2. Node injection link stealing attack
print

Node injection link stealing attack

Zari, Oualid; Parra-Arnau, Javier; Ünsal, Ayse; Önen, Melek
CSF 2024, IEEE Workshop on Security, Privacy and Information Theory, Protect-IT’24, Session 2: Differential privacy and security attacks, 8 July 2024, Enschede, The Netherlands

In this paper, we present a stealthy and effective attack that exposes privacy vulnerabilities in Graph Neural Networks (GNNs) by inferring private links within graph-structured data. Focusing on dynamic GNNs, we propose to inject new nodes and attach them to a particular target node to infer its private edge information. Our approach significantly enhances the F1 score of the attack beyond the current state-of-the-art benchmarks. Specifically, for the Twitch dataset, our method improves the F1 score by 23.75%, and for the Flickr dataset, it records a remarkable improvement, where the new performance is more than three times better than the state-of-the-art. We also propose and evaluate defense strategies based on differentially private (DP) mechanisms relying on a newly defined DP notion, which, on average, reduce the effectiveness of the attack by approximately 71.9% while only incurring a minimal average utility loss of about 3.2%.


Detail
ARXIV
BIBTEX
Type:
Conférence
City:
Enschede
Date:
2024-07-08
Department:
Sécurité numérique
Eurecom Ref:
7384
Copyright:
© 2024 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
See also:
UNSAL Ayse
ÖNEN Melek
ZARI Oualid
PERMALINK : https://www.eurecom.fr/publication/7384