Abstract
In recent years, the problem of privacy leakage has attracted increasing attentions. Therefore, machine learning privacy protection becomes crucial research topic. In this paper, the Paillier homomorphic encryption algorithm is proposed to protect the privacy data. The original LeNet-5 convolutional neural network model was first improved. Then the activation function was modified and the C5 layer was removed to reduce the number of model parameters and improve the operation efficiency. Finally, by mapping the operation of each layer in the convolutional neural network from the plaintext domain to the ciphertext domain, an improved LeNet-5 model that can run on encrypted data was constructed. The purpose of using machine learning algorithm was realized and privacy was ensured at the same time. The analysis shows that the model is feasible and the efficiency is improved.
Foundation Items:
The National Natural Science Foundation of China (No.61572521), Engineering University of PAP Innovation Team Science Foundation (No. KYTD201805), Natural Science Basic Research Plan in Shaanxi Province of China (2021JM252).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ji, S.L., Du, T.Y., Li, J.F., Shen, C., Li, B.: Security and privacy of machine learning models: a survey. J. Softw. 32(1), 41–67 (2021)
Rivest, R.L., Adleman, L., Dertouzos, M.L.: On data banks and privacy homomorphisms. Found. Secure Comput. 4(11), 169–180 (1978)
Abadi, M., et al.: Deep learning with differential privacy. In: ACM SIGSAC Conference on Computer and Communications Security, pp. 308–318 (2016)
Wang, Q.Z.: GAO L: neural network for processing privacy-protected data. J. Cryptologic Res. 6(2), 258–268 (2019)
Zhu, Q., Lv, X.: 2P-DNN: privacy-preserving deep neural networks based on homomorphic cryptosystem (2018). arXiv:1807.08459
Zhang, Z.H., Fu, Y., Gao, T.G.: Research on federated deep neural network model for data privacy protection. Acta Automatica Sinica (2020). https://doi.org/10.16383/j.aas.c200236
Shokri, R., Shmatikov, V.: Privacy-preserving deep learning. In: ACM SIGSAC Conference on Computer and Communications Security, pp. 1310–1321 (2015)
Phong, L.T., et al.: Privacy-preserving deep learning via additively homomorphic encryption. IEEE Trans. Inf. Forensics Secur. 13(5), 1333–1345 (2018)
Dowlin, N., et al.: CryptoNets: applying neural networks to encrypted data with high throughput and accuracy. In: International Conference on Machine Learning, pp. 201–210 (2016)
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16
Arita, S., Nakasato, S.: Fully homomorphic encryption for classification in machine learning. In: IEEE International Conference on Smart Computing, pp. 1–4 (2017)
Sun, X., et al.: Private machine learning classification based on fully homomorphic encryption. IEEE Trans. Emerg. Top. Comput. 8(2), 352–364 (2018)
Li, J., et al.: Privacy preservation for machine learning training and classification based on homomorphic encryption schemes. Inf. Sci. 526, 166–179 (2020)
Eigamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31(4), 469–472 (1985)
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: ACM Symposium on Theory of Computing, ACM, pp.169–178 (2009)
Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrapping. ACM Trans. Comput. Theory 6(3), 1–36 (2014)
LeCun, Y., et al.: Backpropagation applied to handwritten zip code recognition. Neural Comput. 1(4), 541–551 (1989)
LeCun, Y., et al.: Gradient-based learning applied to document recognition. Proc. IEEE 86(11), 2278–2324 (1998)
Hesamifard, E., Takabi, H., Ghasemi, M.: CryptoDL: Deep neural networks over encrypted data (2017). arXiv:1711.05189
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Ni, H., Han, Y., Duan, X., Yang, G. (2021). An Improved LeNet-5 Model Based on Encrypted Data. In: Zeng, J., Qin, P., Jing, W., Song, X., Lu, Z. (eds) Data Science. ICPCSEE 2021. Communications in Computer and Information Science, vol 1452. Springer, Singapore. https://doi.org/10.1007/978-981-16-5943-0_14
Download citation
DOI: https://doi.org/10.1007/978-981-16-5943-0_14
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-5942-3
Online ISBN: 978-981-16-5943-0
eBook Packages: Computer ScienceComputer Science (R0)