摘要
为了保护隐私,同时维护干扰数据效用,提出了一种基于对抗性扰动图形神经网络的隐私攻击防御策略。候选边缘选择确保扰动图不可见,图形神经网络组合优化,确保隐私得到保护和数据实用性。进一步证明扰动图结构比扰动节点特征对图形神经网络的影响更大,并且证明扰动可以在模型不可察觉性和隐私保护之间取得平衡。实验结果表明:提出方法可以同时保持图形数据的不可见性,保持目标标签分类的预测置信度并降低隐私标签分类的预测置信度。
In order to protect privacy and maintain the utility of interfering data,a privacy attack defense strategy based on antagonistic disturbing graph neural network was proposed.Candidate selection ensured that the perturbed graph was invisible,graphical neural network impact analysis and combination optimization ensure privacy protection and data availability of the perturbed graph.It was further proved that the structure of the perturbed graph had more influence on the graph neural network than the characteristics of the perturbed nodes,and that the perturbations striked a balance between the imperceptibility of the model and privacy protection.Finally,the experimental results show that the proposed method can maintain the invisibility of graphic data,maintain the prediction confidence of target label classification and reduce the prediction confidence of private label classification.
作者
岑振宇
唐吉深
CEN Zhenyu;TANG Jishen(School of Mathematics and Statistics,Guangxi Normal University,Guilin 541004,China;School of Big Data and Computer Sciencein,Hechi University,Hechi 546300,China)
出处
《广西大学学报(自然科学版)》
CAS
北大核心
2023年第1期156-172,共17页
Journal of Guangxi University(Natural Science Edition)
基金
国家自然科学基金项目(61662007)。
关键词
隐私保护
对抗性
图形神经网络
隐私标签分类
privacy protection
antagonism
graphic neural network
privacy label classification
