{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T11:30:22Z","timestamp":1780572622504,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":32,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,11,9]],"date-time":"2020-11-09T00:00:00Z","timestamp":1604880000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,11,9]]},"DOI":"10.1145\/3411501.3419420","type":"proceedings-article","created":{"date-parts":[[2020,11,4]],"date-time":"2020-11-04T03:22:57Z","timestamp":1604460177000},"page":"21-26","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":37,"title":["Secure Collaborative Training and Inference for XGBoost"],"prefix":"10.1145","author":[{"given":"Andrew","family":"Law","sequence":"first","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Chester","family":"Leung","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Rishabh","family":"Poddar","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Raluca Ada","family":"Popa","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Chenyu","family":"Shi","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Octavian","family":"Sima","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Chaofan","family":"Yu","sequence":"additional","affiliation":[{"name":"Ant Financial, Hangzhou, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Xingmeng","family":"Zhang","sequence":"additional","affiliation":[{"name":"Ant Financial, Hangzhou, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Wenting","family":"Zheng","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2020,11,9]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proceedings of the Workshop on Hardware and Architectural Support for Security and Privacy (HASP).","author":"Anati Ittai","unstructured":"Ittai Anati , Shay Gueron , Simon P. Johnson , and Vincent R. Scarlata . 2013. Innovative Technology for CPU Based Attestation and Sealing . In Proceedings of the Workshop on Hardware and Architectural Support for Security and Privacy (HASP). Ittai Anati, Shay Gueron, Simon P. Johnson, and Vincent R. Scarlata. 2013. Innovative Technology for CPU Based Attestation and Sealing. In Proceedings of the Workshop on Hardware and Architectural Support for Security and Privacy (HASP)."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1468075.1468121"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2017.45"},{"key":"e_1_3_2_1_4_1","volume-title":"Proceedings of the USENIX Workshop on Offensive Technologies (WOOT).","author":"Brasser Ferdinand","year":"2017","unstructured":"Ferdinand Brasser , Urs M\u00fc ller, Alexandra Dmitrienko , Kari Kostiainen , Srdjan Capkun , and Ahmad-Reza Sadeghi . 2017 . Software Grand Exposure: SGX Cache Attacks Are Practical . In Proceedings of the USENIX Workshop on Offensive Technologies (WOOT). Ferdinand Brasser, Urs M\u00fc ller, Alexandra Dmitrienko, Kari Kostiainen, Srdjan Capkun, and Ahmad-Reza Sadeghi. 2017. Software Grand Exposure: SGX Cache Attacks Are Practical. In Proceedings of the USENIX Workshop on Offensive Technologies (WOOT)."},{"key":"e_1_3_2_1_5_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Bulck Jo Van","year":"2018","unstructured":"Jo Van Bulck , Marina Minkin , Ofir Weisse , Daniel Genkin , Baris Kasikci , Frank Piessens , Mark Silberstein , Thomas F. Wenisch , Yuval Yarom , and Raoul Strackx . 2018 . Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution . In Proceedings of the USENIX Security Symposium. Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Bulck Jo Van","year":"2017","unstructured":"Jo Van Bulck , Nico Weichbrodt , R\u00fcdiger Kapitza , Frank Piessens , and Raoul Strackx . 2017 . Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution . In Proceedings of the USENIX Security Symposium. Jo Van Bulck, Nico Weichbrodt, R\u00fcdiger Kapitza, Frank Piessens, and Raoul Strackx. 2017. Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the IEEE European Symposium on Security and Privacy (EuroS&P).","author":"Chen Guoxing","unstructured":"Guoxing Chen , Sanchuan Chen , Yuan Xiao , Yinqian Zhang , Zhiqiang Lin , and Ten H. Lai . 2019. SgxPectre Attacks: Stealing Intel Secrets from SGX Enclaves via Speculative Execution . In Proceedings of the IEEE European Symposium on Security and Privacy (EuroS&P). Guoxing Chen, Sanchuan Chen, Yuan Xiao, Yinqian Zhang, Zhiqiang Lin, and Ten H. Lai. 2019. SgxPectre Attacks: Stealing Intel Secrets from SGX Enclaves via Speculative Execution. In Proceedings of the IEEE European Symposium on Security and Privacy (EuroS&P)."},{"key":"e_1_3_2_1_8_1","volume-title":"XGBoost: A Scalable Tree Boosting System. CoRR","author":"Chen Tianqi","year":"2016","unstructured":"Tianqi Chen and Carlos Guestrin . 2016. XGBoost: A Scalable Tree Boosting System. CoRR , Vol. abs\/ 1603 .02754 ( 2016 ). arxiv: 1603.02754 http:\/\/arxiv.org\/abs\/1603.02754 Tianqi Chen and Carlos Guestrin. 2016. XGBoost: A Scalable Tree Boosting System. CoRR, Vol. abs\/1603.02754 (2016). arxiv: 1603.02754 http:\/\/arxiv.org\/abs\/1603.02754"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2018.i2.171-191"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3065913.3065915"},{"key":"e_1_3_2_1_11_1","unstructured":"gRPC. 2020. https:\/\/grpc.io\/docs\/.  gRPC. 2020. https:\/\/grpc.io\/docs\/."},{"key":"e_1_3_2_1_12_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (IEEE S&P).","author":"Gruss Daniel","year":"2017","unstructured":"Daniel Gruss , Moritz Lipp , Michael Schwarz , Daniel Genkin , Jonas Juffinger , Sioli O'Connell , Wolfgang Schoechl , and Yuval Yarom . 2017 . Another Flip in the Wall of Rowhammer Defenses . Proceedings of the IEEE Symposium on Security and Privacy (IEEE S&P). Daniel Gruss, Moritz Lipp, Michael Schwarz, Daniel Genkin, Jonas Juffinger, Sioli O'Connell, Wolfgang Schoechl, and Yuval Yarom. 2017. Another Flip in the Wall of Rowhammer Defenses. Proceedings of the IEEE Symposium on Security and Privacy (IEEE S&P)."},{"key":"e_1_3_2_1_13_1","volume-title":"Proceedings of the USENIX Annual Technical Conference (ATC).","author":"H\u00e4 Marcus","year":"2017","unstructured":"Marcus H\u00e4 ,hnel, Weidong Cui , and Marcus Peinado . 2017 . High-Resolution Side Channels for Untrusted Operating Systems . In Proceedings of the USENIX Annual Technical Conference (ATC). Marcus H\u00e4,hnel, Weidong Cui, and Marcus Peinado. 2017. High-Resolution Side Channels for Untrusted Operating Systems. In Proceedings of the USENIX Annual Technical Conference (ATC)."},{"key":"e_1_3_2_1_14_1","unstructured":"Histogram-based training in XGBoost. 2020. https:\/\/github.com\/dmlc\/xgboost\/issues\/1950.  Histogram-based training in XGBoost. 2020. https:\/\/github.com\/dmlc\/xgboost\/issues\/1950."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3152701.3152709"},{"key":"e_1_3_2_1_16_1","unstructured":"David Kaplan Jeremy Powell and Tom Woller. 2013. AMD Memory Encryption. Whitepaper. (2013).  David Kaplan Jeremy Powell and Tom Woller. 2013. AMD Memory Encryption. Whitepaper. (2013)."},{"key":"e_1_3_2_1_17_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Lee Dayeol","year":"2020","unstructured":"Dayeol Lee , Dongha Jung , Ian T. Fang , Chia-Che Tsai , and Raluca Ada Popa . 2020 . An Off-Chip Attack on Hardware Enclaves via the Memory Bus . In Proceedings of the USENIX Security Symposium. Dayeol Lee, Dongha Jung, Ian T. Fang, Chia-Che Tsai, and Raluca Ada Popa. 2020. An Off-Chip Attack on Hardware Enclaves via the Memory Bus. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_18_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Lee Sangho","year":"2017","unstructured":"Sangho Lee , Ming-Wei Shih , Prasun Gera , Taesoo Kim , Hyesoon Kim , and Marcus Peinado . 2017 . Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing . In Proceedings of the USENIX Security Symposium. Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado. 2017. Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Matetic Sinisa","year":"2017","unstructured":"Sinisa Matetic , Mansoor Ahmed , Kari Kostiainen , Aritra Dhar , David Sommer , Arthur Gervais , Ari Juels , and Srdjan Capkun . 2017 . ROTE: Rollback Protection for Trusted Execution . Proceedings of the USENIX Security Symposium. Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, Arthur Gervais, Ari Juels, and Srdjan Capkun. 2017. ROTE: Rollback Protection for Trusted Execution. Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_20_1","unstructured":"Mbed TLS. 2020. https:\/\/tls.mbed.org\/.  Mbed TLS. 2020. https:\/\/tls.mbed.org\/."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488368"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66787-4_4"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00057"},{"key":"e_1_3_2_1_24_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Ohrimenko Olga","year":"2016","unstructured":"Olga Ohrimenko , Felix Schuster , Cedric Fournet , Aastha Mehta , Sebastian Nowozin , Kapil Vaswani , and Manuel Costa . 2016 . Oblivious Multi-Party Machine Learning on Trusted Processors . In Proceedings of the USENIX Security Symposium. Olga Ohrimenko, Felix Schuster, Cedric Fournet, Aastha Mehta, Sebastian Nowozin, Kapil Vaswani, and Manuel Costa. 2016. Oblivious Multi-Party Machine Learning on Trusted Processors. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_25_1","unstructured":"Open Enclave 2020. Open Enclave SDK. (2020). https:\/\/openenclave.io.  Open Enclave 2020. Open Enclave SDK. (2020). https:\/\/openenclave.io."},{"key":"e_1_3_2_1_26_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (IEEE S&P).","author":"Parno Bryan","unstructured":"Bryan Parno , Jay Lorch , John Douceur , James Mickens , and Jonathan M . McCune. 2011. Memoir: Practical State Continuity for Protected Modules . In Proceedings of the IEEE Symposium on Security and Privacy (IEEE S&P). Bryan Parno, Jay Lorch, John Douceur, James Mickens, and Jonathan M. McCune. 2011. Memoir: Practical State Continuity for Protected Modules. In Proceedings of the IEEE Symposium on Security and Privacy (IEEE S&P)."},{"key":"e_1_3_2_1_27_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Poddar Rishabh","year":"2020","unstructured":"Rishabh Poddar , Ganesh Ananthanarayanan , Srinath Setty , Stavros Volos , and Raluca Ada Popa . 2020 . Visor: Privacy-Preserving Video Analytics as a Cloud Service . In Proceedings of the USENIX Security Symposium. Rishabh Poddar, Ganesh Ananthanarayanan, Srinath Setty, Stavros Volos, and Raluca Ada Popa. 2020. Visor: Privacy-Preserving Video Analytics as a Cloud Service. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_28_1","unstructured":"Raluca Ada Popa and Anila Joshi. 2020. 3 ways to train a secure machine learning model. https:\/\/www.ericsson.com\/en\/blog\/2020\/2\/training-a-machine-learning-model.  Raluca Ada Popa and Anila Joshi. 2020. 3 ways to train a secure machine learning model. https:\/\/www.ericsson.com\/en\/blog\/2020\/2\/training-a-machine-learning-model."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354252"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60876-1_1"},{"key":"e_1_3_2_1_31_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Tang Adrian","year":"2017","unstructured":"Adrian Tang , Simha Sethumadhavan , and Salvatore Stolfo . 2017 . CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management . In Proceedings of the USENIX Security Symposium. Adrian Tang, Simha Sethumadhavan, and Salvatore Stolfo. 2017. CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.45"}],"event":{"name":"CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security","location":"Virtual Event USA","acronym":"CCS '20","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2020 Workshop on Privacy-Preserving Machine Learning in Practice"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3411501.3419420","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3411501.3419420","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T21:31:41Z","timestamp":1750195901000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3411501.3419420"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,11,9]]},"references-count":32,"alternative-id":["10.1145\/3411501.3419420","10.1145\/3411501"],"URL":"https:\/\/doi.org\/10.1145\/3411501.3419420","relation":{},"subject":[],"published":{"date-parts":[[2020,11,9]]},"assertion":[{"value":"2020-11-09","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}