Technical Name Adversarial Privacy Attack and Defense on Graph Machine Learning
Project Operator National Cheng Kung University
Project Host 李政德
Summary
NetFense, a graph perturbation algorithm, defends against privacy breaches on e-commerce and FinTech, where adversaries could leverage graph neural networks (GNN) to infer user data. Balancing imperceptibility, data utility preservation, and privacy protection, NetFense reduces the prediction confidence of private label classification. Its efficacy is supported by experiments on 3 benchmark datasets. Published in IEEE TKDE 2023, it is a collaboration with Taiwanese banks E.Sun and SinoPac.
Scientific Breakthrough
NetFense, a graph neural network-based algorithm, safeguards privacy in social networks, recommender systems, and FinTech by creating perturbed graphs. It maintains performance for target labels, while reducing prediction confidence on private labels, balancing user privacy and graph data utility. Tests on benchmark datasets show NetFense typically trades 1% accuracy on target labels for a 3% decrease in private label accuracy, significantly surpassing the leading method, Nettack.
Industrial Applicability
NetFense, used by Taiwan's SinoPac and E.SUN banks, recommends financial items and classifies customer tags in a privacy-protected setting. It targets global financial institutions, promoting user consumption via privacy protection to boost market value, banking transactions, and customer profitability. As an open-source solution, it's also applicable to e-commerce recommendations, ad placements, and precision marketing.
Keyword Privacy Protection Recommender Systems Machine Learning Adversarial Learning Graph Data Social Networks Information Security Privacy Attack Privacy Defense Data Perturbation
  • Contact
  • Cheng-Te Li
other people also saw