Enclave Tree: privacy-preserving data stream training and inference using TEE

Qifan Wang, Shujie Cui, Lei Zhou, Ocean Wu, Yonghua Zhu, Giovanni Russello

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

1 Citation (Scopus)


The classification service over a stream of data is becoming an important offering for cloud providers, but users may encounter obstacles in providing sensitive data due to privacy concerns. While Trusted Execution Environments (TEEs) are promising solutions for protecting private data, they remain vulnerable to side-channel attacks induced by data-dependent access patterns. We propose a Privacy-preserving Data Stream Training and Inference scheme, called EnclaveTree, that provides confidentiality for user's data and the target models against a compromised cloud service provider. We design a matrix-based training and inference procedure to train the Hoeffding Tree (HT) model and perform inference with the trained model inside the trusted area of TEEs, which provably prevent the exploitation of access-pattern-based attacks. The performance evaluation shows that EnclaveTree is practical for processing the data streams with small or medium number of features. When there are less than 63 binary features,EnclaveTree is up to ∼10x and ∼9 faster than naïve oblivious solution on training and inference, respectively.

Original languageEnglish
Title of host publicationProceedings of the 2022 ACM Asia Conference on Computer and Communications Security
EditorsMinoru Kuribayashi
Place of PublicationNew York NY USA
PublisherAssociation for Computing Machinery (ACM)
Number of pages15
ISBN (Electronic)9781450391405
Publication statusPublished - 2022
EventACM ASIA Conference on Computer and Communications Security 2022 - Online, Nagasaki, Japan
Duration: 30 May 20223 Jun 2022
Conference number: 17th
https://dl.acm.org/doi/proceedings/10.1145/3488932 (Proceedings)
https://asiaccs2022.conferenceservice.jp/ (Website)


ConferenceACM ASIA Conference on Computer and Communications Security 2022
Abbreviated titleASIA CCS 2022
Internet address


  • data stream
  • data-oblivious
  • hoeffding tree
  • sgx enclave

Cite this