Previous security research efforts orbiting around graphs have been exclusively focusing on either (de-)anonymizing the graphs or understanding the security and privacy issues of graph neural networks. Little attention has been paid to understand the privacy risks of integrating the output from graph embedding models (e.g., node embeddings) with complex downstream machine learning pipelines. In this paper, we fill this gap and propose a novel model-agnostic graph recovery attack that exploits the implicit graph structural information preserved in the embeddings of graph nodes. We show that an adversary can recover edges with decent accuracy by only gaining access to the node embedding matrix of the original graph without interactions with the node embedding models. We demonstrate the effectiveness and applicability of our graph recovery attack through extensive experiments.
翻译:以往围绕图形进行的安全研究努力一直完全侧重于图表的匿名化或了解图形神经网络的安全和隐私问题,很少注意了解将图形嵌入模型(例如节点嵌入模型)的产出与复杂的下游机器学习管道相结合的隐私风险。在本文中,我们填补了这一空白,并提议进行新型模型-不可知图回收攻击,利用在图形节点嵌入中保存的隐性图形结构信息。我们表明,对手可以通过仅获得原始图形的节点嵌入矩阵,而不与节点嵌入模型进行互动,从而以适当准确的方式恢复边缘。我们通过广泛的实验展示了我们的图形恢复袭击的有效性和适用性。