Node Injection Link Stealing Attack
This work addresses privacy risks for users of GNNs in inductive settings, such as when new nodes join a graph, by exposing vulnerabilities and proposing mitigation strategies, though it is incremental in building on existing attack and defense research.
The paper tackles the problem of privacy vulnerabilities in Graph Neural Networks (GNNs) by proposing a stealthy attack that infers private links in graph-structured data, demonstrating superior performance in link inference compared to state-of-the-art methods, and it also examines differential privacy mechanisms to mitigate the attack while analyzing trade-offs with model utility.
In this paper, we present a stealthy and effective attack that exposes privacy vulnerabilities in Graph Neural Networks (GNNs) by inferring private links within graph-structured data. Focusing on the inductive setting where new nodes join the graph and an API is used to query predictions, we investigate the potential leakage of private edge information. We also propose methods to preserve privacy while maintaining model utility. Our attack demonstrates superior performance in inferring the links compared to the state of the art. Furthermore, we examine the application of differential privacy (DP) mechanisms to mitigate the impact of our proposed attack, we analyze the trade-off between privacy preservation and model utility. Our work highlights the privacy vulnerabilities inherent in GNNs, underscoring the importance of developing robust privacy-preserving mechanisms for their application.