Data privacy protection-oriented machine learning prediction method and system

Abstract

The invention provides a data privacy protection-oriented machine learning prediction method and system. The method comprises the following steps of obtaining encrypted data; the main server creates acredible area, and decrypts the obtained to-be-predicted data and the prediction model in the credible area; the main server carries out secret sharing on the decrypted to-be-predicted data and the prediction model to obtain a data secret share and a model share respectively, and distributes the data secret share and the model share to an unconspired auxiliary server and the main server; the auxiliary server and the main server respectively perform prediction calculation to obtain a prediction result share; and the main server carries out secret reconstruction on all the prediction result shares, forwards the reconstructed prediction result shares to the trusted area for integration and encryption, and sends the reconstructed prediction result shares to the to-be-predicted data providingterminal, and the data providing terminal decrypts the reconstructed prediction result shares to obtain a prediction result predicted according to the model. Privacy security of the two parties is protected by combining secure multi-party computing and an SGX technology, and the security problem in the prediction service providing process is solved.

Description

technical field [0001] The present disclosure relates to the technical field related to machine learning, and specifically relates to a data privacy protection-oriented machine learning prediction method and system. Background technique [0002] The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art. [0003] In recent years, artificial intelligence technologies such as machine learning have been widely used in various fields such as image recognition and text processing. However, training a model requires a large amount of data, high computing resources and relevant professional knowledge, which is undoubtedly difficult for ordinary individuals and enterprises. To solve this problem, major companies have begun to provide machine learning as a service. Users do not need to learn complex machine learning algorithms, and can directly upload data and select an appropriate model to obta...

AI Technical Summary

Problems solved by technology

On the one hand, there is a risk of information leakage in the data of users who provide prediction data: For example, when predicting relevant personal sensitive information such as medical pathology data, the service platform can directly obtain user privacy information, which is uploaded and stored in the server. Malicious collection or external attack will cause personal privacy data leakage

On the other hand, there is a risk of leakage of data used by the model provider’s prediction model: in recent years, more and more attacks against machine learning have been proposed, such as model inversion attack, membership inference attack, etc. ), etc., the attacker does not need to directly access the original data, but only through the attack model, can also infer the attributes of the original sensitive data

If the model is trained based on private data, the adversary can pretend to be an honest user and attack through malicious queries, which undoubtedly brings hidden dangers to machine learning and service usage

To sum up, in the process of providing machine learning prediction services based on private data, there are two-way privacy leakage problems, including the possibility that the data uploaded by users may be stolen by the service provider, and the prediction model provided by the organization may be attacked by malicious users. Therefore, , how to realize safe and reliable prediction service has important value in practical application

Images