Table of contents

  • This session has been presented February 18, 2022.

Description

  • Speaker

    Yufei Han (INRIA)

Many real-world data come in the form of graphs. Graph neural networks (GNNs), a new family of machine learning (ML) models, have been proposed to fully leverage graph data to build powerful applications. In particular, the inductive GNNs, which can generalize to unseen data, become mainstream in this direction. Machine learning models have shown great potential in various tasks and have been deployed in many real-world scenarios. To train a good model, a large amount of data as well as computational resources are needed, leading to valuable intellectual property. Previous research has shown that ML models are prone to model stealing attacks, which aim to steal the functionality of the target models. However, most of them focus on the models trained with images and texts. On the other hand, little attention has been paid to models trained with graph data, i.e., GNNs. In this paper, we fill the gap by proposing the first model stealing attacks against inductive GNNs. We systematically define the threat model and propose six attacks based on the adversary’s background knowledge and the responses of the target models. Our evaluation on six benchmark datasets shows that the proposed model stealing attacks against GNNs achieve promising performance.

Practical infos

Next sessions

  • Opening Pandora's Box: White-Box Attacks on Microsoft's PhotoDNA Perceptual Hash Function

    • June 05, 2026 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Aurigny room

    Speaker : Diane Leblanc-Albarel - KU Leuven

    PhotoDNA is a widely deployed perceptual hash function used for the detection of illicit content such as Child Sexual Abuse Material (CSAM). In this talk, I will present our paper introducing the first mathematical description of Alleged PhotoDNA, a function that reproduces the outputs of PhotoDNA. Our analysis reveals several structural weaknesses: the function is piece-wise linear and[…]

    • Cryptography

    • Privacy

  • Towards More Secure Large Language Models

    • June 12, 2026 (11:00 - 12:00)

    • Inria Center of the University of Rennes - Petri/Turing room

    Speaker : Raouf Kerkouche - Inria Lille

    Large Language Models (LLMs) have achieved considerable success and are now widely used across multiple domains, highlighting their transformative impact on both technology and society. However, this widespread adoption also exposes LLMs to numerous security threats that can alter model behavior or degrade overall performance. To mitigate these threats, most research has focused on alignment[…]

    • Machine learning

Show previous sessions
Page top