53,050 research outputs found
Stealing Links from Graph Neural Networks
Graph data, such as chemical networks and social networks, may be deemed
confidential/private because the data owner often spends lots of resources
collecting the data or the data contains sensitive information, e.g., social
relationships. Recently, neural networks were extended to graph data, which are
known as graph neural networks (GNNs). Due to their superior performance, GNNs
have many applications, such as healthcare analytics, recommender systems, and
fraud detection. In this work, we propose the first attacks to steal a graph
from the outputs of a GNN model that is trained on the graph. Specifically,
given a black-box access to a GNN model, our attacks can infer whether there
exists a link between any pair of nodes in the graph used to train the model.
We call our attacks link stealing attacks. We propose a threat model to
systematically characterize an adversary's background knowledge along three
dimensions which in total leads to a comprehensive taxonomy of 8 different link
stealing attacks. We propose multiple novel methods to realize these 8 attacks.
Extensive experiments on 8 real-world datasets show that our attacks are
effective at stealing links, e.g., AUC (area under the ROC curve) is above 0.95
in multiple cases. Our results indicate that the outputs of a GNN model reveal
rich information about the structure of the graph used to train the model.Comment: To appear in the 30th Usenix Security Symposium, August 2021,
Vancouver, B.C., Canad
Migrating Knowledge between Physical Scenarios based on Artificial Neural Networks
Deep learning is known to be data-hungry, which hinders its application in
many areas of science when datasets are small. Here, we propose to use transfer
learning methods to migrate knowledge between different physical scenarios and
significantly improve the prediction accuracy of artificial neural networks
trained on a small dataset. This method can help reduce the demand for
expensive data by making use of additional inexpensive data. First, we
demonstrate that in predicting the transmission from multilayer photonic film,
the relative error rate is reduced by 46.8% (26.5%) when the source data comes
from 10-layer (8-layer) films and the target data comes from 8-layer (10-layer)
films. Second, we show that the relative error rate is decreased by 22% when
knowledge is transferred between two very different physical scenarios:
transmission from multilayer films and scattering from multilayer
nanoparticles. Finally, we propose a multi-task learning method to improve the
performance of different physical scenarios simultaneously in which each task
only has a small dataset
Learning and Transferring IDs Representation in E-commerce
Many machine intelligence techniques are developed in E-commerce and one of
the most essential components is the representation of IDs, including user ID,
item ID, product ID, store ID, brand ID, category ID etc. The classical
encoding based methods (like one-hot encoding) are inefficient in that it
suffers sparsity problems due to its high dimension, and it cannot reflect the
relationships among IDs, either homogeneous or heterogeneous ones. In this
paper, we propose an embedding based framework to learn and transfer the
representation of IDs. As the implicit feedbacks of users, a tremendous amount
of item ID sequences can be easily collected from the interactive sessions. By
jointly using these informative sequences and the structural connections among
IDs, all types of IDs can be embedded into one low-dimensional semantic space.
Subsequently, the learned representations are utilized and transferred in four
scenarios: (i) measuring the similarity between items, (ii) transferring from
seen items to unseen items, (iii) transferring across different domains, (iv)
transferring across different tasks. We deploy and evaluate the proposed
approach in Hema App and the results validate its effectiveness.Comment: KDD'18, 9 page
- …