Xiaoke Zhou1,*, Qianxing Li1, Chuanyun Dai1, Bingwei Wang1, and Yuheng Xia1
Xiaoke Zhou
1School of Computer Science and Technology, Xidian University, Xi'an, 710071, Shaanxi Province, China
*Corresponding author
Privacy-preserving Decision Tree Evaluation (PDTE) enables clients to classify their private data using a decision tree classification model hosted on a server, without revealing the data or classification results. This provides a feasible and secure alternative to traditional decision tree evaluation methods. However, existing solutions often rely on complex operations such as homomorphic encryption (HE) and garbled circuits (GC), which lead to significant computational and communication overhead when performing privacy-preserving inference tasks on large-scale decision tree models. This results in difficulties in balancing data security, inference accuracy, and computational efficiency. To address this issue, this paper proposes a secure and efficient privacy-preserving decision tree outsourcing inference scheme based on secret sharing within semi-honest dual-cloud outsourcing model (SS-PDI). Our scheme is roughly divided into four phases: in the preparation phase, the privacy-preserving decision tree is initialized by hiding the access patterns of the nodes through ciphertext-oriented computational improvements based on the traditional decision tree. In the feature selection phase, the feature selection protocol is improved by introducing the oblivious transfer technique, which reduces the number of selected features and improves the operational efficiency. In the comparison phase, a lightweight Boolean circuit design is used to effectively reduce the overhead of the secure comparison operation. In the evaluation phase, the dual cloud servers in the system return the inference results to the client in the form of secret sharing. After experimental validation, our scheme achieves 74.8%and 40.8% improvement in runtime over complex datasets in LAN and in WAN compared to previous schemes of the same type. There is also a large improvement in the runtime on public datasets compared to previous schemes.
Decision Tree, Security Outsourcing, Privacy Protection, Arithmetic Secret Sharing, Boolean Secret Sharing
Xiaoke Zhou, Qianxing Li, Chuanyun Dai, Bingwei Wang, and Yuheng Xia (2025). Privacy-Preserving Decision Tree Inference in a Dual-Cloud Outsourcing Model. Journal of Networking and Network Applications, Volume 5, Issue 3, pp. 120–129. https://doi.org/10.33969/J-NaNA.2025.050302.
[1] M. M. Sadeeq, N. M. Abdulkareem, S. R. Zeebaree, D. M. Ahmed, A. S. Sami, and R. R. Zebari, “Iot and cloud computing issues, challenges and opportunities: A review,” Qubahan Academic Journal, vol. 1, no. 2, pp. 1–7, 2021.
[2] J. Liang, Z. Qin, S. Xiao, L. Ou, and X. Lin, “Efficient and secure decision tree classification for cloud-assisted online diagnosis services,” IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 4, pp. 1632–1644, 2019.
[3] B. W. Yap, S. H. Ong, and N. H. M. Husain, “Using data mining to improve assessment of credit worthiness via credit scoring models,” Expert Systems with Applications, vol. 38, no. 10, pp. 13 274–13 283, 2011.
[4] Z. Xu, L. Zhao, W. Liang, O. F. Rana, P. Zhou, Q. Xia, W. Xu, and G. Wu, “Energy-aware inference offloading for dnn-driven applications in mobile edge clouds,” IEEE Transactions on Parallel and Distributed Systems, vol. 32, no. 4, pp. 799–814, 2020.
[5] H. Ye, X. Zhang, Z. Huang, G. Chen, and D. Chen, “Hybriddnn: A framework for high-performance hybrid dnn accelerator design and im-plementation,” in 2020 57th ACM/IEEE Design Automation Conference (DAC), 2020, pp. 1–6.
[6] H. Tabrizchi and M. Kuchaki Rafsanjani, “A survey on security chal-lenges in cloud computing: issues, threats, and solutions,” The journal of supercomputing, vol. 76, no. 12, pp. 9493–9532, 2020.
[7] A. Masood, D. S. Lakew, and S. Cho, “Security and privacy challenges in connected vehicular cloud computing,” IEEE Communications Surveys & Tutorials, vol. 22, no. 4, pp. 2725–2764, 2020.
[8] R. Bost, R. A. Popa, S. Tu, and S. Goldwasser, “Machine learning classification over encrypted data,” Cryptology ePrint Archive, 2014.
[9] D. J. Wu, T. Feng, M. Naehrig, and K. Lauter, “Privately evaluating decision trees and random forests,” Cryptology ePrint Archive, 2015.
[10] R. K. Tai, J. P. Ma, Y. Zhao, and S. S. Chow, “Privacy-preserving decision trees evaluation via linear functions,” in Computer Security–ESORICS 2017: 22nd European Symposium on Research in Computer Security, Oslo, Norway, September 11-15, 2017, Proceedings, Part II 22, 2017, pp. 494–512.
[11] Y. Zheng, H. Duan, C. Wang, R. Wang, and S. Nepal, “Securely and efficiently outsourcing decision tree inference,” IEEE Transactions on Dependable and Secure Computing, vol. 19, no. 3, pp. 1841–1855, 2020.
[12] Y. Zheng, C. Wang, R. Wang, H. Duan, and S. Nepal, “Optimizing secure decision tree inference outsourcing,” IEEE Transactions on Dependable and Secure Computing, 2022.
[13] C. Guo, K. Cheng, J. Fu, R. Fan, Z. Chang, Z. Zhang, and A. Song, “Gfs-cnn: A gpu-friendly secure computation platform for convolutional neural networks,” Journal of Networking and Network Applications, vol. 3, no. 2, pp. 66–72, 2023.
[14] A. Song, J. Fu, X. Mu, X. Zhu, and K. Cheng, “L-secnet: Towards secure and lightweight deep neural network inference,” Journal of Networking and Network Applications, vol. 3, no. 4, pp. 171–181, 2024.
[15] M. Joye and F. Salehi, “Private yet efficient decision tree evaluation,” in Data and Applications Security and Privacy XXXII: 32nd Annual IFIP WG 11.3 Conference, DBSec 2018, Bergamo, Italy, July 16–18, 2018, Proceedings 32, 2018, pp. 243–259.
[16] I. Damg˚ard, M. Geisler, and M. Krøigaard, “Efficient and secure comparison for on-line auctions,” in Information Security and Privacy: 12th Australasian Conference, 2007, pp. 416–430.
[17] A. Tueno, F. Kerschbaum, and S. Katzenbeisser, “Private evaluation of decision trees using sublinear cost,” Proceedings on Privacy Enhancing Technologies, vol. 1, 2019.
[18] J. P. Ma, R. K. Tai, Y. Zhao, and S. S. Chow, “Let’s stride blindfolded in a forest: Sublinear multi-client decision trees evaluation.” in NDSS, 2021.
[19] R. Bost, R. A. Popa, S. Tu, and S. Goldwasser, “Machine learning classification over encrypted data,” Cryptology ePrint Archive, 2014.
[20] Y. Ishai and A. Paskin, “Evaluating branching programs on encrypted data,” in Theory of Cryptography Conference. Springer, 2007, pp. 575–594.
[21] L. Liu, J. Su, R. Chen, J. Chen, G. Sun, and J. Li, “Secure and fast decision tree evaluation on outsourced cloud data,” in Machine Learning for Cyber Security: Second International Conference, 2019, pp. 361–377.
[22] M. De Cock, R. Dowsley, C. Horst, R. Katti, A. C. Nascimento, W.-S. Poon, and S. Truex, “Efficient and private scoring of decision trees, support vector machines and logistic regression models based on pre-computation,” IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 2, pp. 217–230, 2017.
[23] G. Kiss, M. Naderpour, J. Liu, N. Asokan, and T. Schneider, “Sok: Modular and efficient private decision tree evaluation,” Proceedings on Privacy Enhancing Technologies, vol. 2, 2019.
[24] Y. Zheng, H. Duan, and C. Wang, “Towards secure and efficient outsourcing of machine learning classification,” in Computer Security–ESORICS 2019: 24th European Symposium on Research in Computer Security, Luxembourg, September 23–27, 2019, Proceedings, Part I 24. Springer, 2019, pp. 22–40.
[25] K. Ji, B. Zhang, T. Lu, L. Li, and K. Ren, “Uc secure private branching program and decision tree evaluation,” IEEE Transactions on Dependable and Secure Computing, vol. 20, no. 4, pp. 2836–2848, 2022.
[26] J. Fu, K. Cheng, Y. Xia, A. Song, Q. Li, and Y. Shen, “Private decision tree evaluation with malicious security via function secret sharing,” in European Symposium on Research in Computer Security. Springer, 2024, pp. 310–330.
[27] P. Mohassel and Y. Zhang, “Secureml: A system for scalable privacy-preserving machine learning,” in 2017 IEEE symposium on security and privacy (SP), 2017, pp. 19–38.
[28] D. Demmler, T. Schneider, and M. Zohner, “Aby-a framework for efficient mixed-protocol secure two-party computation.” in NDSS, 2015.
[29] S. S. Sathya, P. Vepakomma, R. Raskar, R. Ramachandra, and S. Bhat-tacharya, “A review of homomorphic encryption libraries for secure computation,” arXiv preprint arXiv:1812.02428, 2018.
[30] L. Ma, J. Peng, Q. Pei, and H. Zhu, “Efficient decision tree privacy classification service protocol,” Journal On Communications, vol. 42, no. 8, pp. 80–89, 2021.
[31] J. Bai, X. Song, S. Cui, E.-C. Chang, and G. Russello, “Scalable private decision tree evaluation with sublinear communication,” in Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security, 2022, pp. 843–857.
[32] P. Pullonen et al., “Actively secure two-party computation: Efficient beaver triple generation,” Instructor, 2013.
[33] O. Goldreich, S. Micali, and A. Wigderson, “How to play any mental game, or a completeness theorem for protocols with honest majority,” in Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali, 2019, pp. 307–328.
[34] T. S. Daniel Demmler and M. Zohner. A framework for efficient mixed-protocol secure two-party computation. [Online]. Available: https://github.com/encryptogroup/ABY
[35] J. Doerner and abhi shelat. Jack doerner and abhi shelat. [Online]. Available: https://gitlab.com/neucrypt/floram
[36] Q. L. Yuheng Xia and J. F. et.al, accessed: Apr 23, 2024. [Online]. Available: https://github.com/XidianNSS/NssMPClib
[37] D. G. Aldrich. Uci machine learning repository: Data sets. [Online]. Available: https://archive.ics.uci.edu/ml/index.php
[38] J. Doerner and A. Shelat, “Scaling oram for secure computation,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017, pp. 523–535.