[[1] “Amazon sagemaker - xgboost algorithm,” https://docs.aws.amazon.com/sagemaker/latest/dg/xgboost.html.]Search in Google Scholar
[[2] “DBLP: Computer science bibliography,” https://dblp.org/.]Search in Google Scholar
[[3] “Google scholar,” https://scholar.google.com/.]Search in Google Scholar
[[4] “Microsoft academic,” https://academic.microsoft.com/home.]Search in Google Scholar
[[5] M. Abspoel, D. Escudero, and N. Volgushev, “Secure training of decision trees with continuous attributes,” Proceedings on Privacy Enhancing Technologies, 2021.10.2478/popets-2021-0010]Search in Google Scholar
[[6] R. Agrawal, A. Evfimievski, and R. Srikant, “Information sharing across private databases,” in ACM SIGMOD, 2003.10.1145/872757.872771]Search in Google Scholar
[[7] R. Agrawal and R. Srikant, “Privacy-preserving data mining,” in ACM SIGMOD, 2000.10.1145/342009.335438]Search in Google Scholar
[[8] A. Akavia, M. Leibovich, Y. S. Resheff, R. Ron, M. Shahar, and M. Vald, “Privacy-preserving decision tree training and prediction against malicious server,” iacr eprint, 2019, https://eprint.iacr.org/2019/1282.]Search in Google Scholar
[[9] A. Alabdulkarim, M. Al-Rodhaan, T. Ma, and Y. Tian, “PPSDT: A novel privacy-preserving single decision tree algorithm for clinical decision-support systems using IoT devices,” Sensors, 2019.10.3390/s19010142633902730609816]Search in Google Scholar
[[10] A. Alabdulkarim, M. Al-Rodhaan, Y. Tian, and A. Al-Dhelaan, “A privacy-preserving algorithm for clinical decision-support systems using random forest,” CMC Comput. Mater. Con, 2019.10.32604/cmc.2019.05637]Search in Google Scholar
[[11] M. Andriushchenko and M. Hein, “Provably robust boosted decision stumps and trees against adversarial attacks,” in NeurIPS, 2019.]Search in Google Scholar
[[12] L. J. Aslett, P. M. Esperança, and C. C. Holmes, “Encrypted statistical machine learning: new privacy preserving methods,” arXiv preprint 1508.06845, 2015.]Search in Google Scholar
[[13] G. Ateniese, L. V. Mancini, A. Spognardi, A. Villani, D. Vitali, and G. Felici, “Hacking smart machines with smarter ones: How to extract meaningful data from machine learning classifiers,” International Journal of Security and Networks, 2015.10.1504/IJSN.2015.071829]Search in Google Scholar
[[14] E. Bagdasaryan, A. Veit, Y. Hua, D. Estrin, and V. Shmatikov, “How to backdoor federated learning,” in AISTATS, 2020.]Search in Google Scholar
[[15] R. Baghel and M. Dutta, “Privacy preserving classification by using modified c4. 5,” in IC3. IEEE, 2013.10.1109/IC3.2013.6612175]Search in Google Scholar
[[16] X. Bai, J. Yao, M. Yuan, K. Deng, X. Xie, and H. Guan, “Embedding differential privacy in decision tree algorithm with different depths,” Science China Information Sciences, 2017.10.1007/s11432-016-0442-1]Search in Google Scholar
[[17] G. Behera, “Privacy preserving c4. 5 using gini index,” in NCETACS. IEEE, 2011.10.1109/NCETACS.2011.5751385]Search in Google Scholar
[[18] M. Bellare, R. Dowsley, and S. Keelveedhi, “How secure is deterministic encryption?” in PKC, 2015.10.1007/978-3-662-46447-2_3]Search in Google Scholar
[[19] A. Blum, C. Dwork, F. McSherry, and K. Nissim, “Practical privacy: the sulq framework,” in ACM PODS, 2005.10.1145/1065167.1065184]Search in Google Scholar
[[20] M. Bojarski, A. Choromanska, K. Choromanski, and Y. Le-Cun, “Differentially-and non-differentially-private random decision trees,” arXiv preprint 1410.6973, 2014.]Search in Google Scholar
[[21] K. Bonawitz, V. Ivanov, B. Kreuter, A. Marcedone, H. B. McMahan, S. Patel, D. Ramage, A. Segal, and K. Seth, “Practical secure aggregation for privacy-preserving machine learning,” in ACM SIGSAC CCS, 2017.10.1145/3133956.3133982]Search in Google Scholar
[[22] Z. Brakerski, C. Gentry, and V. Vaikuntanathan, “(leveled) fully homomorphic encryption without bootstrapping,” ACM TOCT, 2014.10.1145/2633600]Search in Google Scholar
[[23] L. Breiman, “Random forests,” Machine learning, 2001.]Search in Google Scholar
[[24] L. Breiman, J. Friedman, C. J. Stone, and R. A. Olshen, Classification and regression trees. CRC press, 1984.]Search in Google Scholar
[[25] E. Bresson, D. Catalano, and D. Pointcheval, “A simple public-key cryptosystem with a double trapdoor decryption mechanism and its applications,” in ASIACRYPT. Springer, 2003.10.1007/978-3-540-40061-5_3]Search in Google Scholar
[[26] J. Brickell and V. Shmatikov, “Privacy-preserving classifier learning,” in FC, 2009.10.1007/978-3-642-03549-4_8]Search in Google Scholar
[[27] S. Bu, L. V. Lakshmanan, R. T. Ng, and G. Ramesh, “Preservation of patterns and input-output privacy,” in IEEE ICDE, 2007.10.1109/ICDE.2007.367915]Search in Google Scholar
[[28] N. Buescher, S. Boukoros, S. Bauregger, and S. Katzenbeisser, “Two is not enough: Privacy assessment of aggregation schemes in smart metering,” Proceedings on Privacy Enhancing Technologies, 2017.10.1515/popets-2017-0045]Search in Google Scholar
[[29] H. Chen, W. Dai, M. Kim, and Y. Song, “Efficient multi-key homomorphic encryption with packed ciphertexts with application to oblivious neural network inference,” in ACM SIGSAC CCS, 2019.10.1145/3319535.3363207]Search in Google Scholar
[[30] M. Chen, Z. Zhang, T. Wang, M. Backes, M. Humbert, and Y. Zhang, “When machine unlearning jeopardizes privacy,” arXiv preprint 2005.02205, 2020.]Search in Google Scholar
[[31] T. Chen and C. Guestrin, “Xgboost: A scalable tree boosting system,” in ACM SIGKDD, 2016.10.1145/2939672.2939785]Search in Google Scholar
[[32] K. Cheng, T. Fan, Y. Jin, Y. Liu, T. Chen, and Q. Yang, “Secureboost: A lossless federated learning framework,” arXiv preprint 1901.08755, 2019.]Search in Google Scholar
[[33] J. H. Cheon, A. Kim, M. Kim, and Y. Song, “Homomorphic encryption for arithmetic of approximate numbers,” in ASIACRYPT. Springer, 2017.10.1007/978-3-319-70694-8_15]Search in Google Scholar
[[34] S. Consul and S. Williamson, “Differentially private median forests for regression and classification,” arXiv 2006.08795, 2020.]Search in Google Scholar
[[35] I. Damgård and M. Jurik, “A generalisation, a simplification and some applications of paillier’s probabilistic public-key system,” in PKC. Springer, 2001.10.1007/3-540-44586-2_9]Search in Google Scholar
[[36] I. Damgård, V. Pastro, N. Smart, and S. Zakarias, “Multiparty computation from somewhat homomorphic encryption,” in Annual Cryptology Conference. Springer, 2012.10.1007/978-3-642-32009-5_38]Search in Google Scholar
[[37] J. Dansana, D. Dey, and R. Kumar, “A novel approach: Cart algorithm for vertically partitioned database in multi-party environment,” in IEEE CICT, 2013.10.1109/CICT.2013.6558209]Search in Google Scholar
[[38] S. de Hoogh, B. Schoenmakers, P. Chen, and H. op den Akker, “Practical secure decision tree learning in a tele-treatment application,” in FC, 2014.10.1007/978-3-662-45472-5_12]Search in Google Scholar
[[39] F. Doshi-Velez and B. Kim, “Towards a rigorous science of interpretable machine learning,” arXiv preprint 1702.08608, 2017.]Search in Google Scholar
[[40] J. Dowd, S. Xu, and W. Zhang, “Privacy-preserving decision tree mining based on random substitutions,” in ETRICS, 2006.10.1007/11766155_11]Search in Google Scholar
[[41] W. Du and Z. Zhan, “Building decision tree classifier on private data,” in CRPIT, 2002.]Search in Google Scholar
[[42] ——, “Using randomized response techniques for privacy-preserving data mining,” in ACM SIGKDD, 2003.]Search in Google Scholar
[[43] D. Dua and C. Graff, “UCI machine learning repository,” 2017, http://archive.ics.uci.edu/ml.]Search in Google Scholar
[[44] C. Dwork, “Differential privacy,” in Automata, Languages and Programming, 2006.10.1007/11787006_1]Search in Google Scholar
[[45] E.-M. El-Mhamdi, R. Guerraoui, A. Guirguis, L. N. Hoang, and S. Rouault, “Genuinely distributed byzantine machine learning,” in PODC, 2020.10.1145/3382734.3405695]Search in Google Scholar
[[46] T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms,” CRYPTO, 1985.10.1109/TIT.1985.1057074]Search in Google Scholar
[[47] F. Emekçi, D. Agrawal, A. E. Abbadi, and A. Gulbeden, “Privacy preserving query processing using third parties,” in ICDE. IEEE, 2006.10.1109/ICDE.2006.116]Search in Google Scholar
[[48] F. Emekçi, O. D. Sahin, D. Agrawal, and A. El Abbadi, “Privacy preserving decision tree learning over multiple parties,” Data & Knowledge Engineering, 2007.10.1016/j.datak.2007.02.004]Search in Google Scholar
[[49] V. Estivill-Castro and L. Brankovic, “Data swapping: Balancing privacy against precision in mining for logic rules,” in DaWaK. Springer, 1999.10.1007/3-540-48298-9_41]Search in Google Scholar
[[50] European Parliament and Council of European Union, “General data protection regulations,” 2016.]Search in Google Scholar
[[51] W. Fan, H. Wang, P. S. Yu, and S. Ma, “Is random model better? on its accuracy and efficiency,” in ICDM, 2003.]Search in Google Scholar
[[52] W. Fang and B. Yang, “Privacy preserving decision tree learning over vertically partitioned data,” in CSSE. IEEE, 2008.10.1109/CSSE.2008.731]Search in Google Scholar
[[53] W. Fang, B. Yang, and D. Song, “Preserving private knowledge in decision tree learning.” JCP, 2010.10.4304/jcp.5.5.733-740]Search in Google Scholar
[[54] W. Fang, B. Yang, D. Song, and Z. Tang, “A new scheme on privacy-preserving distributed decision-tree mining,” in ETCS. IEEE, 2009.10.1109/ETCS.2009.376]Search in Google Scholar
[[55] W. Fang, C. Chen, J. Tan, C. Yu, Y. Lu, L. Wang, L. Wang, J. Zhou et al., “A hybrid-domain framework for secure gradient tree boosting,” arXiv preprint 2005.08479, 2020.]Search in Google Scholar
[[56] Z. Feng, H. Xiong, C. Song, S. Yang, B. Zhao, L. Wang, Z. Chen, S. Yang, L. Liu, and J. Huan, “Securegbm: Secure multi-party gradient boosting,” in Big Data. IEEE, 2019.10.1109/BigData47090.2019.9006000]Search in Google Scholar
[[57] D. Fiore, R. Gennaro, and V. Pastro, “Efficiently verifiable computation on encrypted data,” in ACM SIGSAC CCS, 2014.10.1145/2660267.2660366]Search in Google Scholar
[[58] D. Fiore, A. Nitulescu, and D. Pointcheval, “Boosting verifiable computation on encrypted data,” in PKC, 2020, pp. 124–154.10.1007/978-3-030-45388-6_5]Search in Google Scholar
[[59] S. Fletcher and M. Z. Islam, “A differentially private random decision forest using reliable signal-to-noise ratios,” in Australasian joint conference on artificial intelligence, 2015.10.1007/978-3-319-26350-2_17]Search in Google Scholar
[[60] ——, “Differentially private random decision forests using smooth sensitivity,” Expert Systems with Applications, 2017.]Search in Google Scholar
[[61] ——, “Decision tree classification with differential privacy: A survey,” ACM CSUR, 2019.]Search in Google Scholar
[[62] ——, “A differentially private decision forest,” in AusDM. CRPIT, 2015.]Search in Google Scholar
[[63] P. K. Fong and J. H. Weber-Jahnke, “Privacy preserving decision tree learning using unrealized data sets,” TKDE, 2012.10.1109/TKDE.2010.226]Search in Google Scholar
[[64] M. Fredrikson, S. Jha, and T. Ristenpart, “Model inversion attacks that exploit confidence information and basic countermeasures,” in ACM SIGSAC CCS, 2015.10.1145/2810103.2813677]Search in Google Scholar
[[65] M. J. Freedman, K. Nissim, and B. Pinkas, “Efficient private matching and set intersection,” in EUROCRYPT, 2004.10.1007/978-3-540-24676-3_1]Search in Google Scholar
[[66] A. A. Freitas, “Comprehensible classification models: a position paper,” ACM SIGKDD explorations newsletter, 2014.10.1145/2594473.2594475]Search in Google Scholar
[[67] Y. Freund and R. E. Schapire, “A desicion-theoretic generalization of on-line learning and an application to boosting,” in J. Comput. Syst. Sci. Springer, 1995.10.1007/3-540-59119-2_166]Search in Google Scholar
[[68] A. Friedman and A. Schuster, “Data mining with differential privacy,” in ACM SIGKDD, 2010.10.1145/1835804.1835868]Search in Google Scholar
[[69] J. H. Friedman, “Greedy function approximation: a gradient boosting machine,” Annals of statistics, 2001.10.1214/aos/1013203451]Search in Google Scholar
[[70] S. Gambs, B. Kégl, and E. Aïmeur, “Privacy-preserving boosting,” Data Mining and Knowledge Discovery, 2007.10.1007/s10618-006-0051-9]Search in Google Scholar
[[71] A. Gangrade and R. Patel, “Building privacy-preserving c4. 5 decision tree classifier on multi-parties,” IJCSE, 2009.]Search in Google Scholar
[[72] ——, “A novel protocol for privacy preserving decision tree over horizontally partitioned data,” IJARCS, 2011.]Search in Google Scholar
[[73] ——, “Privacy preserving two-layer decision tree classifier for multiparty databases,” IJCIT, 2012.]Search in Google Scholar
[[74] P. Geurts, D. Ernst, and L. Wehenkel, “Extremely randomized trees,” Machine learning, 2006.10.1007/s10994-006-6226-1]Search in Google Scholar
[[75] I. Giacomelli, S. Jha, R. Kleiman, D. Page, and K. Yoon, “Privacy-preserving collaborative prediction using random forests,” AMIA Jt Summits Transl Sci Proc., 2019.]Search in Google Scholar
[[76] C. Giannella, K. Liu, T. Olsen, and H. Kargupta, “Communication efficient construction of decision trees over heterogeneously distributed data,” in ICDM. IEEE, 2004.]Search in Google Scholar
[[77] O. Goldreich, General Cryptographic Protocols. Cambridge University Press, 2004, vol. 2, p. 599–764.10.1017/CBO9780511721656.004]Search in Google Scholar
[[78] ——, Foundations of cryptography: volume 2, basic applications. Cambridge university press, 2009.]Search in Google Scholar
[[79] Z. Guan, X. Sun, L. Shi, L. Wu, and X. Du, “A differentially private greedy decision forest classification algorithm with high utility,” Computers & Security, 2020.10.1016/j.cose.2020.101930]Search in Google Scholar
[[80] S. Han and W. K. Ng, “Multi-party privacy-preserving decision trees for arbitrarily partitioned data,” Int J Intell Control Syst, 2007.]Search in Google Scholar
[[81] B. Hitaj, G. Ateniese, and F. Perez-Cruz, “Deep models under the gan: information leakage from collaborative deep learning,” in ACM SIGSAC CCS, 2017.10.1145/3133956.3134012]Search in Google Scholar
[[82] N. Homer, S. Szelinger, M. Redman, D. Duggan, W. Tembe, J. Muehling, J. V. Pearson, D. A. Stephan, S. F. Nelson, and D. W. Craig, “Resolving individuals contributing trace amounts of dna to highly complex mixtures using high-density snp genotyping microarrays,” PLoS Genet, 2008.10.1371/journal.pgen.1000167251619918769715]Search in Google Scholar
[[83] J. Hou, Q. Li, S. Meng, Z. Ni, Y. Chen, and Y. Liu, “Dprf: A differential privacy protection random forest,” IEEE Access, 2019.10.1109/ACCESS.2019.2939891]Search in Google Scholar
[[84] G. Jagannathan, K. Pillaipakkamnatt, and R. N. Wright, “A practical differentially private random decision tree classifier,” in IEEE ICDMW, 2009.10.1109/ICDMW.2009.93]Search in Google Scholar
[[85] M. A. Kadampur et al., “A noise addition scheme in decision tree for privacy preserving data mining,” arXiv preprint 1001.3504, 2010.]Search in Google Scholar
[[86] Kaggle, “Credit card fraud,” https://www.kaggle.com/mlgulb/creditcardfraud.]Search in Google Scholar
[[87] ——, “Default of credit card data,” https://www.kaggle.com/uciml/default-of-credit-card-clients-dataset.]Search in Google Scholar
[[88] ——, “Give me some credit,” https://www.kaggle.com/c/GiveMeSomeCredit/data.]Search in Google Scholar
[[89] P. Kairouz, H. B. McMahan, B. Avent, A. Bellet, M. Bennis, A. N. Bhagoji, K. Bonawitz, Z. Charles, G. Cormode, R. Cummings et al., “Advances and open problems in federated learning,” arXiv preprint 1912.04977, 2019.]Search in Google Scholar
[[90] G. Kalyani, M. C. S. Rao, and B. Janakiramaiah, “Decision tree based data reconstruction for privacy preserving classification rule mining,” Informatica, 2017.]Search in Google Scholar
[[91] M. Kantarcioglu and C. Clifton, “Privacy-preserving distributed mining of association rules on horizontally partitioned data,” IEEE TKDE, 2004.10.1109/TKDE.2004.45]Search in Google Scholar
[[92] D. Kaplan, J. Powell, and T. Woller, “AMD memory encryption,” Advanced Micro Devices, Tech. Rep., 2016.]Search in Google Scholar
[[93] H. Kargupta, S. Datta, Q. Wang, and K. Sivakumar, “On the privacy preserving properties of random data perturbation techniques,” in IEEE ICDM, 2003.]Search in Google Scholar
[[94] M. Keller, “MP-SPDZ: A versatile framework for multi-party computation,” Cryptology ePrint Archive, Report 2020/521, 2020, https://eprint.iacr.org/2020/521.10.1145/3372297.3417872]Search in Google Scholar
[[95] F. Khodaparast, M. Sheikhalishahi, H. Haghighi, and F. Martinelli, “Privacy preserving random decision tree classification over horizontally and vertically partitioned data,” in DASC/PiCom/DataCom/CyberSciTech. IEEE, 2018.10.1109/DASC/PiCom/DataCom/CyberSciTec.2018.00110]Search in Google Scholar
[[96] H. Kikuchi, K. Ito, M. Ushida, H. Tsuda, and Y. Yamaoka, “Privacy-preserving distributed decision tree learning with boolean class attributes,” in AINA. IEEE, 2013.10.1109/AINA.2013.140]Search in Google Scholar
[[97] E. Kim, J. Jeong, H. Yoon, Y. Kim, J. Cho, and J. H. Cheon, “How to securely collaborate on data: Decentralized threshold he and secure key update,” IEEE Access, 2020.10.1109/ACCESS.2020.3030970]Search in Google Scholar
[[98] Á. Kiss, M. Naderpour, J. Liu, N. Asokan, and T. Schneider, “Sok: Modular and efficient private decision tree evaluation,” Proceedings on Privacy Enhancing Technologies, 2019.10.2478/popets-2019-0026]Search in Google Scholar
[[99] L. Kissner and D. Song, “Privacy-preserving set operations,” in Annual International Cryptology Conference. Springer, 2005.10.21236/ADA457144]Search in Google Scholar
[[100] B. Kuijpers, V. Lemmens, B. Moelans, and K. Tuyls, “Privacy preserving ID3 over horizontally, vertically and grid partitioned data,” arXiv preprint 0803.1555, 2008.]Search in Google Scholar
[[101] A. Law, C. Leung, R. Poddar, R. A. Popa, C. Shi, O. Sima, C. Yu, X. Zhang, and W. Zheng, “Secure collaborative training and inference for xgboost,” arXiv preprint 2010.02524, 2020.]Search in Google Scholar
[[102] C. Leung, A. Law, and O. Sima, “Towards privacy-preserving collaborative gradient boosted decision trees,” UC Berkeley, Tech. Rep., 2019.]Search in Google Scholar
[[103] J. Li, Y. Tian, Y. Zhu, T. Zhou, J. Li, K. Ding, and J. Li, “A multicenter random forest model for effective prognosis prediction in collaborative clinical research network,” Artificial Intelligence in Medicine, 2020.10.1016/j.artmed.2020.10181432143809]Search in Google Scholar
[[104] Q. Li, Z. Wen, and B. He, “Practical federated gradient boosting decision trees,” arXiv preprint 1911.04206, 2019.]Search in Google Scholar
[[105] Q. Li, Z. Wu, Z. Wen, and B. He, “Privacy-preserving gradient boosting decision trees,” in AAAI, 2020.10.1609/aaai.v34i01.5422]Search in Google Scholar
[[106] Y. Li, C. Bai, and C. K. Reddy, “A distributed ensemble approach for mining healthcare data under privacy constraints,” Information sciences, 2016.10.1016/j.ins.2015.10.011467733426681811]Search in Google Scholar
[[107] Y. Li, Z. L. Jiang, X. Wang, and S.-M. Yiu, “Privacy-preserving ID3 data mining over encrypted data in outsourced environments with multiple keys,” in IEEE Int. Conf. Comp. Sci. & Eng. (CSE) and IEEE EUC. IEEE, 2017.10.1109/CSE-EUC.2017.102]Search in Google Scholar
[[108] Y. Li, Z. L. Jiang, X. Wang, S.-M. Yiu, and J. Fang, “Outsourced privacy-preserving random decision tree algorithm under multiple parties for sensor-cloud integration,” in ISPEC. Springer, 2017.10.1007/978-3-319-72359-4_31]Search in Google Scholar
[[109] Y. Li, Z. L. Jiang, X. Wang, S.-M. Yiu, and P. Zhang, “Outsourcing privacy preserving ID3 decision tree algorithm over encrypted data-sets for two-parties,” in 2017 IEEE Trustcom/BigDataSE/ICESS. IEEE, 2017.10.1109/Trustcom/BigDataSE/ICESS.2017.354]Search in Google Scholar
[[110] Y. Li, Z. L. Jiang, L. Yao, X. Wang, S.-M. Yiu, and Z. Huang, “Outsourced privacy-preserving c4.5 decision tree algorithm over horizontally and vertically partitioned dataset among multiple parties,” Cluster Computing, 2019.]Search in Google Scholar
[[111] Y. Lindell and B. Pinkas, “Privacy preserving data mining,” in Annual International Cryptology Conference, 2000.10.1007/3-540-44598-6_3]Search in Google Scholar
[[112] L. Liu, M. Kantarcioglu, and B. Thuraisingham, “Privacy preserving decision tree mining from perturbed data,” in HICSS. IEEE, 2009.]Search in Google Scholar
[[113] L. Liu, R. Chen, X. Liu, J. Su, and L. Qiao, “Towards practical privacy-preserving decision tree training and evaluation in the cloud,” IEEE TIFS, 2020.10.1109/TIFS.2020.2980192]Search in Google Scholar
[[114] X. Liu, Q. Li, T. Li, and D. Chen, “Differentially private classification with decision tree ensemble,” Applied Soft Computing, 2018.10.1016/j.asoc.2017.09.010]Search in Google Scholar
[[115] X. Liu, R. H. Deng, K.-K. R. Choo, and J. Weng, “An efficient privacy-preserving outsourced calculation toolkit with multiple keys,” IEEE TIFS, 2016.10.1109/TIFS.2016.2573770]Search in Google Scholar
[[116] Y. Liu, M. Chen, W. Zhang, J. Zhang, and Y. Zheng, “Federated extra-trees with privacy preserving,” arXiv, 2020.]Search in Google Scholar
[[117] Y. Liu, Y. Liu, Z. Liu, Y. Liang, C. Meng, J. Zhang, and Y. Zheng, “Federated forest,” IEEE Trans. on Big Data, 2020.10.1109/TBDATA.2020.2992755]Search in Google Scholar
[[118] Y. Liu, Z. Ma, X. Liu, S. Ma, S. Nepal, and R. Deng, “Boosting privately: Privacy-preserving federated extreme boosting for mobile crowdsensing,” arXiv preprint 1907.10218, 2019.]Search in Google Scholar
[[119] Y. Liu, Z. Ma, X. Liu, Z. Wang, S. Ma, and K. Ren, “Revocable federated learning: A benchmark of federated forest,” arXiv preprint 1911.03242, 2019.]Search in Google Scholar
[[120] Y.-h. Liu, B.-R. Yang, D.-y. Cao, and N. Ma, “State-ofthe-art in distributed privacy preserving data mining,” in IEEE ICCSN, 2011.]Search in Google Scholar
[[121] P. Lory, “Enhancing the efficiency in privacy preserving learning of decision trees in partitioned databases,” in PSD, 2012.10.1007/978-3-642-33627-0_25]Search in Google Scholar
[[122] Q. Ma and P. Deng, “Secure multi-party protocols for privacy preserving data mining,” in WASA, 2008.10.1007/978-3-540-88582-5_49]Search in Google Scholar
[[123] Z. Ma, J. Ma, Y. Miao, and X. Liu, “Privacy-preserving and high-accurate outsourced disease predictor on random forest,” Information Sciences, 2019.10.1016/j.ins.2019.05.025]Search in Google Scholar
[[124] S. Mabu, M. Obayashi, and T. Kuremoto, “Ensemble learning of rule-based evolutionary algorithm using multi-layer perceptron for supporting decisions in stock trading problems,” Applied soft computing, 2015.10.1016/j.asoc.2015.07.020]Search in Google Scholar
[[125] F. McKeen, I. Alexandrovich, A. Berenzon, C. V. Rozas, H. Shafi, V. Shanbhogue, and U. R. Savagaonkar, “Innovative instructions and software model for isolated execution.” Hasp@ isca, 2013.10.1145/2487726.2488368]Search in Google Scholar
[[126] B. McMahan, E. Moore, D. Ramage, S. Hampson, and B. A. y Arcas, “Communication-efficient learning of deep networks from decentralized data,” in AISTATS, 2017.]Search in Google Scholar
[[127] F. McSherry and K. Talwar, “Mechanism design via differential privacy,” in FOCS. IEEE, 2007.10.1109/FOCS.2007.66]Search in Google Scholar
[[128] L. Melis, C. Song, E. De Cristofaro, and V. Shmatikov, “Exploiting unintended feature leakage in collaborative learning,” in IEEE S&P, 2019.10.1109/SP.2019.00029]Search in Google Scholar
[[129] R. Mitchell, “Gradient boosting, decision trees and xgboost with cuda,” https://developer.nvidia.com/blog/gradient-boosting-decision-trees-xgboost-cuda/.]Search in Google Scholar
[[130] N. Mohammed, R. Chen, B. C. Fung, and P. S. Yu, “Differentially private data release for data mining,” in ACM SIGKDD, 2011.10.1145/2020408.2020487]Search in Google Scholar
[[131] C. Molnar, Interpretable Machine Learning. Lulu. com, 2020.]Search in Google Scholar
[[132] C. Mouchet, J. Troncoso-Pastoriza, and J.-P. Hubaux, “Multiparty homomorphic encryption: From theory to practice,” eprint, 2020, https://eprint.iacr.org/2020/304.]Search in Google Scholar
[[133] M. Naor and B. Pinkas, “Oblivious transfer and polynomial evaluation,” in STOC, 1999.10.1145/301250.301312]Search in Google Scholar
[[134] ——, “Oblivious polynomial evaluation,” SIAM Journal on Computing, 2006.]Search in Google Scholar
[[135] M. Nasr, R. Shokri, and A. Houmansadr, “Comprehensive privacy analysis of deep learning: Passive and active white-box inference attacks against centralized and federated learning,” in IEEE S&P, 2019.10.1109/SP.2019.00065]Search in Google Scholar
[[136] M. Naveed, S. Kamara, and C. V. Wright, “Inference attacks on property-preserving encrypted databases,” in ACM SIGSAC CCS, 2015.10.1145/2810103.2813651]Search in Google Scholar
[[137] R. Nock and W. Henecka, “Boosted and differentially private ensembles of decision trees,” arXiv preprint 2001.09384, 2020.]Search in Google Scholar
[[138] P. Paillier, “Public-key cryptosystems based on composite degree residuosity classes,” in EUROCRYPT. Springer, 1999.]Search in Google Scholar
[[139] N. Papernot, P. McDaniel, A. Sinha, and M. P. Wellman, “Sok: Security and privacy in machine learning,” in EuroS&P. IEEE, 2018.10.1109/EuroSP.2018.00035]Search in Google Scholar
[[140] A. Patil and S. Singh, “Differential private random forest,” in ICACCI. IEEE, 2014.10.1109/ICACCI.2014.6968348]Search in Google Scholar
[[141] G. Piatetsky, “Top data science and machine learning methods used in 2017,” https://www.kdnuggets.com/2017/12/top-data-science-machine-learning-methods.html.]Search in Google Scholar
[[142] B. Pinkas, T. Schneider, and M. Zohner, “Faster private set intersection based on OT extension,” in USENIX Security Symposium, 2014.]Search in Google Scholar
[[143] A. Pyrgelis, C. Troncoso, and E. De Cristofaro, “What does the crowd say about you? evaluating aggregation-based location privacy,” Proceedings on privacy enhancing technologies, 2017.10.1515/popets-2017-0043]Search in Google Scholar
[[144] J. R. Quinlan, “Induction of decision trees,” Machine learning, 1986.10.1007/BF00116251]Search in Google Scholar
[[145] J. Quinlan, C4. 5: programs for machine learning. Elsevier, 1993.]Search in Google Scholar
[[146] S. Rana, S. K. Gupta, and S. Venkatesh, “Differentially private random forest with high utility,” in ICDM, 2015.10.1109/ICDM.2015.76]Search in Google Scholar
[[147] G. N. Rao, M. S. Harini, and C. R. Kishore, “A cryptographic privacy preserving approach over classification,” in ICT and Critical Infrastructure: Proceedings of the 48th Annual Convention of Computer Society of India-Vol II. Springer, 2014.10.1007/978-3-319-03095-1_53]Search in Google Scholar
[[148] A. Salem, A. Bhattacharya, M. Backes, M. Fritz, and Y. Zhang, “Updates-leak: Data set inference and reconstruction attacks in online learning,” in USENIX Security Symposium, 2020.]Search in Google Scholar
[[149] S. Samet and A. Miri, “Privacy preserving ID3 using gini index over horizontally partitioned data,” in AICCSA, 2008.10.1109/AICCSA.2008.4493598]Search in Google Scholar
[[150] V. Sandulescu and M. Chiru, “Predicting the future relevance of research institutions-the winning solution of the KDD cup 2016,” arXiv preprint 1609.02728, 2016.]Search in Google Scholar
[[151] A. Shamir, “How to share a secret,” Communications of the ACM, 1979.10.1145/359168.359176]Search in Google Scholar
[[152] S. Sharma and A. S. Rajawat, “A secure privacy preservation model for vertically partitioned distributed data,” in ICTBIG. IEEE, 2016.10.1109/ICTBIG.2016.7892653]Search in Google Scholar
[[153] M. A. Sheela and K. Vijayalakshmi, “A novel privacy preserving decision tree induction,” in IEEE CICT, 2013.10.1109/CICT.2013.6558258]Search in Google Scholar
[[154] Y. Shen, H. Shao, and L. Yang, “Privacy preserving C4.5 algorithm over vertically distributed datasets,” in NSWCTC. IEEE, 2009.10.1109/NSWCTC.2009.253]Search in Google Scholar
[[155] R. Shokri, M. Stronati, C. Song, and V. Shmatikov, “Membership inference attacks against machine learning models,” in IEEE S&P, 2017.10.1109/SP.2017.41]Search in Google Scholar
[[156] L. Sumalatha and P. U. Sankar, “Fuzzy random decision tree (frdt) framework for privacy preserving data mining,” in SAI. IEEE, 2016.10.1109/SAI.2016.7555982]Search in Google Scholar
[[157] E. Suthampan and S. Maneewongvatana, “Privacy preserving decision tree in multi party environment,” in AIRS, 2005.10.1007/11562382_75]Search in Google Scholar
[[158] K. Tandel and J. N. Patel, “Privacy preserving decision tree classification on horizontal partition data,” IJERT, 2016.]Search in Google Scholar
[[159] V. D. Team, “VIFF, the virtual ideal functionality framework.”]Search in Google Scholar
[[160] Z. Teng and W. Du, “A hybrid multi-group privacy-preserving approach for building decision trees,” in PAKDD, 2007.]Search in Google Scholar
[[161] The Health Insurance Portability and Accountability Act of 1996, 2014, www.hhs.gov/hipaa.]Search in Google Scholar
[[162] Z. Tian, R. Zhang, X. Hou, J. Liu, and K. Ren, “Feder-boost: Private federated learning for gbdt,” arXiv preprint 2011.02796, 2020.]Search in Google Scholar
[[163] S. Truex, N. Baracaldo, A. Anwar, T. Steinke, H. Ludwig, R. Zhang, and Y. Zhou, “A hybrid approach to privacy-preserving federated learning,” in ACM AISec, 2019.10.1145/3338501.3357370]Search in Google Scholar
[[164] S. Truex, L. Liu, M. E. Gursoy, and L. Yu, “Privacy-preserving inductive learning with decision trees,” in Big-Data Congress, 2017.10.1109/BigDataCongress.2017.17]Search in Google Scholar
[[165] P. S. Vadivu and S. Nithya, “An improved privacy preserving with rsa and c5.0 decision tree learning for unrealized datasets,” International Journal, 2014.]Search in Google Scholar
[[166] J. Vaidya and C. Clifton, “Privacy-preserving decision trees over vertically partitioned data,” in IFIP DBSec. Springer, 2005.10.1007/11535706_11]Search in Google Scholar
[[167] J. Vaidya, C. Clifton, M. Kantarcioglu, and A. S. Patterson, “Privacy-preserving decision trees over vertically partitioned data,” ACM TKDD, 2008.10.1007/978-0-387-70992-5_14]Search in Google Scholar
[[168] J. Vaidya, B. Shafiq, W. Fan, D. Mehmood, and D. Lorenzi, “A random decision tree framework for privacy-preserving data mining,” TDSC, 2013.10.1109/TDSC.2013.43]Search in Google Scholar
[[169] J. Van Bulck, M. Minkin, O. Weisse, D. Genkin, B. Kasikci, F. Piessens, M. Silberstein, T. F. Wenisch, Y. Yarom, and R. Strackx, “Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution,” in USENIX Security Symposium, 2018.]Search in Google Scholar
[[170] V. S. Verykios, E. Bertino, I. N. Fovino, L. P. Provenza, Y. Saygin, and Y. Theodoridis, “State-of-the-art in privacy preserving data mining,” ACM Sigmod Record, 2004.10.1145/974121.974131]Search in Google Scholar
[[171] K. W. Wang, T. Dick, and M.-F. Balcan, “Scalable and provably accurate algorithms for differentially private distributed decision tree learning,” AAAI PPAI, 2020.]Search in Google Scholar
[[172] K. Wang, Y. Xu, R. She, and P. S. Yu, “Classification spanning private databases,” in AAAI, 2006.]Search in Google Scholar
[[173] S. Wang and J. M. Chang, “Privacy-preserving boosting in the local setting,” arXiv preprint 2002.02096, 2020.]Search in Google Scholar
[[174] W. Wang, G. Chen, X. Pan, Y. Zhang, X. Wang, V. Bind-schaedler, H. Tang, and C. A. Gunter, “Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX,” in ACM SIGSAC CCS, 2017.10.1145/3133956.3134038640521430853868]Search in Google Scholar
[[175] Z. Wang, Y. Yang, Y. Liu, X. Liu, B. B. Gupta, and J. Ma, “Cloud-based federated boosting for mobile crowdsensing,” arXiv preprint 2005.05304, 2020.]Search in Google Scholar
[[176] D. I. Wolinsky, H. Corrigan-Gibbs, B. Ford, and A. Johnson, “Scalable anonymous group communication in the anytrust model,” Naval Research Lab Washington DC, Tech. Rep., 2012.]Search in Google Scholar
[[177] D. Wu, T. Wu, and X. Wu, “A differentially private random decision tree classifier with high utility,” in ML4CS. Springer, 2020.10.1007/978-3-030-62223-7_32]Search in Google Scholar
[[178] D. J. Wu, T. Feng, M. Naehrig, and K. Lauter, “Privately evaluating decision trees and random forests,” Proceedings on Privacy Enhancing Technologies, 2016.10.1515/popets-2016-0043]Search in Google Scholar
[[179] Y. Wu, S. Cai, X. Xiao, G. Chen, and B. C. Ooi, “Privacy preserving vertical federated learning for tree-based models,” VLDB, no. 11, 2020.10.14778/3407790.3407811]Search in Google Scholar
[[180] T. Xiang, Y. Li, X. Li, S. Zhong, and S. Yu, “Collaborative ensemble learning under differential privacy,” in Web Intelligence, 2018.10.3233/WEB-180374]Search in Google Scholar
[[181] M.-J. Xiao, K. Han, L.-S. Huang, and J.-Y. Li, “Privacy preserving c4. 5 algorithm over horizontally partitioned data,” in GCC. IEEE, 2006.10.1109/GCC.2006.73]Search in Google Scholar
[[182] M.-J. Xiao, L.-S. Huang, Y.-L. Luo, and H. Shen, “Privacy preserving ID3 algorithm over horizontally partitioned data,” in PDCAT. IEEE, 2005.]Search in Google Scholar
[[183] B. Xin, W. Yang, S. Wang, and L. Huang, “Differentially private greedy decision forest,” in ICASSP. IEEE, 2019.10.1109/ICASSP.2019.8682219]Search in Google Scholar
[[184] M. Yang, L. Song, J. Xu, C. Li, and G. Tan, “The tradeoff between privacy and accuracy in anomaly detection using federated xgboost,” arXiv preprint 1907.07157, 2019.]Search in Google Scholar
[[185] A. C.-C. Yao, “How to generate and exchange secrets,” in SFCS. IEEE, 1986.]Search in Google Scholar
[[186] J. Zhan, “Using homomorphic encryption for privacy-preserving collaborative decision tree classification,” in IEEE CIDM, 2007.10.1109/CIDM.2007.368936]Search in Google Scholar
[[187] J. Zhan, S. Matwin, and L. Chang, “Privacy preserving decision tree classiffcation over horizontally partitioned data,” in ICEB, 2005.]Search in Google Scholar
[[188] C. Zhang, Y. Li, and Z. Chen, “Dpets: A differentially private extratrees,” in CIS, 2017.10.1109/CIS.2017.00072]Search in Google Scholar
[[189] J. Zhang, Z. Fang, Y. Zhang, and D. Song, “Zero knowledge proofs for decision tree predictions and accuracy,” in ACM SIGSAC CCS, 2020.10.1145/3372297.3417278]Search in Google Scholar
[[190] L. Zhao, L. Ni, S. Hu, Y. Chen, P. Zhou, F. Xiao, and L. Wu, “Inprivate digging: Enabling tree-based distributed data mining with differential privacy,” in IEEE INFOCOM, 2018.10.1109/INFOCOM.2018.8486352]Search in Google Scholar
[[191] L. Zhu, Z. Liu, and S. Han, “Deep leakage from gradients,” in NeurIPS, 2019.10.1007/978-3-030-63076-8_2]Search in Google Scholar
[[192] T. Zhu, P. Xiong, Y. Xiang, and W. Zhou, “An effective deferentially private data releasing algorithm for decision tree,” in IEEE TrustCom, 2013.10.1109/TrustCom.2013.49]Search in Google Scholar
[[193] Z. Zhu and W. Du, “Understanding privacy risk of publishing decision trees,” in IFIP DBSec. Springer, 2010.10.1007/978-3-642-13739-6_3]Search in Google Scholar