Secure Inference via Deep Learning as a Service without Privacy Leakage

Cloud computing plays an important role in many applications today. There is a lot of machine learning as a service that provides models for users' prediction online. However, in many problems which involve healthcare or finances, the privacy of the data that sends from users to the cloud server needs to be considered. Machine learning as a service application does not only require accurate predictions but also ensures data privacy and security. In this paper, we present a novel secure protocol that ensures to compute a scalar product of two real number vectors without revealing the origin of themselves. The scalar product is the most common operation that used in the deep neural network so that our proposed protocol can be used to allow a data owner to send her data to a cloud service that hosts a deep model to get a prediction of input data. We show that the cloud service is capable of applying the neural network to make predictions without knowledge of the user's original data. We demonstrate our proposed protocol on an image benchmark dataset MNIST and an real life application dataset - COVID-19. The results show that our model can achieve 98.8% accuracy on MNIST and 95.02% on COVID-19 dataset with very simple network architecture and nearly no reduction in accuracy when compares with the original model. Moreover, the proposed system can make around 120000 predictions per hour on a single PC with low resources. Therefore, they allow high throughput, accurate, and private predictions.