Professional Documents
Culture Documents
College, sri@blueyesoft.com
Mumbai, India.
jalpa.meha@sakec.ac.in
2
Authorized licensed use limited to: Chaitanya Bharathi Institute of Tech - HYDERABAD. Downloaded on October 16,2023 at 06:16:03 UTC from IEEE Xplore. Restrictions apply.
Intuitively, a dataset is differentially confidential if a third Formally, it is not possible to aggregate the data due to
person cannot say whether a single entity was used to derive privacy, legal constraints, hospital policy, and user
a conclusion from it. Without understanding a patient's body discomfort to train a machine learning model on a dataset to
mass index (BMI), for example, a connection between make a prediction but based on the medical domain, where
obesity and heart disease may be established. Under a certain federated learning will solve this problem by being able to
variety of connections with the dataset, such as linkage or set predict and therefore not allowing users or an entity to share
separation, differential privacy resists re-identification their data. Not only because of its stable and private model,
attacks. By incorporating statistical noise, it typically Federated Learning is better than any other machine learning
operates at the model's input level (Local DP) or output level algorithm, but it can decrease the cost of uploading datasets
(Global DP). More noise means that individual contributions to the cloud by allowing training to take place within these
remain covered, but we gain insights into the general public devices locally. PySyft is a federated learning toolkit, an
at the same time without jeopardizing privacy. Depending on extension to the core toolkits of Deep Learning. There is a
a parameter called an epsilon (ε), the amount of noise popular toolkit for Pytorch to manage millions of devices on
included is dependent. The smaller the epsilon value, the the central server, so PySyft is used as a federated learning
more noise is applied, the greater the privacy it offers, and toolkit for a connection between the device to device and the
vice versa. As a result, in Differential Privacy, choosing the central server to find an acceptable interface between them.
right epsilon (ε) value is crucial.
Smarter simulations decreased latency and lower use of
Differential Privacy ensures that the data of the patient in resources are assisted by Federated Learning, all while
charge is kept private, making it ideal for healthcare retaining confidentiality. And this approach has another
applications. However, when it comes to image data, the immediate advantage: in addition to providing an update to
Differential Privacy methodology raises some difficulties. the shared model, the upgraded model on your machine can
Among the issues related to Differential Privacy, the one also be used automatically, empowering interactions
primary reason is the disruption of the dataset itself. Data customized to the way you use the phone.
manipulation will minimize data that can prove lethal to the
algorithm reliability, which is an area that has access to
comparatively limited data, for example, medical imaging
analysis. The method also poses difficulties concerning
plausibility checking, explaining the process to patients, i.e.,
data legibility [23] for the development and implementation
of algorithms, and increasing the need for a statistical person
to classify data representatives. Above all, the particulars of
carrying out Differential Privacy in imaging information are
indistinct. Tabular information can be shuffled easily, but
image disturbance can have unexpected effects, according to
analysis, which shows that this form of manipulation (e.g., Fig. 1. The procedure for Federated Learning
adversarial noise) can be used as both an algorithm attack
and a regularization method that increases robustness and First, the Federated Learning method operates by
tolerance against inversion attacks. Therefore, before the choosing a mathematical model to be trained by the central
implementation of Differential Privacy in medical imaging server. Then the central server transmits to several nodes the
[13][23], further research is needed. initial model. In addition, with their data, the nodes train the
data model locally. Finally, the central server pools the
C. Federated Learning effects of the model and produces one global model without
Federated learning is a technique for training machine any concept being accessed.
learning models with the knowledge that we do not have
access to [13]. Data is collected, processed into a dataset, and D. Homomorphic Encryption
taken to the central server to train the dataset into any model, Homomorphic encryption (HE) is a form of encryption
and we achieve a predictive output. It helps us to take the that permits encoded information to be registered as plain
algorithm to the data instead of doing this federated learning, content or decoded information. Homomorphism is a
and then carry the result to the central server. This implies mathematical principle that states that a computation's
that the user would not be asked to upload their individual composition is preserved. Since the algorithm only supports
information. Predictive maintenance is given by Federated a few mathematical operations, such as addition and
Learning. According to the outcomes in the central server, multiplication, it cannot be combined with traditional
predictive maintenance allows a forecast of when the system encryption algorithms like the Advanced Encryption
will need maintenance. In the healthcare domain, federated Standard (AES). However, a homomorphic algorithm has
learning use cases for devices would allow the user to learn a been successfully applied to convolutional neural networks,
model of machine learning that will help patients improve and its benefits can be used in a 'machine learning as a
certain aspects of their health without having to upload their service' situation, in which data is sent across the network to
data to a central cloud. Federated learning entails using a be processed on a cloud. The algorithm can be used to
wide corpus of high-quality decentralized data distributed encrypt and decrypt medical images until the benefits of
through several client devices for instruction. Since the homomorphic encryption in providing effective protection to
model is trained on client computers, no data from the user is original data are understood. When a model has a sole
expected to be submitted. Keeping the client's personal data owner, homomorphic encryption allows the owner to encrypt
on their computer gives them clear and physical control of their model such that untrustworthy third parties cannot train
their information. or use it without stealing it.
3
Authorized licensed use limited to: Chaitanya Bharathi Institute of Tech - HYDERABAD. Downloaded on October 16,2023 at 06:16:03 UTC from IEEE Xplore. Restrictions apply.
sensitive data without uncovering client personality or
gambling data spillage. There are certain SMPC limitations,
for example, the conditions for proceeding with information
transmission among parties and their online accessibility
[13][25][26].
4
Authorized licensed use limited to: Chaitanya Bharathi Institute of Tech - HYDERABAD. Downloaded on October 16,2023 at 06:16:03 UTC from IEEE Xplore. Restrictions apply.
phase. Patient-related clinical statistics are available in the ACKNOWLEDGMENT
facility, but not for the researcher to identify correlations in We thank Jalpa Mehta, Assistant Professor, Shah and
the data. To grasp the development of cancer. Also, privacy Anchor Kutchhi Engineering College, and Srikanth
issues can limit the availability of data. Data owners may Kodeboyina, CEO, Blue Eye Soft Corp who provided insight
also lack the skills and abilities to create deep learning and mastery that enormously helped the exploration, in spite
models on their own to reap the benefits from their data. of the fact that they may not concur with every one of the
Encrypted Deep learning predicts encrypted data while still understandings/conclusions of this paper.
encrypting the model used for prediction.
With its outstanding learning capabilities, deep learning REFERENCES
has solved many unresolved problems in the field of artificial [1] A. Vizitiu, C. I. Niţă, A. Puiu, C. Suciu and L. M. Itu, "Towards
intelligence in recent years and has seen exponential Privacy-Preserving Deep Learning-based Medical Imaging
progress. Deep learning is ideal for image encryption Applications," 2019 IEEE International Symposium on Medical
because it has a high learning power, can manage massive Measurements and Applications (MeMeA), Istanbul, Turkey, 2019,
volumes of data, extracts key features correctly, and meets pp. 1-6, doi: 10.1109/MeMeA.2019.8802193.
the high-security criteria of image encryption. [2] Maximin Coavoux, Shashi Narayan, Shay B. Cohen Privacy-
preserving neural representations of text (2018), arXiv preprint
arXiv:1808.09408.
IV. SECURE IMPLEMENTATION [3] Aslett, Louis JM, Pedro M. Esperança, and Chris C. Holmes,
Encrypted statistical machine learning: new privacy preserving
Medical imaging has arguably seen some of the most methods (2015), arXiv preprint arXiv:1508.06845.
significant developments in AI technologies due to parallel [4] Graepel, Thore, et al., Machine Learning on Encrypted Data (2012),
improvements in machine vision. Security and privacy ICISC 2012, LNCS 7839.
concerns, however, are not limited to medical imaging [27], [5] Hesamifard, Ehsan, Hassan Takabi, and Mehdi Ghasemi, CryptoDL:
Deep neural networks over encrypted data (2017), arXiv preprint
as seen, for example, in the 2019/2020 SARS-CoV2 arXiv:1711.05189.
pandemic, which ignited global concern about the effects of [6] Hesamifard, Ehsan, et al., Privacy-preserving machine learning as a
large-scale automated contact detection and motion tracking, service (2018), Proceedings on Privacy Enhancing Technologies.
setting political, ethical, and legal precedents, creating a need [7] Gilad-Bachrach, Ran, et al., CryptoNets: Applying neural networks to
for technological implementation of their secure and privacy- encrypted data with high throughput and accuracy (2016),
International Conference on Machine Learning.
protecting. A theoretical/mathematical guarantee of privacy [8] Surendra, H. & Mohan, H. S. A review of synthetic data generation
is given by encryption. However, there are also hardware- methods for privacy preserving data publishing. Int. J. Sci. Technol.
level privacy protections, for instance in the form of Res. 6, 95–101 (2017).
protected processors or enclaves implemented in mobile [9] Mohassel, Payman, and Yupeng Zhang, SecureML: A system for
devices [28]. For example, federated learning work processes scalable privacy-preserving machine learning (2017), 2017 IEEE
Symposium on Security and Privacy (SP).
can preserve data and algorithm privacy despite the fact that
[10] Bonawitz, Keith, et al., Practical secure aggregation for privacy-
the working framework piece is disregarded. Since preserving machine learning (2017), Proceedings of the 2017 ACM
equipment level deep learning algorithms, tensor preparing SIGSAC Conference on Computer and Communications Security.
units, or AI explicit guidance sets are turning out to be more [11] Wang, Yue, Cheng Si, and Xintao Wu, Regression model fitting
significant, such framework-based security will in all under differential privacy and model inversion attack (2015), Twenty-
guarantee that dependable execution conditions will turn out Fourth International Joint Conference on Artificial Intelligence.
[12] Lambin, P. et al. Radiomics: the bridge between medical imaging and
to be more predominant incorporated into edge equipment personalized medicine. Nat. Rev. Clin. Oncol. 14, 749–762 (2017).
like phones. [13] Kaissis, G.A., Makowski, M.R., Rückert, D. et al. Secure, privacy-
preserving, and federated machine learning in medical imaging. Nat
Mach Intell 2, 305–311 (2020).
V. CONCLUSION AND FUTURE WORK [14] Abadi, M., et al.: Deep Learning with Differential Privacy. SIGSAC
The e-health care system is the most emerging and Conference on Computer and Communications Security pp. 308–318
developing system for the protection of personal health (2016).
[15] DICOM reference guide. Health Dev. 30, 5–30 (2001).
records. A few problems in the privacy security of medical [16] Al-Rubaie, M. & Chang, J. M. Privacy-preserving machine learning:
data need to be addressed in the current scenario. To achieve threats and solutions. IEEE Secur. Priv. 17, 49–58 (2019).
proper incoming data storage, indexing maintenance, and [17] Price, W. N. & Cohen, I. G. Privacy in the age of medical big data.
accessing power, effective service is required. Furthermore, Nat. Med. 25, 37–43 (2019).
finding an acceptable set of sanitization attributes will reduce [18] HIPAA. US Department of Health and Human Services
ttps://www.hhs.gov/hipaa/index.html (2020).
the side effects, especially when sensitive information [19] Shokri, R., Stronati, M., Song, C. & Shmatikov, V. Membership
overlaps with non-sensitive information. Medical records inference attacks against machine learning models. In Proc. 38th
need to be held in big data storage in the healthcare cloud to IEEE Symp. Security and Privacy https://doi.org/10.1109/SP.2017.41
enable mobility and easy access for both patients and health (IEEE, 2017).
professionals. The researchers seek a major goal in [20] Konečný, J. et al. Federated learning: strategies for improving
maintaining medical data privacy, which is to build a reliable communication efficiency. Preprint https://arxiv.org/abs/1610.05492
(2016).
system to overcome the disadvantage of computational time [21] Rieke, N. et al. The future of digital health with federated learning.
and expense when encrypting and decrypting data. However, Preprint at https://arxiv.org/abs/2003.08119 (2020).
there is a great deal of work to be done to protect the privacy [22] R. Miotto, F. Wang, S. Wang, X. Jiang, and J. T. Dudley, “Deep
of health care data to provide improved data protection. This learning for healthcare: review, opportunities and challenges,”
review paper offers an overview of health care data privacy Briefings in Bioinformatics, vol. 19, no. 6, pp. 1236–1246, 05 2017.
[Online]. Available: https://dx.doi.org/10.1093/bib/bbx044
preservation and examines current methodologies by [23] Maintaining Privacy in Medical Data with Differential Privacy.
advantages, restriction, and performance measurement. It Available at: https://blog.openmined.org/maintaining-privacy-in-
will help readers appreciate the state-of-the-art protection of medical-data-with-differential-privacy/
medical data in terms of privacy.
5
Authorized licensed use limited to: Chaitanya Bharathi Institute of Tech - HYDERABAD. Downloaded on October 16,2023 at 06:16:03 UTC from IEEE Xplore. Restrictions apply.
[24] A.M. Vengadapurvaja, G. Nisha, R. Aarthy, N. Sasikaladevi: An Available at: https://www.inpher.io/technology/what-is-secure-
Efficient Homomorphic Medical Image Encryption Algorithm For multiparty-computation
Cloud Storage Security, 7th International Conference on Advances in [27] Qayyum, A., Qadir, J., Bilal, M. & Al-Fuqaha, A. Secure and robust
Computing & Communications, ICACC-2017, 22-24 August 2017, machine learning for healthcare: a survey. Preprint at
Cochin, India Available at: www.sciencedirect.com https://arxiv.org/ abs/2001.08103 (2020).
[25] What is Secure Multiparty Computation (MPC)? [28] Apple Platform Security
Available at: https://www.unboundtech.com/blog/secure-multiparty- https://support.apple.com/guide/security/secure-enclave-overview-
computation-mpc/ sec59b0b31f/web (2020).
[26] What is Secure Multiparty Computation?
6
Authorized licensed use limited to: Chaitanya Bharathi Institute of Tech - HYDERABAD. Downloaded on October 16,2023 at 06:16:03 UTC from IEEE Xplore. Restrictions apply.