Attack and Defense Methods for Graph Vertical Federation Learning
Authors: 
Xinyi Xie, Haibin Zheng, Hu Li, Ling Pang, Jinyin ChenAuthors Info & Claims
Pages 175 - 179
Abstract
To further protect citizens' privacy and national data security, graph federation learning has been widely used and rapidly developed. However, with the deployment and landing of graph federation learning tasks, the security issues involved are gradually exposed. To deeply study the application security issues of graph federation learning, this paper proposes an attack method and privacy protection defense method for graph data in the framework of vertical federation learning. The research revolves around the attack method. First, noise is randomly generated, combined with the attacker's embedding features, and fed into the server model, and the calculated results are compared with the real values to obtain the loss values. Then the attacker's attack model is updated to generate a new inference of the attacked embedding. The experiments conducted on two real-world datasets both obtained MSE metrics below 1, which fully illustrates the effectiveness of the attack method. Further research is conducted around the defense method, which uses a computed differential noise added to the uploaded embedding information to achieve the defense against privacy theft. In the experiments, the related attack metrics are significantly reduced with almost no impact on the main task performance.
References
[1]
L.M. Chao, X.L. Yin. 2021. AI Governance and System: Current Situation and Trend. Computer Science 48(9): 1-8. https://doi.org/10.11896/jsjkx.210600034
[2]
W. Zhao, R. Chellappa, P.J. Phillips.Rosenfeld. 2003. Face recognition: a literature survey. Acm Computing Surveys 35(4), 399-458. https://doi.org/10.1145/954339.954342
[3]
T.T. Liu, H. Yang, Y.M. Xi, J.W. Guo, Z.K. Pan and B.X. Huang. 2021. Review on Intelligent Diagnosis of Spine Disease Based on Machine Learning. Computer Science 48(11A): 597-607. https://doi.org/10.11896/jsjkx.201100006
[4]
Z.Y. Chen, J. Sui. 2022. DeepFM and Convolutional Neural Networks Ensembles for Multimodal Rumor Detection. Computer Science 49(1): 101-107. https://doi.org/10.11896/jsjkx.201200007
[5]
C.J. Zheng, C.L. Wang, N. Jia. 2020. Survey of Acoustic Feature Extraction in Speech Tasks. Computer Science 47(5): 110-119. https://doi.org/10.11896/jsjkx.190400122
[6]
M. Ghouse, M.J. Nene, C. VembuSelvi. 2019. Data Leakage Prevention for Data in Transit using Artificial Intelligence and Encryption Techniques. 2019 International Conference on Advances in Computing, Communication and Control (ICAC3). IEEE, 2019: 1-6.
[7]
Q. Yang, Y. Liu, T. Chen, and Y. Tong. 2019. Federated Machine Learning: Concept and Applications. ACM Transactions on Intelligent Systems and Technology 10(2):1 - 19. https://doi.org/10.1145/3298981
[8]
Z.H. Wu, S.R. Pan, F.W. Chen, G.D. Long. C.Q. Zhang and P.S. Yu. 2021. A comprehensive survey on graph neural networks. IEEE transactions on neural networks and learning systems 32(1): 4-24.
[9]
Z. Zhang, J. Jia, B. Wang and N. Z. Gong. 2020. Backdoor Attacks to Graph Neural Networks. arXiv preprint arXiv: 2006.11165. https://doi.org/10.48550/arXiv.2006.11165
[10]
J. Chen, Y. Wu, X. Xu, Y. Chen, H. Zhen and Q. Xuan.2018. Fast Gradient Attack on Network Embedding. arXiv preprint arXiv: 1809.02797. https://doi.org/ 10.48550/arXiv.1809.02797
[11]
W.L. Chiang, X. Liu, S. Si, Y. Liu and C.J. Heish.2019. Cluster-gcn: An efficient algorithm for training deep and large graph convolutional networks. Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining: 257-266. https://doi.org/10.1145/3292500.3330925
[12]
N. Z. Gong and B. Liu. 2018 Attribute Inference Attacks in Online Social Networks. ACM Transactions on Privacy and Security 3:1 - 30. https://doi.org/10.1145/3154793
[13]
V. Duddu, A. Boutet and V. Shejwalkar. 2020 Quantifying Privacy Leakage in Graph Embedding. arXiv preprint arXiv: 2010.00906 https://doi.org/10.1145/3448891.3448939
Index Terms
- Attack and Defense Methods for Graph Vertical Federation Learning
Index terms have been assigned to the content through auto-classification.
Recommendations
Research on Block Chain Defense against Malicious Attack in Federated Learning
ICBCT '21: Proceedings of the 2021 3rd International Conference on Blockchain TechnologyFederated learning enables participants to be capable of collaboratively building powerful machine learning models and exploiting privacy protection mechanisms to protect data privacy. However, the federal-learning security mechanism remains not perfect. ...
Gradient-based defense methods for data leakage in vertical federated learning
AbstractResearch on federated learning has continued to develop over the past few years. Many federated learning algorithms and frameworks have been developed to ensure model accuracy and protect client data privacy, which has been extensively beneficial ...
FLAIR: Defense against Model Poisoning Attack in Federated Learning
ASIA CCS '23: Proceedings of the 2023 ACM Asia Conference on Computer and Communications SecurityFederated learning—multi-party, distributed learning in a decentralized environment—is vulnerable to model poisoning attacks, more so than centralized learning. This is because malicious clients can collude and send in carefully tailored model updates ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
October 2022
753 pages
ISBN:9781450397780
DOI:10.1145/3569966
Copyright © 2022 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 20 December 2022
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- The National Key Laboratory of Science and Technology on Information System Security
- The 2020 Industrial Internet Innovation Development Project
- Ten Thousand Talents Program in Zhejiang Province
- The National Natural Science Foundation of China
- The Key R&D Projects in Zhejiang Province
Conference
CSSE 2022
CSSE 2022: 2022 5th International Conference on Computer Science and Software Engineering
October 21 - 23, 2022
Guilin, China
Acceptance Rates
Overall Acceptance Rate 33 of 74 submissions, 45%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 62Total Downloads
- Downloads (Last 12 months)31
- Downloads (Last 6 weeks)6
Reflects downloads up to 26 Sep 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format