/Inference-Attacks-and-Defenses-for-GNNs

Inference Attacks and Defenses for GNNs

Attacks

  • Inference Attacks Against Graph Neural Network (2022 USENIX)
    • Authors: Zhikun Zhang, Min Chen, Michael Backes, Yun Shen, Yang Zhang
    • Attacks: Property Inference, Subgraph Inference, Graph Reconstruction
    • [paper]
    • [code]
  • Stealing Links from Graph Neural Networks (2021 USENIX)
    • Authors: Xinlei He, Jinyuan Jia, Michael Backes, Neil Zhenqiang Gong, Yang Zhang
    • Attacks: Link Inference
    • [paper]
  • Node-Level Membership Inference Attacks Against Graph Neural Networks (2021 arXiv)
    • Authors: Xinlei He, Rui Wen, Yixin Wu, Michael Backes, Yun Shen, Yang Zhang
    • Attacks: Membership Inference
    • [paper]
  • Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications (2021 ICDM)
    • Authors: Bang Wu, Xiangwen Yang, Shirui Pan, Xingliang Yuan
    • Attacks: Membership Inference
    • [paper]
    • [code]
  • Quantifying Privacy Leakage in Graph Embedding (2020 MobiQuitous and NeurIPS PPML)
    • Authors: Vasisht Duddu, Antoine Boutet, Virat Shejwalkar
    • Attacks: Attribute Inference, Membership Inference, Link Inference, Graph Reconstruction
    • [paper]
    • [code]

Defenses

  • Inference Attacks Against Graph Neural Network (2022 USENIX)
    • Authors: Zhikun Zhang, Min Chen, Michael Backes, Yun Shen, Yang Zhang
    • Defenses: Differential Privacy - like (add noises)
    • [paper]
    • [code]
  • NetFense: Adversarial Defenses against Privacy Attacks on Neural Networks for Graph Data (2021 TKDE)
    • Authors: I-Chung Hsieh, Cheng-Te Li
    • Defenses: Adversarial Training (Graph structure and node features perturbation)
    • [paper]
    • [code]
  • Privacy-Preserving Representation Learning on Graphs: A Mutual Information Perspective (2021 KDD)
    • Authors: Binghui Wang, Jiayi Guo, Ang Li, Yiran Chen, Hai Li
    • Defenses: Adversarial Training
    • [paper]
  • Graph Embedding for Recommendation against Attribute Inference Attacks (2021 WWW)
    • Authors: Shijie Zhang, Hongzhi Yin, Tong Chen, Zi Huang, Lizhen Cui, Xiangliang Zhang
    • Defenses: Differential Privacy
    • [paper]
  • Information Obfuscation of Graph Neural Networks (ICML 2021)
    • Authors: Peiyuan Liao, Han Zhao, Keyulu Xu, Tommi Jaakkola, Geoffrey Gordon, Stefanie Jegelka, Ruslan Salakhutdinov
    • Defenses: Adversarial Training
    • [paper]
    • [code]
  • Personalized privacy protection in social networks through adversarial modeling (2021 AAAI)
    • Authors: Sachin Biradar, Elena Zheleva
    • Defenses: Adversarial Training
    • [paper]
  • Adversarial Privacy Preserving Graph Embedding Against Inference Attack (2020 IoTJ)
    • Authors: Kaiyang Li, Guangchun Luo, Yang Ye, Wei Li
    • Defenses: Adversarial Training
    • [paper]
    • [code]