning (PPML). However, these techniques are still at a preliminary stage and their application in real-world situations is demanding. In order to comprehend the discrepancy between theoretical research suggestions and actual applications, this work examines the past and present of PPML, focusing on Homomorphic Encryption (HE) and Secure Multi-party Computation (SMPC) applied to ML. This work primarily focuses on the ML model’s training phase, where maintaining user data privacy is of utmost importance. We provide a solid theoretical background that eases the understanding of current approaches and their limitations. We also provide some preliminaries of SMPC, HE, and ML. In addition, we present a systemization of knowledge of the most recent PPML frameworks for model training and provide a comprehensive comparison in terms of the unique properties and performances on standard benchmarks. Also, we reproduce the results for some of the surveyed papers and examine at what level existing works in the field provide support for open science. We believe our work serves as a valuable contribution by raising awareness about the current gap between theoretical advancements and real-world applications in PPML, specifically regarding open-source availability, reproducibility, and usability.

Tanveer Khan

Tanveer Khan

  • Doctoral Researcher
  • Faculty of Information Technology and Communication Sciences
  • Tampere University
  • +358505969006
  • tanveer.khan@tuni.fi
More information
Mindaugas Budzys

Mindaugas Budzys

  • Doctoral Researcher
  • Faculty of Information Technology and Communication Sciences
  • Tampere University
  • +358504411383
  • mindaugas.budzys@tuni.fi
More information
Antonios Michalas

Antonios Michalas

  • Associate Professor (tenure track)
  • Cyber security
  • Faculty of Information Technology and Communication Sciences
  • Tampere University
  • +358504478399
  • antonios.michalas@tuni.fi
More information