Finding MNEMON: Reviving Memories of Node Embeddings

ACM CCS 2022

Yun Shen1 Yufei Han2 Zhikun Zhang3 Min Chen3 Ting Yu4 Michael Backes3 Yang Zhang3 Gianluca Stringhini5

1. Norton Research Group 2. INRIA 3. CISPA Helmholtz Center for Information Security 4. QCRI 5. Boston University

Abstract


Previous security research efforts orbiting around graphs have been exclusively focusing on either (de-)anonymizing the graphs or understanding the security and privacy issues of graph neural networks. Little attention has been paid to understand the privacy risks of integrating the output from graph embedding models (e.g., node embeddings) with complex downstream machine learning pipelines. In this paper, we fill this gap and propose a novel model-agnostic graph recovery attack that exploits the implicit graph structural information preserved in the embeddings of graph nodes. We show that an adversary can recover edges with decent accuracy by only gaining access to the node embedding matrix of the original graph without interactions with the node embedding models. We demonstrate the effectiveness and applicability of our graph recovery attack through extensive experiments.

Resources


Citation

 @inproceedings{SHZCYBZS22,
    authors = {Yun Shen and Yufei Han and Zhikun Zhang and Min Chen and Ting Yu and Michael Backes and Yang Zhang and Gianluca Stringhini},
    title = {{Finding MNEMON: Reviving Memories of Node Embeddings}},
    booktitle = {{ACM CCS}},
    publisher = {},
    year = {2022},
    }