Large Language Models for Link Stealing Attacks Against Graph Neural Networks
- URL: http://arxiv.org/abs/2406.16963v1
- Date: Sat, 22 Jun 2024 02:47:24 GMT
- Title: Large Language Models for Link Stealing Attacks Against Graph Neural Networks
- Authors: Faqian Guan, Tianqing Zhu, Hui Sun, Wanlei Zhou, Philip S. Yu,
- Abstract summary: We introduce Large Language Models (LLMs) to perform link stealing attacks on Graph Neural Networks (GNNs)
LLMs can effectively integrate textual features and exhibit strong generalizability, enabling attacks to handle diverse data dimensions across various datasets.
Our approach significantly enhances the performance of existing link stealing attack tasks in both white-box and black-box scenarios.
- Score: 43.14042095143309
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Graph data contains rich node features and unique edge information, which have been applied across various domains, such as citation networks or recommendation systems. Graph Neural Networks (GNNs) are specialized for handling such data and have shown impressive performance in many applications. However, GNNs may contain of sensitive information and susceptible to privacy attacks. For example, link stealing is a type of attack in which attackers infer whether two nodes are linked or not. Previous link stealing attacks primarily relied on posterior probabilities from the target GNN model, neglecting the significance of node features. Additionally, variations in node classes across different datasets lead to different dimensions of posterior probabilities. The handling of these varying data dimensions posed a challenge in using a single model to effectively conduct link stealing attacks on different datasets. To address these challenges, we introduce Large Language Models (LLMs) to perform link stealing attacks on GNNs. LLMs can effectively integrate textual features and exhibit strong generalizability, enabling attacks to handle diverse data dimensions across various datasets. We design two distinct LLM prompts to effectively combine textual features and posterior probabilities of graph nodes. Through these designed prompts, we fine-tune the LLM to adapt to the link stealing attack task. Furthermore, we fine-tune the LLM using multiple datasets and enable the LLM to learn features from different datasets simultaneously. Experimental results show that our approach significantly enhances the performance of existing link stealing attack tasks in both white-box and black-box scenarios. Our method can execute link stealing attacks across different datasets using only a single model, making link stealing attacks more applicable to real-world scenarios.
Related papers
- GRID: Protecting Training Graph from Link Stealing Attacks on GNN Models [32.513071094162726]
Graph neural networks (GNNs) have exhibited superior performance in various classification tasks on graph-structured data.
Link stealing attacks pose severe security and privacy threats to the training graph used in GNN models.
We propose a novel solution, called Graph Link Disguise (GRID), to defend against link stealing attacks.
arXiv Detail & Related papers (2025-01-19T08:39:22Z) - Attack-in-the-Chain: Bootstrapping Large Language Models for Attacks Against Black-box Neural Ranking Models [111.58315434849047]
We introduce a novel ranking attack framework named Attack-in-the-Chain.
It tracks interactions between large language models (LLMs) and Neural ranking models (NRMs) based on chain-of-thought.
Empirical results on two web search benchmarks show the effectiveness of our method.
arXiv Detail & Related papers (2024-12-25T04:03:09Z) - Large Language Models Merging for Enhancing the Link Stealing Attack on Graph Neural Networks [10.807912659961012]
Link stealing attacks on graph data pose a significant privacy threat.
We find that an attacker can combine the data knowledge of multiple attackers to create a more effective attack model.
We propose a novel link stealing attack method that takes advantage of cross-dataset and Large Language Models.
arXiv Detail & Related papers (2024-12-08T06:37:05Z) - Link Stealing Attacks Against Inductive Graph Neural Networks [60.931106032824275]
A graph neural network (GNN) is a type of neural network that is specifically designed to process graph-structured data.
Previous work has shown that transductive GNNs are vulnerable to a series of privacy attacks.
This paper conducts a comprehensive privacy analysis of inductive GNNs through the lens of link stealing attacks.
arXiv Detail & Related papers (2024-05-09T14:03:52Z) - Sparse Vicious Attacks on Graph Neural Networks [3.246307337376473]
This work focuses on a specific, white-box attack to GNN-based link prediction models.
We propose SAVAGE, a novel framework and a method to mount this type of link prediction attacks.
Experiments conducted on real-world and synthetic datasets demonstrate that adversarial attacks implemented through SAVAGE indeed achieve high attack success rate.
arXiv Detail & Related papers (2022-09-20T12:51:24Z) - Model Inversion Attacks against Graph Neural Networks [65.35955643325038]
We study model inversion attacks against Graph Neural Networks (GNNs)
In this paper, we present GraphMI to infer the private training graph data.
Our experimental results show that such defenses are not sufficiently effective and call for more advanced defenses against privacy attacks.
arXiv Detail & Related papers (2022-09-16T09:13:43Z) - Graph Backdoor [53.70971502299977]
We present GTA, the first backdoor attack on graph neural networks (GNNs)
GTA departs in significant ways: it defines triggers as specific subgraphs, including both topological structures and descriptive features.
It can be instantiated for both transductive (e.g., node classification) and inductive (e.g., graph classification) tasks.
arXiv Detail & Related papers (2020-06-21T19:45:30Z) - Stealing Links from Graph Neural Networks [72.85344230133248]
Recently, neural networks were extended to graph data, which are known as graph neural networks (GNNs)
Due to their superior performance, GNNs have many applications, such as healthcare analytics, recommender systems, and fraud detection.
We propose the first attacks to steal a graph from the outputs of a GNN model that is trained on the graph.
arXiv Detail & Related papers (2020-05-05T13:22:35Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.