-
Hawk: Accurate and Fast Privacy-Preserving Machine Learning Using Secure Lookup Table Computation
Authors:
Hamza Saleem,
Amir Ziashahabi,
Muhammad Naveed,
Salman Avestimehr
Abstract:
Training machine learning models on data from multiple entities without direct data sharing can unlock applications otherwise hindered by business, legal, or ethical constraints. In this work, we design and implement new privacy-preserving machine learning protocols for logistic regression and neural network models. We adopt a two-server model where data owners secret-share their data between two…
▽ More
Training machine learning models on data from multiple entities without direct data sharing can unlock applications otherwise hindered by business, legal, or ethical constraints. In this work, we design and implement new privacy-preserving machine learning protocols for logistic regression and neural network models. We adopt a two-server model where data owners secret-share their data between two servers that train and evaluate the model on the joint data. A significant source of inefficiency and inaccuracy in existing methods arises from using Yao's garbled circuits to compute non-linear activation functions. We propose new methods for computing non-linear functions based on secret-shared lookup tables, offering both computational efficiency and improved accuracy.
Beyond introducing leakage-free techniques, we initiate the exploration of relaxed security measures for privacy-preserving machine learning. Instead of claiming that the servers gain no knowledge during the computation, we contend that while some information is revealed about access patterns to lookup tables, it maintains epsilon-dX-privacy. Leveraging this relaxation significantly reduces the computational resources needed for training. We present new cryptographic protocols tailored to this relaxed security paradigm and define and analyze the leakage. Our evaluations show that our logistic regression protocol is up to 9x faster, and the neural network training is up to 688x faster than SecureML. Notably, our neural network achieves an accuracy of 96.6% on MNIST in 15 epochs, outperforming prior benchmarks that capped at 93.4% using the same architecture.
△ Less
Submitted 25 March, 2024;
originally announced March 2024.
-
Renormalization Group flow, Optimal Transport and Diffusion-based Generative Model
Authors:
Artan Sheshmani,
Yi-Zhuang You,
Baturalp Buyukates,
Amir Ziashahabi,
Salman Avestimehr
Abstract:
Diffusion-based generative models represent a forefront direction in generative AI research today. Recent studies in physics have suggested that the renormalization group (RG) can be conceptualized as a diffusion process. This insight motivates us to develop a novel diffusion-based generative model by reversing the momentum-space RG flow. We establish a framework that interprets RG flow as optimal…
▽ More
Diffusion-based generative models represent a forefront direction in generative AI research today. Recent studies in physics have suggested that the renormalization group (RG) can be conceptualized as a diffusion process. This insight motivates us to develop a novel diffusion-based generative model by reversing the momentum-space RG flow. We establish a framework that interprets RG flow as optimal transport gradient flow, which minimizes a functional analogous to the Kullback-Leibler divergence, thereby bridging statistical physics and information theory. Our model applies forward and reverse diffusion processes in Fourier space, exploiting the sparse representation of natural images in this domain to efficiently separate signal from noise and manage image features across scales. By introducing a scale-dependent noise schedule informed by a dispersion relation, the model optimizes denoising performance and image generation in Fourier space, taking advantage of the distinct separation of macro and microscale features. Experimental validations on standard datasets demonstrate the model's capability to generate high-quality images while significantly reducing training time compared to existing image-domain diffusion models. This approach not only enhances our understanding of the generative processes in images but also opens new pathways for research in generative AI, leveraging the convergence of theoretical physics, optimal transport, and machine learning principles.
△ Less
Submitted 1 March, 2024; v1 submitted 26 February, 2024;
originally announced February 2024.
-
Bias-Resistant Social News Aggregator Based on Blockchain
Authors:
Amir Ziashahabi,
Mohammad Ali Maddah-Ali,
Abbas Heydarnoori
Abstract:
In today's world, social networks have become one of the primary sources for creation and propagation of news. Social news aggregators are one of the actors in this area in which users post news items and use positive or negative votes to indicate their preference toward a news item. News items will be ordered and displayed according to their aggregated votes. This approach suffers from several pr…
▽ More
In today's world, social networks have become one of the primary sources for creation and propagation of news. Social news aggregators are one of the actors in this area in which users post news items and use positive or negative votes to indicate their preference toward a news item. News items will be ordered and displayed according to their aggregated votes. This approach suffers from several problems raging from being prone to the dominance of the majority to difficulty in discerning between correct and fake news, and lack of incentive for honest behaviors. In this paper, we propose a graph-based news aggregator in which instead of voting on the news items, users submit their votes on the relations between pairs of news items. More precisely, if a user believes two news items support each other, he will submit a positive vote on the link between the two items, and if he believes that two news items undermine each other, he will submit a negative vote on the corresponding link. This approach has mainly two desirable features: (1) mitigating the effect of personal preferences on voting, (2) connection of new items to endorsing and disputing evidence. This approach helps the newsreaders to understand different aspects of a news item better. We also introduce an incentive layer that uses blockchain as a distributed transparent manager to encourages users to behave honestly and abstain from adversary behaviors. The incentive layer takes into account that users can have different viewpoints toward news, enabling users from a wide range of viewpoints to contribute to the network and benefit from its rewards. In addition, we introduce a protocol that enables us to prove fraud in computations of the incentive layer model on the blockchain. Ultimately, we will analyze the fraud proof protocol and examine our incentive layer on a wide range of synthesized datasets.
△ Less
Submitted 20 October, 2020;
originally announced October 2020.
