Abstract
With the rapid development of neural network technologies in machine learning, neural networks are widely used in artificial intelligence tasks. Due to the widespread existence of graph data, graph neural networks, a kind of neural network specializing in processing graph data, has become a research hotspot. This paper firstly studies the relationship between adversarial attacks and privacy attacks on graphs, i.e., whether a robust model trained on graph adversarial can improve the attack effect of graph membership inference attacks. We also find the different performance of the robust model’s loss function on the training set and the test set is a critical reason for the increasing membership inference attack success rate. Extensive experimental evaluations on Cora, Cora-ml, Citeseer, Polblogs and Pubmed demonstrate that the robust model obtained by adversarial training can significantly improve the attack success rate of membership inference attacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Jordan, M.I., Mitchell, T.M.: Machine learning: trends, perspectives, and prospects. Science 349(6245), 255–260 (2015)
Wu, K., Wang, C., Liu, J.: Evolutionary multitasking multilayer network reconstruction. IEEE Trans. Cybern. (2021)
Hamilton, W.L., Ying, R., Leskovec, J.: Representation learning on graphs: methods and applications. In: Neural Information Processing Systems (NIPS), pp. 1024–1034 (2017)
Wu, K., Hao, X., Liu, J., Liu, P.H.: Online reconstruction of complex networks from streaming data. IEEE Trans. Cybern. 52(6), 5136–5147 (2020)
Wu, Z.H., Pan, S.R., Chen, F.W., Long, G.D., Zhang, C.Q., Philip, S.Y.: A comprehensive survey on graph neural networks. IEEE Trans. Neural Netw. Learn. Syst. 32(1), 4–24 (2020)
Ma, X., et al.: Secure multiparty learning from the aggregation of locally trained models. J. Netw. Comput. Appl. 167, 102754 (2020)
Chakraborty, A., Alam, M., Dey, V., Chattopadhyay, A., Mukhopadhyay, D.: Adversarial attacks and defences: a survey. arXiv preprint arXiv:1810.00069 (2018)
Zhang, X.Y., Chen, X.F., Liu, J.K., Xiang, Y.: DeepPAR and DeepDPA: privacy preserving and asynchronous deep learning for industrial IoT. IEEE Trans. Ind. Inf. 16(3), 2081–2090 (2019)
Zhang, X.Y., Chen, X.F., Yan, H.Y., Xiang, Y.: Privacy-preserving and verifiable online crowdsourcing with worker updates. Inf. Sci. 548, 212–232 (2021)
Shokri, R., Stronati, M., Song, C.Z., Shmatikov, V.: Membership inference attacks against machine learning models. In: IEEE Symposium on Security and Privacy (SP), pp. 3–18 (2017)
Melis, L., Song, C.Z., De, C.E., Shmatikov, V.: Exploiting unintended feature leakage in collaborative learning. In: IEEE Symposium on Security and Privacy (SP), pp. 691–706 (2019)
Sun, L.C., et al.: Adversarial attack and defense on graph data: a survey. arXiv preprint arXiv:1812.10528 (2018)
Song, L.W., Shokri, R., Mittal, P.: Privacy risks of securing machine learning models against adversarial examples. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 241–257 (2019)
Kipf, T.N., Welling, M.: Semi-supervised classification with graph convolutional networks. In: International Conference on Learning Representations (ICLR) (2017)
Hamilton, W., Ying, Z.T., Leskovec, J.: Inductive representation learning on large graphs. In: Advances in Neural Information Processing Systems (2017)
Veličković, P., Cucurull, G., Casanova, A., Romero, A., Lio, P., Bengio, Y.: Graph attention networks. In: International Conference on Machine Learning (2017)
Niepert, M., Ahmed, M., Kutzkov, K.: Learning convolutional neural networks for graphs. In: International Conference on Machine Learning, pp. 2014–2023 (2016)
Dai, H.J., et al.: Adversarial attack on graph structured data. arXiv preprint arXiv:1806.02371 (2018)
Jin, H.W., Zhang, X.H.: Latent adversarial training of graph convolution networks. In: ICML Workshop on Learning and Reasoning with Graph Structured Representations (2019)
Olatunji, I.E., Nejdl, W., Khosla, M.: Membership inference attack on graph neural networks. arXiv preprint arXiv:2101.06570 (2021)
He, X.L., Wen, R., Wu, Y.X., Backes, M., Shen, Y., Zhang, Y.: Node-level membership inference attacks against graph neural networks. arXiv preprint arXiv:2102.05429 (2021)
Wu, H.J., Wang, C., Tyshetskiy, Y., Docherty, A., Lu, K., Zhu, L.M.: Adversarial examples on graph data: deep insights into attack and defense. In: International Joint Conference on Artificial Intelligence (IJCAI) (2019)
Zügner, D., Günnemann, S.: Adversarial attacks on graph neural networks via meta learning. arXiv preprint arXiv:1902.08412 (2019)
Zügner, D., Akbarnejad, A., Günnemann, S.: Adversarial attacks on neural networks for graph data. In: Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery, pp. 2847–2856 (2018)
Acknowledgment
This work is supported by the National Nature Science Foundation of China (No. 62102300).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Liu, Z., Zhang, X., Chen, C., Lin, S., Li, J. (2022). Membership Inference Attacks Against Robust Graph Neural Network. In: Chen, X., Shen, J., Susilo, W. (eds) Cyberspace Safety and Security. CSS 2022. Lecture Notes in Computer Science, vol 13547. Springer, Cham. https://doi.org/10.1007/978-3-031-18067-5_19
Download citation
DOI: https://doi.org/10.1007/978-3-031-18067-5_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-18066-8
Online ISBN: 978-3-031-18067-5
eBook Packages: Computer ScienceComputer Science (R0)