GraphIP-Bench shows stealing GNNs is easy at moderate query budgets, most defenses fail to block or reliably trace extraction, and watermarks lose verification power on surrogates while heterophilic graphs are harder to steal.
Securing graph neural networks in mlaas: A comprehensive realization of query-based integrity verification
1 Pith paper cite this work. Polarity classification is still indexing.
1
Pith paper citing it
fields
cs.CR 1years
2026 1verdicts
ACCEPT 1representative citing papers
citing papers explorer
-
GraphIP-Bench: How Hard Is It to Steal a Graph Neural Network, and Can We Stop It?
GraphIP-Bench shows stealing GNNs is easy at moderate query budgets, most defenses fail to block or reliably trace extraction, and watermarks lose verification power on surrogates while heterophilic graphs are harder to steal.