Research Symposium | Center for Undergraduate Research and Academic Engagement

25th annual Undergraduate Research Symposium, April 1, 2025

Ken Anderson Poster Session 3: 1:45 pm - 2:45 pm/ Poster #169

BIO

My name is Ken Anderson.

CEGA: A Cost-Effective Approach for Graph-Based Model Extraction Attacks

Authors: Ken Anderson, Dr. Dong
Student Major: Applied and Computational Mathematics
Mentor: Dr. Dong
Mentor's Department: Computer Science
Mentor's College: College of Arts and Sciences
Co-Presenters: Kien Le

Abstract

Graph Neural Networks (GNNs) are a powerful machine learning approach designed to analyze graph-structured data. By leveraging the connectivity of graphs, GNNs demonstrate their effectiveness in prediction tasks for social networks, biology, and finance. Such models, however, are expensive to train, leading companies to offer them as Machine Learning as a Service (MLaaS), allowing users to access GNNs via a pay-per-query system. But, this creates a security risk: adversaries can strategically query a GNN model to recreate its functionality through a Model Extraction Attack (MEA). In this poster, we investigate a MEA scenario where the attacker has limited knowledge of the target GNN model and apply transferable active learning to reduce the number of queries required to build a comprehensive surrogate model. Through experiments on multiple datasets, our approach achieves high fidelity and accuracy while maintaining strict query constraints.

Group_AndersonK_LeK_Poster.pdf944.93 KB

Keywords: Neural Networks, Graph Neural Networks, MLaaS