Abstract
Graph is an important data representation ubiquitously existing in the real world. However, analyzing the graph data is computationally difficult due to its non-Euclidean nature. Graph embedding is a powerful tool to solve the graph analytics problem by transforming the graph data into low-dimensional vectors. These vectors could also be shared with third parties to gain additional insights of what is behind the data. While sharing graph embedding is intriguing, the associated privacy risks are unexplored. In this paper, we systematically investigate the information leakage of the graph embedding by mounting three inference attacks. First, we can successfully infer basic graph properties, such as the number of nodes, the number of edges, and graph density, of the target graph with up to 0.89 accuracy. Second, given a subgraph of interest and the graph embedding, we can determine with high confidence that whether the subgraph is contained in the target graph. For instance, we achieve 0.98 attack AUC on the DD dataset. Third, we propose a novel graph reconstruction attack that can reconstruct a graph that has similar graph structural statistics to the target graph. We further propose an effective defense mechanism based on graph embedding perturbation to mitigate the inference attacks without noticeable performance degradation for graph classification tasks.
Original language | English |
---|---|
Title of host publication | Proceedings of the 31st USENIX Security Symposium. August 10–12, 2022 , Boston, MA, USA |
Publisher | Association for Computing Machinery |
Pages | 4543-4560 |
Number of pages | 18 |
ISBN (Electronic) | 9781939133311 |
ISBN (Print) | 9781939133311 |
Publication status | Published - 2022 |
Event | 31st USENIX Security Symposium, Security 2022 - Boston, United States Duration: 10 Aug 2022 → 12 Aug 2022 |
Conference
Conference | 31st USENIX Security Symposium, Security 2022 |
---|---|
Country/Territory | United States |
City | Boston |
Period | 10/08/22 → 12/08/22 |
Funding
We thank the anonymous reviewers for their constructive feedback. This work is partially funded by the Helmholtz Association within the project “Trustworthy Federated Data Analytics” (TFDA) (funding number ZT-I-OO1 4).
Funders | Funder number |
---|---|
TFDA | ZT-I-OO1 4 |
Helmholtz Association |