The growth of Graph Convolution Network (GCN) model sizes has revolutionized numerous applications, surpassing human performance in areas such as personal healthcare and financial systems. The deployment of GCNs in the cloud raises privacy concerns due to potential adversarial attacks on client data. To address security concerns, Privacy-Preserving Machine Learning (PPML) using Homomorphic Encryption (HE) secures sensitive client data. However, it introduces substantial computational overhead in practical applications. To tackle those challenges, we present LinGCN, a framework designed to reduce multiplication depth and optimize the performance of HE based GCN inference. LinGCN is structured around three key elements: (1) A differentiable structural linearization algorithm, complemented by a parameterized discrete indicator function, co-trained with model weights to meet the optimization goal. This strategy promotes fine-grained node-level non-linear location selection, resulting in a model with minimized multiplication depth. (2) A compact node-wise polynomial replacement policy with a second-order trainable activation function, steered towards superior convergence by a two-level distillation approach from an all-ReLU based teacher model. (3) an enhanced HE solution that enables finer-grained operator fusion for node-wise activation functions, further reducing multiplication level consumption in HE-based inference. Our experiments on the NTU-XVIEW skeleton joint dataset reveal that LinGCN excels in latency, accuracy, and scalability for homomorphically encrypted inference, outperforming solutions such as CryptoGCN. Remarkably, LinGCN achieves a 14.2x latency speedup relative to CryptoGCN, while preserving an inference accuracy of 75% and notably reducing multiplication depth.

翻译：图卷积网络（GCN）模型规模的扩大已在个人医疗保健和金融系统等领域展现出超越人类性能的卓越表现，推动了众多应用的变革。然而，GCN在云端的部署引发了隐私问题，因为客户数据可能遭受对抗性攻击。为应对这些安全挑战，基于同态加密（HE）的隐私保护机器学习（PPML）能够保障敏感客户数据的安全，但在实际应用中会引入大量计算开销。为了解决这些问题，我们提出LinGCN框架，旨在降低乘法深度并优化基于HE的GCN推理性能。LinGCN围绕三个关键要素构建：（1）一种可微的结构线性化算法，辅以参数化的离散指示函数，与模型权重协同训练以满足优化目标。该策略促进了细粒度的节点级非线性位置选择，从而得到具有最小化乘法深度的模型。（2）一种紧凑的节点级多项式替换策略，采用二阶可训练激活函数，通过基于全ReLU教师模型的两级蒸馏方法引导其实现更优收敛。（3）一种增强的HE解决方案，可实现节点级激活函数的更细粒度算子融合，进一步减少基于HE推理中的乘法层次消耗。我们在NTU-XVIEW骨架关节数据集上的实验表明，LinGCN在同态加密推理的延迟、准确率和可扩展性方面均表现优异，优于CryptoGCN等解决方案。值得注意的是，LinGCN相较于CryptoGCN实现了14.2倍的延迟加速，同时保持了75%的推理准确率，并显著降低了乘法深度。