NetFense: Adversarial Defenses against Privacy Attacks on Neural Networks for Graph Data

Hsieh, I-Chung; Li, Cheng-Te

doi:10.1109/tkde.2021.3087515

Cited by 11 publications

(5 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…3) Insusceptible Training: Some other studies [62], [211], [212] have attempted to defend against privacy attacks and reduce the leakage of sensitive information via modifying the training process of GNNs. For example, it is possible to add privacy-preserving regulation items in the loss function during GNN training, or introduce privacy-preserving modules in GNN architectures to reduce privacy leakage [62]. Specifically, consider a defender aiming to defend against a private attribute inference attack F A (v i ).…”

Section: Methods Category Taskmentioning

confidence: 99%

“…Generally, a private GNN requires that no leakage of private data (e.g., nodes, edges, the graphs themselves, GNN model parameters, and hyper-parameters for GNN training) occurs in its systems [61]. Privacy can also be measured based on the ability of GNNs to defend against privacy attacks and reduce their attack success rates [62]. Research Differences.…”

Section: Trustworthy Gnnsmentioning

confidence: 99%

See 1 more Smart Citation

Trustworthy Graph Neural Networks: Aspects, Methods and Trends

Zhang¹,

Wu²,

Yuan³

et al. 2022

Preprint

View full text Add to dashboard Cite

Graph neural networks (GNNs) have emerged as a series of competent graph learning methods for diverse real-world scenarios, ranging from daily applications like recommendation systems and question answering to cutting-edge technologies such as drug discovery in life sciences and n-body simulation in astrophysics. However, task performance is not the only requirement for GNNs. Performance-oriented GNNs have exhibited potential adverse effects like vulnerability to adversarial attacks, unexplainable discrimination against disadvantaged groups, or excessive resource consumption in edge computing environments. To avoid these unintentional harms, it is necessary to build competent GNNs characterised by trustworthiness. To this end, we propose a comprehensive roadmap to build trustworthy GNNs from the view of the various computing technologies involved. In this survey, we introduce basic concepts and comprehensively summarise existing efforts for trustworthy GNNs from six aspects, including robustness, explainability, privacy, fairness, accountability, and environmental well-being. Additionally, we highlight the intricate cross-aspect relations between the above six aspects of trustworthy GNNs. Finally, we present a thorough overview of trending directions for facilitating the research and industrialisation of trustworthy GNNs.

show abstract

Section: Methods Category Taskmentioning

confidence: 99%

Section: Trustworthy Gnnsmentioning

confidence: 99%

Trustworthy Graph Neural Networks: Aspects, Methods and Trends

Zhang¹,

Wu²,

Yuan³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Security concerns have become a focal point of attention with the rapid development and widespread application of neural networks. Designing efficient and broadly applicable adversarial attack and defense [ 30 , 31 ] strategies has emerged as a current research hotspot. Existing attacks can be classified into several categories based on different criteria.…”

Section: Related Workmentioning

confidence: 99%

MCGCL:Adversarial attack on graph contrastive learning based on momentum gradient candidates

Zhang,

Qin,

Zhang

2024

PLoS ONE

View full text Add to dashboard Cite

In the context of existing adversarial attack schemes based on unsupervised graph contrastive learning, a common issue arises due to the discreteness of graph structures, leading to reduced reliability of structural gradients and consequently resulting in the problem of attacks getting trapped in local optima. An adversarial attack method based on momentum gradient candidates is proposed in this research. Firstly, the gradients obtained by back-propagation are transformed into momentum gradients, and the gradient update is guided by overlaying the previous gradient information in a certain proportion to accelerate convergence speed and improve the accuracy of gradient update. Secondly, the exploratory process of candidate and evaluation is carried out by summing the momentum gradients of the two views and ranking them in descending order of saliency. In this process, selecting adversarial samples with stronger perturbation effects effectively improves the success rate of adversarial attacks. Finally, extensive experiments were conducted on three different datasets, and our generated adversarial samples were evaluated against contrastive learning models across two downstream tasks. The results demonstrate that the attack strategy proposed outperforms existing methods, significantly improving convergence speed. In the link prediction task, targeting the Cora dataset with perturbation rates of 0.05 and 0.1, the attack performance outperforms all baseline tasks, including the supervised baseline methods. The attack method is also transferred to other graph representation models, validating the method’s strong transferability.

show abstract

“…Compared to general deep learning models, GraphML is more vulnerable to privacy risks as they incorporate not only the node features/labels but also the graph structure [20]. Privacy preserving techniques for graph models are mainly based on differential privacy [20,29,30] and adversarial training frameworks [11,17,16].…”

Section: Privacy In Graphmlmentioning

confidence: 99%

Privacy and Transparency in Graph Machine Learning: A Unified Perspective

Khosla¹

2022

Preprint

View full text Add to dashboard Cite

Graph Machine Learning (GraphML), whereby classical machine learning is generalized to irregular graph domains, has enjoyed a recent renaissance, leading to a dizzying array of models and their applications in several domains. With its growing applicability to sensitive domains and regulations by government agencies for trustworthy AI systems, researchers have started looking into the issues of transparency and privacy of graph learning. However, these topics have been mainly investigated independently. In this position paper, we provide a unified perspective on the interplay of privacy and transparency in GraphML.

show abstract

NetFense: Adversarial Defenses against Privacy Attacks on Neural Networks for Graph Data

Cited by 11 publications

References 25 publications

Trustworthy Graph Neural Networks: Aspects, Methods and Trends

Trustworthy Graph Neural Networks: Aspects, Methods and Trends

MCGCL:Adversarial attack on graph contrastive learning based on momentum gradient candidates

Privacy and Transparency in Graph Machine Learning: A Unified Perspective

Contact Info

Product

Resources

About