A Robust Detection and Correction Framework for GNN-Based Vertical Federated Learning

Graph Neural Network based Vertical Federated Learning (GVFL) facilitates data collaboration while preserving data privacy by learning GNN-based node representations from participants holding different dimensions of node features. Existing works have shown that GVFL is vulnerable to adversarial attacks from malicious participants. However, how to defend against various adversarial attacks has not been investigated under the non-i.i.d. nature of graph data and privacy constraints. In this paper, we propose RDC-GVFL, a novel two-phase robust GVFL framework. In the detection phase, we adapt a Shapley-based method to evaluate the contribution of all participants to identify malicious ones. In the correction phase, we leverage historical embeddings to rectify malicious embeddings, thereby obtaining accurate predictions. We conducted extensive experiments on three well-known graph datasets under four adversarial attack settings. Our experimental results demonstrate that RDC-GVFL can effectively detect malicious participants and ensure a robust GVFL model against diverse attacks. Our code and supplemental material is available at https://github.com/zcyang- cs/RDCGVFL.