Imperial College London
Portrait Picture

Professor Hamed Haddadi

Faculty of EngineeringDepartment of Computing

Professor of Human-Centred Systems
 
 
 
//

Contact

 

h.haddadi Website

 
 
//

Location

 

2Translation & Innovation Hub BuildingWhite City Campus

//

Summary

 

Publications

Citation

BibTex format

@article{Shamsabadi:2020:10.1109/TIFS.2020.2988132,
author = {Shamsabadi, AS and Gascon, A and Haddadi, H and Cavallaro, A},
doi = {10.1109/TIFS.2020.2988132},
journal = {IEEE Transactions on Information Forensics and Security},
pages = {3819--3831},
title = {PrivEdge: from local to distributed private training and prediction},
url = {http://dx.doi.org/10.1109/TIFS.2020.2988132},
volume = {15},
year = {2020}
}
Download

RIS format (EndNote, RefMan)

TY  - JOUR
AB  - Machine Learning as a Service (MLaaS) operators provide model training and prediction on the cloud. MLaaS applications often rely on centralised collection and aggregation of user data, which could lead to significant privacy concerns when dealing with sensitive personal data. To address this problem, we propose PrivEdge, a technique for privacy-preserving MLaaS that safeguards the privacy of users who provide their data for training, as well as users who use the prediction service. With PrivEdge, each user independently uses their private data to locally train a one-class reconstructive adversarial network that succinctly represents their training data. As sending the model parameters to the service provider in the clear would reveal private information, PrivEdge secret-shares the parameters among two non-colluding MLaaS providers, to then provide cryptographically private prediction services through secure multi-party computation techniques. We quantify the benefits of PrivEdge and compare its performance with state-of-the-art centralised architectures on three privacy-sensitive image-based tasks: individual identification, writer identification, and handwritten letter recognition. Experimental results show that PrivEdge has high precision and recall in preserving privacy, as well as in distinguishing between private and non-private images. Moreover, we show the robustness of PrivEdge to image compression and biased training data. The source code is available at https://github.com/smartcameras/PrivEdge.
AU  - Shamsabadi,AS
AU  - Gascon,A
AU  - Haddadi,H
AU  - Cavallaro,A
DO  - 10.1109/TIFS.2020.2988132
EP  - 3831
PY  - 2020///
SN  - 1556-6013
SP  - 3819
TI  - PrivEdge: from local to distributed private training and prediction
T2  - IEEE Transactions on Information Forensics and Security
UR  - http://dx.doi.org/10.1109/TIFS.2020.2988132
UR  - http://arxiv.org/abs/2004.05574v1
UR  - https://ieeexplore.ieee.org/document/9069213
UR  - http://hdl.handle.net/10044/1/78111
VL  - 15
ER  -
Download