Start / staff

Partner: Adam Dziedzic

Prace konferencyjne
1.Podhajski M., Dubiński J., Franziska B., Dziedzic A., Pręgowska A., Michalak T., Efficient Model-Stealing Attacks Against Inductive Graph Neural Networks, ECAI, European Conference on Artificial Intelligence, 2024-10-19/10-24, Santiago de Compostela (ES), DOI: 10.3233/FAIA240646, pp.1438-1445, 2024

Streszczenie:

Graph Neural Networks (GNNs) are recognized as potent tools for processing real-world data organized in graph structures. Especially inductive GNNs, which allow for the processing of graph-structured data without relying on predefined graph structures, are becoming increasingly important in a wide range of applications. As such these networks become attractive targets for model-stealing attacks where an adversary seeks to replicate the functionality of the targeted network. Significant efforts have been devoted
to developing model-stealing attacks that extract models trained on images and texts. However, little attention has been given to stealing GNNs trained on graph data. This paper identifies a new method of performing unsupervised model-stealing attacks against inductive GNNs, utilizing graph contrastive learning and spectral graph augmentations to efficiently extract information from the targeted model. The new type of attack is thoroughly evaluated on six datasets and the results show that our approach outperforms the current state-of-the-art by Shen et al. (2021). In particular, our attack surpasses the baseline across all benchmarks, attaining superior fidelity and downstream accuracy of the stolen model while necessitating fewer queries directed toward the target model.

Afiliacje autorów:

Podhajski M.-IPPT PAN
Dubiński J.-other affiliation
Franziska B.-other affiliation
Dziedzic A.-other affiliation
Pręgowska A.-IPPT PAN
Michalak T.-other affiliation
administrator Polityka Cookies