PRIVACY ATTACK DEFENSE STRATEGY BASED ON ADVERSARIAL PERTURBATION GRAPH NEURAL NETWORK

In order to protect privacy and maintain the utility of interfering data, a privacy attack defense strategy based on adversarial disturbing graph neural network is proposed. Candidate selection ensured that the disturbed graph was invisible, and graph neural network impact analysis and combinatorial optimization ensured privacy protection and data practicability of the disturbed graph. It was further proved that the structure of disturbance graph had a greater impact on graph neural network than the characteristics of disturbance nodes, and it was proved that disturbance could strike a balance between model imperceptibility and privacy protection. The experimental results show that the proposed method can maintain the invisibility of graphics data, maintain the prediction confidence of target label classification and reduce the prediction confidence of privacy label classification.