Graphs are widely used to model the complex relationships among entities. As a powerful tool for graph analytics, graph neural networks (GNNs) have recently gained wide attention due to its end-to-end processing capabilities. With the proliferation of cloud computing, it is increasingly popular to deploy the services of complex and resource-intensive model training and inference in the cloud due to its prominent benefits. However, GNN training and inference services, if deployed in the cloud, will raise critical privacy concerns about the information-rich and proprietary graph data (and the resulting model). While there has been some work on secure neural network training and inference, they all focus on convolutional neural networks handling images and text rather than complex graph data with rich structural information. In this paper, we design, implement, and evaluate SecGNN, the first system supporting privacy-preserving GNN training and inference services in the cloud. SecGNN is built from a synergy of insights on lightweight cryptography and machine learning techniques. We deeply examine the procedure of GNN training and inference, and devise a series of corresponding secure customized protocols to support the holistic computation. Extensive experiments demonstrate that SecGNN achieves comparable plaintext training and inference accuracy, with promising performance.

翻译：图被广泛用于建模实体间的复杂关系。作为图分析的有力工具，图神经网络因其端到端的处理能力近年来受到广泛关注。随着云计算的普及，将复杂且资源密集的模型训练与推理服务部署在云端日益流行。然而，若将图神经网络训练与推理服务部署在云端，会引发关于信息丰富且专有的图数据（及其衍生模型）的关键隐私问题。尽管已有一些关于安全神经网络训练与推理的研究工作，但它们均聚焦于处理图像和文本的卷积神经网络，而非具有丰富结构信息的复杂图数据。本文设计、实现并评估了SecGNN——首个支持云端隐私保护图神经网络训练与推理的系统。SecGNN融合轻量级密码学与机器学习技术的协同洞见构建而成。我们深入研究了图神经网络训练与推理的过程，并设计了一系列相应的安全定制协议以支持整体计算。大量实验表明，SecGNN在实现有竞争力的性能的同时，达到了与明文训练和推理相当的精度。