N-Parties Private Structure and Parameter Learning for Sum-Product Networks
This work addresses privacy concerns in collaborative machine learning for probabilistic models, offering a solution for multi-party data settings, though it is incremental as it builds on existing SPN and secret-sharing techniques.
The paper tackles the problem of learning sum-product network (SPN) structures and parameters while preserving data privacy across multiple parties, using secret sharing to ensure privacy even with up to half of parties cooperating maliciously, and shows that privacy preservation does not reduce log-likelihood performance and scales well in runtime and memory usage.
A sum-product network (SPN) is a graphical model that allows several types of probabilistic inference to be performed efficiently. In this paper, we propose a privacy-preserving protocol which tackles structure generation and parameter learning of SPNs. Additionally, we provide a protocol for private inference on SPNs, subsequent to training. To preserve the privacy of the participants, we derive our protocol based on secret sharing, which guarantees privacy in the honest-but-curious setting even when at most half of the parties cooperate to disclose the data. The protocol makes use of a forest of randomly generated SPNs, which is trained and weighted privately and can then be used for private inference on data points. Our experiments indicate that preserving the privacy of all participants does not decrease log-likelihood performance on both homogeneously and heterogeneously partitioned data. We furthermore show that our protocol's performance is comparable to current state-of-the-art SPN learners in homogeneously partitioned data settings. In terms of runtime and memory usage, we demonstrate that our implementation scales well when increasing the number of parties, comparing favorably to protocols for neural networks, when they are trained to reproduce the input-output behavior of SPNs.