Towards effective, efficient and equitable privacy-preserving machine learning

<p>Machine learning has assumed an increasingly important role in Artificial Intelligence in recent years. Moreover, in spheres such as online shopping, virtual personal assistants, recommendation systems amongst other things, it is quickly becoming part and parcel of our daily lives. The power of data combined with machine learning algorithms has driven widespread uptake of these AI methods. However, there have been sensitivity and privacy concerns over the data to be processed. This is especially salient in areas such as healthcare and finance. Privacy-preserving machine learning mitigates these privacy challenges through private computation over sensitive data. However, the process is not trivial or without trade-offs.</p> <p>In this thesis, we focus on designing effective and efficient protocols for facilitating end-to-end privacy-preserving machine learning, particularly for neural network training and inference. We primarily focus on multi-party computation alongside non-cryptographic primitives such as federated learning for private computation. We start with designing QUOTIENT, an efficient two-party secure training and prediction framework. QUOTIENT benefits from the holistic adaptation of standard neural network training into a crypto-friendly training process alongside a customized hybrid MPC protocol for secure computation. Next, we introduce federated learning to support highly decentralized training over unlabeled data. We motivate the idea of `silos' to ensure superior privacy and isolation across sub-groups. To complete the technical contribution, we propose an MPC-friendly covertly secure commitment scheme for enabling certified predictions. More specifically this helps to enforce non-functional constraints such as fairness, interpretability, and safety over trained models at the time of inference, making the process more equitable. We design, implement and benchmark all of these frameworks to show performance gains in computation, communication and accuracy. We conclude the thesis with a user study focused on enhancing usability, efficiency, assisting in design and helping ensure equity in privacy-preserving computation frameworks at large. This study takes the form of semi-structured interviews with various stakeholders in the privacy-preserving computation ecosystem.</p> <p>We improve upon the state of the art by more than an order of magnitude in speed, for our protocols, alongside significant gains in accuracy and communication. The user study presents a rich socio-technical perspective to the purely technical contributions. The combination of theory, practice and evaluation, in this thesis, acts as a multi-perspective framework for motivating design, development and further research in effective, efficient and equitable privacy-preserving machine learning.</p>