English

Membership Inference Attacks on Knowledge Graphs

Artificial Intelligence 2022-03-02 v2 Computation and Language

Abstract

Membership inference attacks (MIAs) infer whether a specific data record is used for target model training. MIAs have provoked many discussions in the information security community since they give rise to severe data privacy issues, especially for private and sensitive datasets. Knowledge Graphs (KGs), which describe domain-specific subjects and relationships among them, are valuable and sensitive, such as medical KGs constructed from electronic health records. However, the privacy threat to knowledge graphs is critical but rarely explored. In this paper, we conduct the first empirical evaluation of privacy threats to knowledge graphs triggered by knowledge graph embedding methods (KGEs). We propose three types of membership inference attacks: transfer attacks (TAs), prediction loss-based attacks (PLAs), and prediction correctness-based attacks (PCAs), according to attack difficulty levels. In the experiments, we conduct three inference attacks against four standard KGE methods over three benchmark datasets. In addition, we also propose the attacks against medical KG and financial KG. The results demonstrate that the proposed attack methods can easily explore the privacy leakage of knowledge graphs.

Keywords

Cite

@article{arxiv.2104.08273,
  title  = {Membership Inference Attacks on Knowledge Graphs},
  author = {Yu Wang and Lifu Huang and Philip S. Yu and Lichao Sun},
  journal= {arXiv preprint arXiv:2104.08273},
  year   = {2022}
}

Comments

Under submission

R2 v1 2026-06-24T01:15:22.800Z