Practical and privacy-preserving decision tree evaluation with one round communication

From National Research Council Canada

DOI	Resolve DOI: https://doi.org/10.1007/978-981-99-9785-5_28
Author	Search for: Xue, Liang ORCID identifier: https://orcid.org/0000-0001-8069-3182; Search for: Lin, Xiaodong ORCID identifier: https://orcid.org/0000-0001-8916-6645; Search for: Xiong, Pulei¹ORCID identifier: https://orcid.org/0000-0002-3460-6946
Affiliation	National Research Council of Canada. Digital Technologies
Format	Text, Article
Conference	First International Conference on Artificial Intelligence Security and Privacy, AIS&P, December 3–5, 2023, Guangzhou, China
Subject	machine learning; Ddcision tree evaluation; privacy preservation
Abstract	Machine learning enables organizations and individuals to improve efficiency and productivity. With an abundance of data and computational resources, large companies can build complex machine learning models and provide prediction services to clients. One example is decision tree evaluation, where a client can access the trained decision tree model with its input and obtain the classification result. However, the privacy issues on model parameters and clients’ inputs and results need to be addressed. In this paper, we propose a privacy-preserving decision tree evaluation scheme, where we first design an improved interval encoding method that can hide parameters representing an interval. Then, based on the interval encoding method, hash functions, and the Diffie-Hellman key agreement technique, a model owner can generate a set of encodings for the decision tree model and send them to a client, who can determine the classification result based on its input and the encodings. The proposed scheme conceals the model parameters from clients and preserves the data privacy of clients, and only one round of communication between the two entities is needed. We provide a formal security proof that demonstrates the privacy preservation property of our scheme. Performance evaluation shows the practicability of the proposed scheme.
Publication date	2024
Publisher	Springer Nature
In	Artificial Intelligence Security and Privacy: First International Conference on Artificial Intelligence Security and Privacy, AIS&P 2023, Guangzhou, China, December 3–5, 2023, Proceedings, Part I (2024): 400–414.
Series	Lecture Notes in Computer Science 14509.
Language	English
Peer reviewed	Yes
Export citation	Export as RIS
Report a correction	Report a correction (opens in a new tab)
Record identifier	0f568893-ce9b-4105-adc0-e89f02fafef7
Record created	2024-02-27
Record modified	2024-02-28

Date modified:: 2024-07-04