Abstract
Graph neural networks (GNNs) have demonstrated remarkable performance in diverse graph-related tasks, including node classification, graph classification, link prediction, etc. Previous research has indicated that GNNs are vulnerable to membership inference attacks (MIA). These attacks enable malevolent parties to deduce whether the data points are part of the training set by identifying the output distribution, giving rise to noteworthy privacy apprehensions, especially when the graph contains sensitive data. There have been some studies to defend against graph MIA so far, but they have issues like high computational cost and decreased model accuracy. In this paper, we introduce a novel defense framework called MaskArmor, designed to bolster the privacy and security of GNNs against MIA. The MaskArmor framework encompasses four distinct masking strategies: AdjMask, DTMask, ATMask, and SigMask. These strategies leverage message-passing mechanisms, distillation temperature, hybrid masking, and the Sigmoid function, respectively. The MaskArmor framework effectively obscures the distribution of the model on both the training and non-training samples, rendering it challenging for attackers to ascertain whether particular samples have undergone training. Additionally, MaskArmor sustains the model's precision with negligible computational overhead. Our experiments are implemented across seven benchmark datasets and four GNN networks against shadow-based and threshold-based MIAs, showcasing that MaskArmor substantially heightens GNNs' resilience against MIA while simultaneously preserving accuracy on the initial tasks. It also demonstrates adeptness in countering threshold-based MIA through strategies like AdjMask and ATMask. Exhaustive experimental results substantiate that MaskArmor outperforms alternative existing approaches, maintaining effectiveness and applicability across diverse datasets and attack scenarios.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.