Privacy-preserving machine learning: Methods, challenges and directions

R Xu, N Baracaldo, J Joshi - arXiv preprint arXiv:2108.04417, 2021 - arxiv.org
Machine learning (ML) is increasingly being adopted in a wide variety of application
domains. Usually, a well-performing ML model relies on a large volume of training data and …

Cheetah: Lean and fast secure {Two-Party} deep neural network inference

Z Huang, W Lu, C Hong, J Ding - 31st USENIX Security Symposium …, 2022 - usenix.org
Secure two-party neural network inference (2PC-NN) can offer privacy protection for both the
client and the server and is a promising technique in the machine-learning-as-a-service …

Towards practical secure neural network inference: the journey so far and the road ahead

ZÁ Mann, C Weinert, D Chabal, JW Bos - ACM Computing Surveys, 2023 - dl.acm.org
Neural networks (NNs) have become one of the most important tools for artificial
intelligence. Well-designed and trained NNs can perform inference (eg, make decisions or …

Iron: Private inference on transformers

M Hao, H Li, H Chen, P Xing, G Xu… - Advances in neural …, 2022 - proceedings.neurips.cc
We initiate the study of private inference on Transformer-based models in the client-server
setting, where clients have private inputs and servers hold proprietary models. Our main …

Bolt: Privacy-preserving, accurate and efficient inference for transformers

Q Pang, J Zhu, H Möllering, W Zheng… - … IEEE Symposium on …, 2024 - ieeexplore.ieee.org
The advent of transformers has brought about significant advancements in traditional
machine learning tasks. However, their pervasive deployment has raised concerns about …

Elsa: Secure aggregation for federated learning with malicious actors

M Rathee, C Shen, S Wagh… - 2023 IEEE Symposium on …, 2023 - ieeexplore.ieee.org
Federated learning (FL) is an increasingly popular approach for machine learning (ML) in
cases where the training dataset is highly distributed. Clients perform local training on their …

Privacy in large language models: Attacks, defenses and future directions

H Li, Y Chen, J Luo, J Wang, H Peng, Y Kang… - arXiv preprint arXiv …, 2023 - arxiv.org
The advancement of large language models (LLMs) has significantly enhanced the ability to
effectively tackle various downstream NLP tasks and unify these tasks into generative …

Experimenting with zero-knowledge proofs of training

S Garg, A Goel, S Jha, S Mahloujifar… - Proceedings of the …, 2023 - dl.acm.org
How can a model owner prove they trained their model according to the correct
specification? More importantly, how can they do so while preserving the privacy of the …

SoK: cryptographic neural-network computation

LKL Ng, SSM Chow - 2023 IEEE Symposium on Security and …, 2023 - ieeexplore.ieee.org
We studied 53 privacy-preserving neural-network papers in 2016-2022 based on
cryptography (without trusted processors or differential privacy), 16 of which only use …

Bumblebee: Secure two-party inference framework for large transformers

W Lu, Z Huang, Z Gu, J Li, J Liu, C Hong… - Cryptology ePrint …, 2023 - eprint.iacr.org
Large transformer-based models have realized state-of-the-art performance on lots of real-
world tasks such as natural language processing and computer vision. However, with the …