CISPA
Browse

Efficient Model-Stealing Attacks Against Inductive Graph Neural Networks

Download (479.98 kB)
conference contribution
posted on 2024-12-03, 09:48 authored by Marcin Podhajski, Jan Dubiński, Franziska Boenisch, Adam Dziedzic, Agnieszka Pregowska, Tomasz P Michalak
Graph Neural Networks (GNNs) are recognized as potent tools for processing real-world data organized in graph structures. Especially inductive GNNs, which allow for the processing of graph-structured data without relying on predefined graph structures, are becoming increasingly important in a wide range of applications. As such these networks become attractive targets for model-stealing attacks where an adversary seeks to replicate the functionality of the targeted network. Significant efforts have been devoted to developing model-stealing attacks that extract models trained on images and texts. However, little attention has been given to stealing GNNs trained on graph data. This paper identifies a new method of performing unsupervised model-stealing attacks against inductive GNNs, utilizing graph contrastive learning and spectral graph augmentations to efficiently extract information from the targeted model. The new type of attack is thoroughly evaluated on six datasets and the results show that our approach outperforms the current state-of-the-art by Shen et al. (2021). In particular, our attack surpasses the baseline across all benchmarks, attaining superior fidelity and downstream accuracy of the stolen model while necessitating fewer queries directed toward the target model.

History

Primary Research Area

  • Trustworthy Information Processing

Name of Conference

European Conference on Artificial Intelligence (ECAI)

CISPA Affiliation

  • Yes

Journal

Frontiers in Artificial Intelligence and Applications

Publisher

IOS Press

Open Access Type

  • Not Open Access

BibTeX

@inproceedings{Podhajski:Dubiński:Boenisch:Dziedzic:Pregowska:Michalak:2024, title = "Efficient Model-Stealing Attacks Against Inductive Graph Neural Networks", author = "Podhajski, Marcin" AND "Dubiński, Jan" AND "Boenisch, Franziska" AND "Dziedzic, Adam" AND "Pregowska, Agnieszka" AND "Michalak, Tomasz P", year = 2024, month = 10, journal = "Frontiers in Artificial Intelligence and Applications", publisher = "IOS Press", issn = "0922-6389", doi = "10.3233/faia240646" }

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC