In this paper, we measure the privacy leakage via studying whether graph representations can be inverted to recover the graph used to generate them via graph reconstruction attack (GRA). We propose a GRA that recovers a graph's adjacency matrix from the representations via a graph decoder that minimizes the reconstruction loss between the partial graph and the reconstructed graph. We study three types of representations that are trained on the graph, i.e., representations output from graph convolutional network (GCN), graph attention network (GAT), and our proposed simplicial neural network (SNN) via a higher-order combinatorial Laplacian. Unlike the first two types of representations that only encode pairwise relationships, the third type of representation, i.e., SNN outputs, encodes higher-order interactions (e.g., homological features) between nodes. We find that the SNN outputs reveal the lowest privacy-preserving ability to defend the GRA, followed by those of GATs and GCNs, which indicates the importance of building more private representations with higher-order node information that could defend the potential threats, such as GRAs.

翻译：本文通过研究图表示是否可被逆向还原为生成该表示的原始图（即图重构攻击），测量了隐私泄露程度。我们提出一种图重构攻击方法，该方法利用图解码器从图表示中恢复图的邻接矩阵，并通过最小化部分图与重构图之间的重构损失来实现。我们研究了在图结构上训练的三种表示类型：图卷积网络输出的表示、图注意力网络输出的表示，以及我们提出的基于高阶组合拉普拉斯算子的单纯复形神经网络输出的表示。与前两种仅编码节点间成对关系的表示不同，第三种表示（即单纯复形神经网络输出）编码了节点间的高阶交互（如同调特征）。研究发现，单纯复形神经网络输出对图重构攻击的隐私保护能力最弱，其次为图注意力网络和图卷积网络，这表明构建包含高阶节点信息的更具隐私性的表示至关重要，可抵御图重构攻击等潜在威胁。