Thang Hoang

Haodi Wang, Thang Hoang

Machine Learning as a service (MLaaS) permits resource-limited clients to access powerful data analytics services ubiquitously. Despite its merits, MLaaS poses significant concerns regarding the integrity of delegated computation and the privacy of the server's model parameters. To address this issue, Zhang et al. (CCS'20) initiated the study of zero-knowledge Machine Learning (zkML). Few zkML schemes have been proposed afterward; however, they focus on sole ML classification algorithms that may not offer satisfactory accuracy or require large-scale training data and model parameters, which may not be desirable for some applications. We propose ezDPS, a new efficient and zero-knowledge ML inference scheme. Unlike prior works, ezDPS is a zkML pipeline in which the data is processed in multiple stages for high accuracy. Each stage of ezDPS is harnessed with an established ML algorithm that is shown to be effective in various applications, including Discrete Wavelet Transformation, Principal Components Analysis, and Support Vector Machine. We design new gadgets to prove ML operations effectively. We fully implemented ezDPS and assessed its performance on real datasets. Experimental results showed that ezDPS achieves one-to-three orders of magnitude more efficient than the generic circuit-based approach in all metrics while maintaining more desirable accuracy than single ML classification approaches.

Arman Riasi, Jorge Guajardo, Thang Hoang

Machine learning has revolutionized data analysis and pattern recognition, but its resource-intensive training has limited accessibility. Machine Learning as a Service (MLaaS) simplifies this by enabling users to delegate their data samples to an MLaaS provider and obtain the inference result using a pre-trained model. Despite its convenience, leveraging MLaaS poses significant privacy and reliability concerns to the client. Specifically, sensitive information from the client inquiry data can be leaked to an adversarial MLaaS provider. Meanwhile, the lack of a verifiability guarantee can potentially result in biased inference results or even unfair payment issues. While existing trustworthy machine learning techniques, such as those relying on verifiable computation or secure computation, offer solutions to privacy and reliability concerns, they fall short of simultaneously protecting the privacy of client data and providing provable inference verifiability. In this paper, we propose vPIN, a privacy-preserving and verifiable CNN inference scheme that preserves privacy for client data samples while ensuring verifiability for the inference. vPIN makes use of partial homomorphic encryption and commit-and-prove succinct non-interactive argument of knowledge techniques to achieve desirable security properties. In vPIN, we develop various optimization techniques to minimize the proving circuit for homomorphic inference evaluation thereby, improving the efficiency and performance of our technique. We fully implemented and evaluated our vPIN scheme on standard datasets (e.g., MNIST, CIFAR-10). Our experimental results show that vPIN achieves high efficiency in terms of proving time, verification time, and proof size, while providing client data privacy guarantees and provable verifiability.

Thang Hoang, Deokjai Choi, Thuc Nguyen

Authentication schemes using tokens or biometric modalities have been proposed to ameliorate the security strength on mobile devices. However, the existing approaches are obtrusive since the user is required to perform explicit gestures in order to be authenticated. While the gait signal captured by inertial sensors is understood to be a reliable profile for effective implicit authentication, recent studies have been conducted in ideal conditions and might therefore be inapplicable in the real mobile context. Particularly, the acquiring sensor is always fixed to a specific position and orientation. This paper mainly focuses on addressing the instability of sensor's orientation which mostly happens in the reality. A flexible solution taking advantages of available sensors on mobile devices which can help to handle this problem is presented. Moreover, a novel gait recognition method utilizes statistical analysis and supervised learning to adapt itself to the instability of the biometric gait under various circumstances is also proposed. By adopting PCA+SVM to construct the gait model, the proposed method outperformed other state-of-the-art studies, with an equal error rate of 2.45\% and accuracy rate of 99.14\% in terms of the verification and identification aspects being achieved, respectively.