1. bookVolume 2021 (2021): Issue 3 (July 2021)
Journal Details
License
Format
Journal
First Published
16 Apr 2015
Publication timeframe
4 times per year
Languages
English
access type Open Access

SoK: Privacy-Preserving Collaborative Tree-based Model Learning

Published Online: 27 Apr 2021
Page range: 182 - 203
Received: 30 Nov 2020
Accepted: 16 Mar 2021
Journal Details
License
Format
Journal
First Published
16 Apr 2015
Publication timeframe
4 times per year
Languages
English
Abstract

Tree-based models are among the most efficient machine learning techniques for data mining nowadays due to their accuracy, interpretability, and simplicity. The recent orthogonal needs for more data and privacy protection call for collaborative privacy-preserving solutions. In this work, we survey the literature on distributed and privacy-preserving training of tree-based models and we systematize its knowledge based on four axes: the learning algorithm, the collaborative model, the protection mechanism, and the threat model. We use this to identify the strengths and limitations of these works and provide for the first time a framework analyzing the information leakage occurring in distributed tree-based model learning.

Keywords

[1] “Amazon sagemaker - xgboost algorithm,” https://docs.aws.amazon.com/sagemaker/latest/dg/xgboost.html.Search in Google Scholar

[2] “DBLP: Computer science bibliography,” https://dblp.org/.Search in Google Scholar

[3] “Google scholar,” https://scholar.google.com/.Search in Google Scholar

[4] “Microsoft academic,” https://academic.microsoft.com/home.Search in Google Scholar

[5] M. Abspoel, D. Escudero, and N. Volgushev, “Secure training of decision trees with continuous attributes,” Proceedings on Privacy Enhancing Technologies, 2021.Search in Google Scholar

[6] R. Agrawal, A. Evfimievski, and R. Srikant, “Information sharing across private databases,” in ACM SIGMOD, 2003.Search in Google Scholar

[7] R. Agrawal and R. Srikant, “Privacy-preserving data mining,” in ACM SIGMOD, 2000.Search in Google Scholar

[8] A. Akavia, M. Leibovich, Y. S. Resheff, R. Ron, M. Shahar, and M. Vald, “Privacy-preserving decision tree training and prediction against malicious server,” iacr eprint, 2019, https://eprint.iacr.org/2019/1282.Search in Google Scholar

[9] A. Alabdulkarim, M. Al-Rodhaan, T. Ma, and Y. Tian, “PPSDT: A novel privacy-preserving single decision tree algorithm for clinical decision-support systems using IoT devices,” Sensors, 2019.Search in Google Scholar

[10] A. Alabdulkarim, M. Al-Rodhaan, Y. Tian, and A. Al-Dhelaan, “A privacy-preserving algorithm for clinical decision-support systems using random forest,” CMC Comput. Mater. Con, 2019.Search in Google Scholar

[11] M. Andriushchenko and M. Hein, “Provably robust boosted decision stumps and trees against adversarial attacks,” in NeurIPS, 2019.Search in Google Scholar

[12] L. J. Aslett, P. M. Esperança, and C. C. Holmes, “Encrypted statistical machine learning: new privacy preserving methods,” arXiv preprint 1508.06845, 2015.Search in Google Scholar

[13] G. Ateniese, L. V. Mancini, A. Spognardi, A. Villani, D. Vitali, and G. Felici, “Hacking smart machines with smarter ones: How to extract meaningful data from machine learning classifiers,” International Journal of Security and Networks, 2015.Search in Google Scholar

[14] E. Bagdasaryan, A. Veit, Y. Hua, D. Estrin, and V. Shmatikov, “How to backdoor federated learning,” in AISTATS, 2020.Search in Google Scholar

[15] R. Baghel and M. Dutta, “Privacy preserving classification by using modified c4. 5,” in IC3. IEEE, 2013.Search in Google Scholar

[16] X. Bai, J. Yao, M. Yuan, K. Deng, X. Xie, and H. Guan, “Embedding differential privacy in decision tree algorithm with different depths,” Science China Information Sciences, 2017.Search in Google Scholar

[17] G. Behera, “Privacy preserving c4. 5 using gini index,” in NCETACS. IEEE, 2011.Search in Google Scholar

[18] M. Bellare, R. Dowsley, and S. Keelveedhi, “How secure is deterministic encryption?” in PKC, 2015.Search in Google Scholar

[19] A. Blum, C. Dwork, F. McSherry, and K. Nissim, “Practical privacy: the sulq framework,” in ACM PODS, 2005.Search in Google Scholar

[20] M. Bojarski, A. Choromanska, K. Choromanski, and Y. Le-Cun, “Differentially-and non-differentially-private random decision trees,” arXiv preprint 1410.6973, 2014.Search in Google Scholar

[21] K. Bonawitz, V. Ivanov, B. Kreuter, A. Marcedone, H. B. McMahan, S. Patel, D. Ramage, A. Segal, and K. Seth, “Practical secure aggregation for privacy-preserving machine learning,” in ACM SIGSAC CCS, 2017.Search in Google Scholar

[22] Z. Brakerski, C. Gentry, and V. Vaikuntanathan, “(leveled) fully homomorphic encryption without bootstrapping,” ACM TOCT, 2014.Search in Google Scholar

[23] L. Breiman, “Random forests,” Machine learning, 2001.Search in Google Scholar

[24] L. Breiman, J. Friedman, C. J. Stone, and R. A. Olshen, Classification and regression trees. CRC press, 1984.Search in Google Scholar

[25] E. Bresson, D. Catalano, and D. Pointcheval, “A simple public-key cryptosystem with a double trapdoor decryption mechanism and its applications,” in ASIACRYPT. Springer, 2003.Search in Google Scholar

[26] J. Brickell and V. Shmatikov, “Privacy-preserving classifier learning,” in FC, 2009.Search in Google Scholar

[27] S. Bu, L. V. Lakshmanan, R. T. Ng, and G. Ramesh, “Preservation of patterns and input-output privacy,” in IEEE ICDE, 2007.Search in Google Scholar

[28] N. Buescher, S. Boukoros, S. Bauregger, and S. Katzenbeisser, “Two is not enough: Privacy assessment of aggregation schemes in smart metering,” Proceedings on Privacy Enhancing Technologies, 2017.Search in Google Scholar

[29] H. Chen, W. Dai, M. Kim, and Y. Song, “Efficient multi-key homomorphic encryption with packed ciphertexts with application to oblivious neural network inference,” in ACM SIGSAC CCS, 2019.Search in Google Scholar

[30] M. Chen, Z. Zhang, T. Wang, M. Backes, M. Humbert, and Y. Zhang, “When machine unlearning jeopardizes privacy,” arXiv preprint 2005.02205, 2020.Search in Google Scholar

[31] T. Chen and C. Guestrin, “Xgboost: A scalable tree boosting system,” in ACM SIGKDD, 2016.Search in Google Scholar

[32] K. Cheng, T. Fan, Y. Jin, Y. Liu, T. Chen, and Q. Yang, “Secureboost: A lossless federated learning framework,” arXiv preprint 1901.08755, 2019.Search in Google Scholar

[33] J. H. Cheon, A. Kim, M. Kim, and Y. Song, “Homomorphic encryption for arithmetic of approximate numbers,” in ASIACRYPT. Springer, 2017.Search in Google Scholar

[34] S. Consul and S. Williamson, “Differentially private median forests for regression and classification,” arXiv 2006.08795, 2020.Search in Google Scholar

[35] I. Damgård and M. Jurik, “A generalisation, a simplification and some applications of paillier’s probabilistic public-key system,” in PKC. Springer, 2001.Search in Google Scholar

[36] I. Damgård, V. Pastro, N. Smart, and S. Zakarias, “Multiparty computation from somewhat homomorphic encryption,” in Annual Cryptology Conference. Springer, 2012.Search in Google Scholar

[37] J. Dansana, D. Dey, and R. Kumar, “A novel approach: Cart algorithm for vertically partitioned database in multi-party environment,” in IEEE CICT, 2013.Search in Google Scholar

[38] S. de Hoogh, B. Schoenmakers, P. Chen, and H. op den Akker, “Practical secure decision tree learning in a tele-treatment application,” in FC, 2014.Search in Google Scholar

[39] F. Doshi-Velez and B. Kim, “Towards a rigorous science of interpretable machine learning,” arXiv preprint 1702.08608, 2017.Search in Google Scholar

[40] J. Dowd, S. Xu, and W. Zhang, “Privacy-preserving decision tree mining based on random substitutions,” in ETRICS, 2006.Search in Google Scholar

[41] W. Du and Z. Zhan, “Building decision tree classifier on private data,” in CRPIT, 2002.Search in Google Scholar

[42] ——, “Using randomized response techniques for privacy-preserving data mining,” in ACM SIGKDD, 2003.Search in Google Scholar

[43] D. Dua and C. Graff, “UCI machine learning repository,” 2017, http://archive.ics.uci.edu/ml.Search in Google Scholar

[44] C. Dwork, “Differential privacy,” in Automata, Languages and Programming, 2006.Search in Google Scholar

[45] E.-M. El-Mhamdi, R. Guerraoui, A. Guirguis, L. N. Hoang, and S. Rouault, “Genuinely distributed byzantine machine learning,” in PODC, 2020.Search in Google Scholar

[46] T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms,” CRYPTO, 1985.Search in Google Scholar

[47] F. Emekçi, D. Agrawal, A. E. Abbadi, and A. Gulbeden, “Privacy preserving query processing using third parties,” in ICDE. IEEE, 2006.Search in Google Scholar

[48] F. Emekçi, O. D. Sahin, D. Agrawal, and A. El Abbadi, “Privacy preserving decision tree learning over multiple parties,” Data & Knowledge Engineering, 2007.Search in Google Scholar

[49] V. Estivill-Castro and L. Brankovic, “Data swapping: Balancing privacy against precision in mining for logic rules,” in DaWaK. Springer, 1999.Search in Google Scholar

[50] European Parliament and Council of European Union, “General data protection regulations,” 2016.Search in Google Scholar

[51] W. Fan, H. Wang, P. S. Yu, and S. Ma, “Is random model better? on its accuracy and efficiency,” in ICDM, 2003.Search in Google Scholar

[52] W. Fang and B. Yang, “Privacy preserving decision tree learning over vertically partitioned data,” in CSSE. IEEE, 2008.Search in Google Scholar

[53] W. Fang, B. Yang, and D. Song, “Preserving private knowledge in decision tree learning.” JCP, 2010.Search in Google Scholar

[54] W. Fang, B. Yang, D. Song, and Z. Tang, “A new scheme on privacy-preserving distributed decision-tree mining,” in ETCS. IEEE, 2009.Search in Google Scholar

[55] W. Fang, C. Chen, J. Tan, C. Yu, Y. Lu, L. Wang, L. Wang, J. Zhou et al., “A hybrid-domain framework for secure gradient tree boosting,” arXiv preprint 2005.08479, 2020.Search in Google Scholar

[56] Z. Feng, H. Xiong, C. Song, S. Yang, B. Zhao, L. Wang, Z. Chen, S. Yang, L. Liu, and J. Huan, “Securegbm: Secure multi-party gradient boosting,” in Big Data. IEEE, 2019.Search in Google Scholar

[57] D. Fiore, R. Gennaro, and V. Pastro, “Efficiently verifiable computation on encrypted data,” in ACM SIGSAC CCS, 2014.Search in Google Scholar

[58] D. Fiore, A. Nitulescu, and D. Pointcheval, “Boosting verifiable computation on encrypted data,” in PKC, 2020, pp. 124–154.Search in Google Scholar

[59] S. Fletcher and M. Z. Islam, “A differentially private random decision forest using reliable signal-to-noise ratios,” in Australasian joint conference on artificial intelligence, 2015.Search in Google Scholar

[60] ——, “Differentially private random decision forests using smooth sensitivity,” Expert Systems with Applications, 2017.Search in Google Scholar

[61] ——, “Decision tree classification with differential privacy: A survey,” ACM CSUR, 2019.Search in Google Scholar

[62] ——, “A differentially private decision forest,” in AusDM. CRPIT, 2015.Search in Google Scholar

[63] P. K. Fong and J. H. Weber-Jahnke, “Privacy preserving decision tree learning using unrealized data sets,” TKDE, 2012.Search in Google Scholar

[64] M. Fredrikson, S. Jha, and T. Ristenpart, “Model inversion attacks that exploit confidence information and basic countermeasures,” in ACM SIGSAC CCS, 2015.Search in Google Scholar

[65] M. J. Freedman, K. Nissim, and B. Pinkas, “Efficient private matching and set intersection,” in EUROCRYPT, 2004.Search in Google Scholar

[66] A. A. Freitas, “Comprehensible classification models: a position paper,” ACM SIGKDD explorations newsletter, 2014.Search in Google Scholar

[67] Y. Freund and R. E. Schapire, “A desicion-theoretic generalization of on-line learning and an application to boosting,” in J. Comput. Syst. Sci. Springer, 1995.Search in Google Scholar

[68] A. Friedman and A. Schuster, “Data mining with differential privacy,” in ACM SIGKDD, 2010.Search in Google Scholar

[69] J. H. Friedman, “Greedy function approximation: a gradient boosting machine,” Annals of statistics, 2001.Search in Google Scholar

[70] S. Gambs, B. Kégl, and E. Aïmeur, “Privacy-preserving boosting,” Data Mining and Knowledge Discovery, 2007.Search in Google Scholar

[71] A. Gangrade and R. Patel, “Building privacy-preserving c4. 5 decision tree classifier on multi-parties,” IJCSE, 2009.Search in Google Scholar

[72] ——, “A novel protocol for privacy preserving decision tree over horizontally partitioned data,” IJARCS, 2011.Search in Google Scholar

[73] ——, “Privacy preserving two-layer decision tree classifier for multiparty databases,” IJCIT, 2012.Search in Google Scholar

[74] P. Geurts, D. Ernst, and L. Wehenkel, “Extremely randomized trees,” Machine learning, 2006.Search in Google Scholar

[75] I. Giacomelli, S. Jha, R. Kleiman, D. Page, and K. Yoon, “Privacy-preserving collaborative prediction using random forests,” AMIA Jt Summits Transl Sci Proc., 2019.Search in Google Scholar

[76] C. Giannella, K. Liu, T. Olsen, and H. Kargupta, “Communication efficient construction of decision trees over heterogeneously distributed data,” in ICDM. IEEE, 2004.Search in Google Scholar

[77] O. Goldreich, General Cryptographic Protocols. Cambridge University Press, 2004, vol. 2, p. 599–764.Search in Google Scholar

[78] ——, Foundations of cryptography: volume 2, basic applications. Cambridge university press, 2009.Search in Google Scholar

[79] Z. Guan, X. Sun, L. Shi, L. Wu, and X. Du, “A differentially private greedy decision forest classification algorithm with high utility,” Computers & Security, 2020.Search in Google Scholar

[80] S. Han and W. K. Ng, “Multi-party privacy-preserving decision trees for arbitrarily partitioned data,” Int J Intell Control Syst, 2007.Search in Google Scholar

[81] B. Hitaj, G. Ateniese, and F. Perez-Cruz, “Deep models under the gan: information leakage from collaborative deep learning,” in ACM SIGSAC CCS, 2017.Search in Google Scholar

[82] N. Homer, S. Szelinger, M. Redman, D. Duggan, W. Tembe, J. Muehling, J. V. Pearson, D. A. Stephan, S. F. Nelson, and D. W. Craig, “Resolving individuals contributing trace amounts of dna to highly complex mixtures using high-density snp genotyping microarrays,” PLoS Genet, 2008.Search in Google Scholar

[83] J. Hou, Q. Li, S. Meng, Z. Ni, Y. Chen, and Y. Liu, “Dprf: A differential privacy protection random forest,” IEEE Access, 2019.Search in Google Scholar

[84] G. Jagannathan, K. Pillaipakkamnatt, and R. N. Wright, “A practical differentially private random decision tree classifier,” in IEEE ICDMW, 2009.Search in Google Scholar

[85] M. A. Kadampur et al., “A noise addition scheme in decision tree for privacy preserving data mining,” arXiv preprint 1001.3504, 2010.Search in Google Scholar

[86] Kaggle, “Credit card fraud,” https://www.kaggle.com/mlgulb/creditcardfraud.Search in Google Scholar

[87] ——, “Default of credit card data,” https://www.kaggle.com/uciml/default-of-credit-card-clients-dataset.Search in Google Scholar

[88] ——, “Give me some credit,” https://www.kaggle.com/c/GiveMeSomeCredit/data.Search in Google Scholar

[89] P. Kairouz, H. B. McMahan, B. Avent, A. Bellet, M. Bennis, A. N. Bhagoji, K. Bonawitz, Z. Charles, G. Cormode, R. Cummings et al., “Advances and open problems in federated learning,” arXiv preprint 1912.04977, 2019.Search in Google Scholar

[90] G. Kalyani, M. C. S. Rao, and B. Janakiramaiah, “Decision tree based data reconstruction for privacy preserving classification rule mining,” Informatica, 2017.Search in Google Scholar

[91] M. Kantarcioglu and C. Clifton, “Privacy-preserving distributed mining of association rules on horizontally partitioned data,” IEEE TKDE, 2004.Search in Google Scholar

[92] D. Kaplan, J. Powell, and T. Woller, “AMD memory encryption,” Advanced Micro Devices, Tech. Rep., 2016.Search in Google Scholar

[93] H. Kargupta, S. Datta, Q. Wang, and K. Sivakumar, “On the privacy preserving properties of random data perturbation techniques,” in IEEE ICDM, 2003.Search in Google Scholar

[94] M. Keller, “MP-SPDZ: A versatile framework for multi-party computation,” Cryptology ePrint Archive, Report 2020/521, 2020, https://eprint.iacr.org/2020/521.Search in Google Scholar

[95] F. Khodaparast, M. Sheikhalishahi, H. Haghighi, and F. Martinelli, “Privacy preserving random decision tree classification over horizontally and vertically partitioned data,” in DASC/PiCom/DataCom/CyberSciTech. IEEE, 2018.Search in Google Scholar

[96] H. Kikuchi, K. Ito, M. Ushida, H. Tsuda, and Y. Yamaoka, “Privacy-preserving distributed decision tree learning with boolean class attributes,” in AINA. IEEE, 2013.Search in Google Scholar

[97] E. Kim, J. Jeong, H. Yoon, Y. Kim, J. Cho, and J. H. Cheon, “How to securely collaborate on data: Decentralized threshold he and secure key update,” IEEE Access, 2020.Search in Google Scholar

[98] Á. Kiss, M. Naderpour, J. Liu, N. Asokan, and T. Schneider, “Sok: Modular and efficient private decision tree evaluation,” Proceedings on Privacy Enhancing Technologies, 2019.Search in Google Scholar

[99] L. Kissner and D. Song, “Privacy-preserving set operations,” in Annual International Cryptology Conference. Springer, 2005.Search in Google Scholar

[100] B. Kuijpers, V. Lemmens, B. Moelans, and K. Tuyls, “Privacy preserving ID3 over horizontally, vertically and grid partitioned data,” arXiv preprint 0803.1555, 2008.Search in Google Scholar

[101] A. Law, C. Leung, R. Poddar, R. A. Popa, C. Shi, O. Sima, C. Yu, X. Zhang, and W. Zheng, “Secure collaborative training and inference for xgboost,” arXiv preprint 2010.02524, 2020.Search in Google Scholar

[102] C. Leung, A. Law, and O. Sima, “Towards privacy-preserving collaborative gradient boosted decision trees,” UC Berkeley, Tech. Rep., 2019.Search in Google Scholar

[103] J. Li, Y. Tian, Y. Zhu, T. Zhou, J. Li, K. Ding, and J. Li, “A multicenter random forest model for effective prognosis prediction in collaborative clinical research network,” Artificial Intelligence in Medicine, 2020.Search in Google Scholar

[104] Q. Li, Z. Wen, and B. He, “Practical federated gradient boosting decision trees,” arXiv preprint 1911.04206, 2019.Search in Google Scholar

[105] Q. Li, Z. Wu, Z. Wen, and B. He, “Privacy-preserving gradient boosting decision trees,” in AAAI, 2020.Search in Google Scholar

[106] Y. Li, C. Bai, and C. K. Reddy, “A distributed ensemble approach for mining healthcare data under privacy constraints,” Information sciences, 2016.Search in Google Scholar

[107] Y. Li, Z. L. Jiang, X. Wang, and S.-M. Yiu, “Privacy-preserving ID3 data mining over encrypted data in outsourced environments with multiple keys,” in IEEE Int. Conf. Comp. Sci. & Eng. (CSE) and IEEE EUC. IEEE, 2017.Search in Google Scholar

[108] Y. Li, Z. L. Jiang, X. Wang, S.-M. Yiu, and J. Fang, “Outsourced privacy-preserving random decision tree algorithm under multiple parties for sensor-cloud integration,” in ISPEC. Springer, 2017.Search in Google Scholar

[109] Y. Li, Z. L. Jiang, X. Wang, S.-M. Yiu, and P. Zhang, “Outsourcing privacy preserving ID3 decision tree algorithm over encrypted data-sets for two-parties,” in 2017 IEEE Trustcom/BigDataSE/ICESS. IEEE, 2017.Search in Google Scholar

[110] Y. Li, Z. L. Jiang, L. Yao, X. Wang, S.-M. Yiu, and Z. Huang, “Outsourced privacy-preserving c4.5 decision tree algorithm over horizontally and vertically partitioned dataset among multiple parties,” Cluster Computing, 2019.Search in Google Scholar

[111] Y. Lindell and B. Pinkas, “Privacy preserving data mining,” in Annual International Cryptology Conference, 2000.Search in Google Scholar

[112] L. Liu, M. Kantarcioglu, and B. Thuraisingham, “Privacy preserving decision tree mining from perturbed data,” in HICSS. IEEE, 2009.Search in Google Scholar

[113] L. Liu, R. Chen, X. Liu, J. Su, and L. Qiao, “Towards practical privacy-preserving decision tree training and evaluation in the cloud,” IEEE TIFS, 2020.Search in Google Scholar

[114] X. Liu, Q. Li, T. Li, and D. Chen, “Differentially private classification with decision tree ensemble,” Applied Soft Computing, 2018.Search in Google Scholar

[115] X. Liu, R. H. Deng, K.-K. R. Choo, and J. Weng, “An efficient privacy-preserving outsourced calculation toolkit with multiple keys,” IEEE TIFS, 2016.Search in Google Scholar

[116] Y. Liu, M. Chen, W. Zhang, J. Zhang, and Y. Zheng, “Federated extra-trees with privacy preserving,” arXiv, 2020.Search in Google Scholar

[117] Y. Liu, Y. Liu, Z. Liu, Y. Liang, C. Meng, J. Zhang, and Y. Zheng, “Federated forest,” IEEE Trans. on Big Data, 2020.Search in Google Scholar

[118] Y. Liu, Z. Ma, X. Liu, S. Ma, S. Nepal, and R. Deng, “Boosting privately: Privacy-preserving federated extreme boosting for mobile crowdsensing,” arXiv preprint 1907.10218, 2019.Search in Google Scholar

[119] Y. Liu, Z. Ma, X. Liu, Z. Wang, S. Ma, and K. Ren, “Revocable federated learning: A benchmark of federated forest,” arXiv preprint 1911.03242, 2019.Search in Google Scholar

[120] Y.-h. Liu, B.-R. Yang, D.-y. Cao, and N. Ma, “State-ofthe-art in distributed privacy preserving data mining,” in IEEE ICCSN, 2011.Search in Google Scholar

[121] P. Lory, “Enhancing the efficiency in privacy preserving learning of decision trees in partitioned databases,” in PSD, 2012.Search in Google Scholar

[122] Q. Ma and P. Deng, “Secure multi-party protocols for privacy preserving data mining,” in WASA, 2008.Search in Google Scholar

[123] Z. Ma, J. Ma, Y. Miao, and X. Liu, “Privacy-preserving and high-accurate outsourced disease predictor on random forest,” Information Sciences, 2019.Search in Google Scholar

[124] S. Mabu, M. Obayashi, and T. Kuremoto, “Ensemble learning of rule-based evolutionary algorithm using multi-layer perceptron for supporting decisions in stock trading problems,” Applied soft computing, 2015.Search in Google Scholar

[125] F. McKeen, I. Alexandrovich, A. Berenzon, C. V. Rozas, H. Shafi, V. Shanbhogue, and U. R. Savagaonkar, “Innovative instructions and software model for isolated execution.” Hasp@ isca, 2013.Search in Google Scholar

[126] B. McMahan, E. Moore, D. Ramage, S. Hampson, and B. A. y Arcas, “Communication-efficient learning of deep networks from decentralized data,” in AISTATS, 2017.Search in Google Scholar

[127] F. McSherry and K. Talwar, “Mechanism design via differential privacy,” in FOCS. IEEE, 2007.Search in Google Scholar

[128] L. Melis, C. Song, E. De Cristofaro, and V. Shmatikov, “Exploiting unintended feature leakage in collaborative learning,” in IEEE S&P, 2019.Search in Google Scholar

[129] R. Mitchell, “Gradient boosting, decision trees and xgboost with cuda,” https://developer.nvidia.com/blog/gradient-boosting-decision-trees-xgboost-cuda/.Search in Google Scholar

[130] N. Mohammed, R. Chen, B. C. Fung, and P. S. Yu, “Differentially private data release for data mining,” in ACM SIGKDD, 2011.Search in Google Scholar

[131] C. Molnar, Interpretable Machine Learning. Lulu. com, 2020.Search in Google Scholar

[132] C. Mouchet, J. Troncoso-Pastoriza, and J.-P. Hubaux, “Multiparty homomorphic encryption: From theory to practice,” eprint, 2020, https://eprint.iacr.org/2020/304.Search in Google Scholar

[133] M. Naor and B. Pinkas, “Oblivious transfer and polynomial evaluation,” in STOC, 1999.Search in Google Scholar

[134] ——, “Oblivious polynomial evaluation,” SIAM Journal on Computing, 2006.Search in Google Scholar

[135] M. Nasr, R. Shokri, and A. Houmansadr, “Comprehensive privacy analysis of deep learning: Passive and active white-box inference attacks against centralized and federated learning,” in IEEE S&P, 2019.Search in Google Scholar

[136] M. Naveed, S. Kamara, and C. V. Wright, “Inference attacks on property-preserving encrypted databases,” in ACM SIGSAC CCS, 2015.Search in Google Scholar

[137] R. Nock and W. Henecka, “Boosted and differentially private ensembles of decision trees,” arXiv preprint 2001.09384, 2020.Search in Google Scholar

[138] P. Paillier, “Public-key cryptosystems based on composite degree residuosity classes,” in EUROCRYPT. Springer, 1999.Search in Google Scholar

[139] N. Papernot, P. McDaniel, A. Sinha, and M. P. Wellman, “Sok: Security and privacy in machine learning,” in EuroS&P. IEEE, 2018.Search in Google Scholar

[140] A. Patil and S. Singh, “Differential private random forest,” in ICACCI. IEEE, 2014.Search in Google Scholar

[141] G. Piatetsky, “Top data science and machine learning methods used in 2017,” https://www.kdnuggets.com/2017/12/top-data-science-machine-learning-methods.html.Search in Google Scholar

[142] B. Pinkas, T. Schneider, and M. Zohner, “Faster private set intersection based on OT extension,” in USENIX Security Symposium, 2014.Search in Google Scholar

[143] A. Pyrgelis, C. Troncoso, and E. De Cristofaro, “What does the crowd say about you? evaluating aggregation-based location privacy,” Proceedings on privacy enhancing technologies, 2017.Search in Google Scholar

[144] J. R. Quinlan, “Induction of decision trees,” Machine learning, 1986.Search in Google Scholar

[145] J. Quinlan, C4. 5: programs for machine learning. Elsevier, 1993.Search in Google Scholar

[146] S. Rana, S. K. Gupta, and S. Venkatesh, “Differentially private random forest with high utility,” in ICDM, 2015.Search in Google Scholar

[147] G. N. Rao, M. S. Harini, and C. R. Kishore, “A cryptographic privacy preserving approach over classification,” in ICT and Critical Infrastructure: Proceedings of the 48th Annual Convention of Computer Society of India-Vol II. Springer, 2014.Search in Google Scholar

[148] A. Salem, A. Bhattacharya, M. Backes, M. Fritz, and Y. Zhang, “Updates-leak: Data set inference and reconstruction attacks in online learning,” in USENIX Security Symposium, 2020.Search in Google Scholar

[149] S. Samet and A. Miri, “Privacy preserving ID3 using gini index over horizontally partitioned data,” in AICCSA, 2008.Search in Google Scholar

[150] V. Sandulescu and M. Chiru, “Predicting the future relevance of research institutions-the winning solution of the KDD cup 2016,” arXiv preprint 1609.02728, 2016.Search in Google Scholar

[151] A. Shamir, “How to share a secret,” Communications of the ACM, 1979.Search in Google Scholar

[152] S. Sharma and A. S. Rajawat, “A secure privacy preservation model for vertically partitioned distributed data,” in ICTBIG. IEEE, 2016.Search in Google Scholar

[153] M. A. Sheela and K. Vijayalakshmi, “A novel privacy preserving decision tree induction,” in IEEE CICT, 2013.Search in Google Scholar

[154] Y. Shen, H. Shao, and L. Yang, “Privacy preserving C4.5 algorithm over vertically distributed datasets,” in NSWCTC. IEEE, 2009.Search in Google Scholar

[155] R. Shokri, M. Stronati, C. Song, and V. Shmatikov, “Membership inference attacks against machine learning models,” in IEEE S&P, 2017.Search in Google Scholar

[156] L. Sumalatha and P. U. Sankar, “Fuzzy random decision tree (frdt) framework for privacy preserving data mining,” in SAI. IEEE, 2016.Search in Google Scholar

[157] E. Suthampan and S. Maneewongvatana, “Privacy preserving decision tree in multi party environment,” in AIRS, 2005.Search in Google Scholar

[158] K. Tandel and J. N. Patel, “Privacy preserving decision tree classification on horizontal partition data,” IJERT, 2016.Search in Google Scholar

[159] V. D. Team, “VIFF, the virtual ideal functionality framework.”Search in Google Scholar

[160] Z. Teng and W. Du, “A hybrid multi-group privacy-preserving approach for building decision trees,” in PAKDD, 2007.Search in Google Scholar

[161] The Health Insurance Portability and Accountability Act of 1996, 2014, www.hhs.gov/hipaa.Search in Google Scholar

[162] Z. Tian, R. Zhang, X. Hou, J. Liu, and K. Ren, “Feder-boost: Private federated learning for gbdt,” arXiv preprint 2011.02796, 2020.Search in Google Scholar

[163] S. Truex, N. Baracaldo, A. Anwar, T. Steinke, H. Ludwig, R. Zhang, and Y. Zhou, “A hybrid approach to privacy-preserving federated learning,” in ACM AISec, 2019.Search in Google Scholar

[164] S. Truex, L. Liu, M. E. Gursoy, and L. Yu, “Privacy-preserving inductive learning with decision trees,” in Big-Data Congress, 2017.Search in Google Scholar

[165] P. S. Vadivu and S. Nithya, “An improved privacy preserving with rsa and c5.0 decision tree learning for unrealized datasets,” International Journal, 2014.Search in Google Scholar

[166] J. Vaidya and C. Clifton, “Privacy-preserving decision trees over vertically partitioned data,” in IFIP DBSec. Springer, 2005.Search in Google Scholar

[167] J. Vaidya, C. Clifton, M. Kantarcioglu, and A. S. Patterson, “Privacy-preserving decision trees over vertically partitioned data,” ACM TKDD, 2008.Search in Google Scholar

[168] J. Vaidya, B. Shafiq, W. Fan, D. Mehmood, and D. Lorenzi, “A random decision tree framework for privacy-preserving data mining,” TDSC, 2013.Search in Google Scholar

[169] J. Van Bulck, M. Minkin, O. Weisse, D. Genkin, B. Kasikci, F. Piessens, M. Silberstein, T. F. Wenisch, Y. Yarom, and R. Strackx, “Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution,” in USENIX Security Symposium, 2018.Search in Google Scholar

[170] V. S. Verykios, E. Bertino, I. N. Fovino, L. P. Provenza, Y. Saygin, and Y. Theodoridis, “State-of-the-art in privacy preserving data mining,” ACM Sigmod Record, 2004.Search in Google Scholar

[171] K. W. Wang, T. Dick, and M.-F. Balcan, “Scalable and provably accurate algorithms for differentially private distributed decision tree learning,” AAAI PPAI, 2020.Search in Google Scholar

[172] K. Wang, Y. Xu, R. She, and P. S. Yu, “Classification spanning private databases,” in AAAI, 2006.Search in Google Scholar

[173] S. Wang and J. M. Chang, “Privacy-preserving boosting in the local setting,” arXiv preprint 2002.02096, 2020.Search in Google Scholar

[174] W. Wang, G. Chen, X. Pan, Y. Zhang, X. Wang, V. Bind-schaedler, H. Tang, and C. A. Gunter, “Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX,” in ACM SIGSAC CCS, 2017.Search in Google Scholar

[175] Z. Wang, Y. Yang, Y. Liu, X. Liu, B. B. Gupta, and J. Ma, “Cloud-based federated boosting for mobile crowdsensing,” arXiv preprint 2005.05304, 2020.Search in Google Scholar

[176] D. I. Wolinsky, H. Corrigan-Gibbs, B. Ford, and A. Johnson, “Scalable anonymous group communication in the anytrust model,” Naval Research Lab Washington DC, Tech. Rep., 2012.Search in Google Scholar

[177] D. Wu, T. Wu, and X. Wu, “A differentially private random decision tree classifier with high utility,” in ML4CS. Springer, 2020.Search in Google Scholar

[178] D. J. Wu, T. Feng, M. Naehrig, and K. Lauter, “Privately evaluating decision trees and random forests,” Proceedings on Privacy Enhancing Technologies, 2016.Search in Google Scholar

[179] Y. Wu, S. Cai, X. Xiao, G. Chen, and B. C. Ooi, “Privacy preserving vertical federated learning for tree-based models,” VLDB, no. 11, 2020.Search in Google Scholar

[180] T. Xiang, Y. Li, X. Li, S. Zhong, and S. Yu, “Collaborative ensemble learning under differential privacy,” in Web Intelligence, 2018.Search in Google Scholar

[181] M.-J. Xiao, K. Han, L.-S. Huang, and J.-Y. Li, “Privacy preserving c4. 5 algorithm over horizontally partitioned data,” in GCC. IEEE, 2006.Search in Google Scholar

[182] M.-J. Xiao, L.-S. Huang, Y.-L. Luo, and H. Shen, “Privacy preserving ID3 algorithm over horizontally partitioned data,” in PDCAT. IEEE, 2005.Search in Google Scholar

[183] B. Xin, W. Yang, S. Wang, and L. Huang, “Differentially private greedy decision forest,” in ICASSP. IEEE, 2019.Search in Google Scholar

[184] M. Yang, L. Song, J. Xu, C. Li, and G. Tan, “The tradeoff between privacy and accuracy in anomaly detection using federated xgboost,” arXiv preprint 1907.07157, 2019.Search in Google Scholar

[185] A. C.-C. Yao, “How to generate and exchange secrets,” in SFCS. IEEE, 1986.Search in Google Scholar

[186] J. Zhan, “Using homomorphic encryption for privacy-preserving collaborative decision tree classification,” in IEEE CIDM, 2007.Search in Google Scholar

[187] J. Zhan, S. Matwin, and L. Chang, “Privacy preserving decision tree classiffcation over horizontally partitioned data,” in ICEB, 2005.Search in Google Scholar

[188] C. Zhang, Y. Li, and Z. Chen, “Dpets: A differentially private extratrees,” in CIS, 2017.Search in Google Scholar

[189] J. Zhang, Z. Fang, Y. Zhang, and D. Song, “Zero knowledge proofs for decision tree predictions and accuracy,” in ACM SIGSAC CCS, 2020.Search in Google Scholar

[190] L. Zhao, L. Ni, S. Hu, Y. Chen, P. Zhou, F. Xiao, and L. Wu, “Inprivate digging: Enabling tree-based distributed data mining with differential privacy,” in IEEE INFOCOM, 2018.Search in Google Scholar

[191] L. Zhu, Z. Liu, and S. Han, “Deep leakage from gradients,” in NeurIPS, 2019.Search in Google Scholar

[192] T. Zhu, P. Xiong, Y. Xiang, and W. Zhou, “An effective deferentially private data releasing algorithm for decision tree,” in IEEE TrustCom, 2013.Search in Google Scholar

[193] Z. Zhu and W. Du, “Understanding privacy risk of publishing decision trees,” in IFIP DBSec. Springer, 2010.Search in Google Scholar

Recommended articles from Trend MD

Plan your remote conference with Sciendo