Cryptology ePrint Archive: Report 2017/1190

PICS: Private Image Classification with SVM

Eleftheria Makri and Dragos Rotaru and Nigel P. Smart and Frederik Vercauteren

Abstract: The advent of Machine Learning as a Service (MLaaS) makes it possible to outsource a visual object recognition task to an external (\eg cloud) provider. However, outsourcing such an image classification task raises privacy concerns, both from the image provider's perspective, who wishes to keep their images confidential, and from the classification algorithm provider's perspective, who wishes to protect the intellectual property of their classifier. We propose PICS, a private image classification system, based on polynomial kernel support vector machine (SVM) learning. We selected SVM because it allows us to apply only low-degree functions for the classification on private data, which is the reason why our solution remains computationally efficient. Our solution is based on Secure Multiparty Computation (MPC), it does not leak any information about the images to be classified, nor about the classifier parameters, and it is provably secure. We demonstrate the practicality of our approach by conducting experiments on realistic datasets. We show that our approach achieves high accuracy, comparable to that achieved on non-privacy-protected data while the input-dependent phase is at least 100 times faster than the similar approach with Fully Homomorphic Encryption.

Category / Keywords: multiparty computation, machine learning, support vector machines

Date: received 8 Dec 2017, last revised 13 Dec 2017

Contact author: dragos rotaru at bristol ac uk

Available format(s): PDF | BibTeX Citation

Note: minor changes to abstract and a subsection

Version: 20171213:161002 (All versions of this report)

Short URL: ia.cr/2017/1190

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]