BEGIN:VCALENDAR
VERSION:2.0
PRODID:Linklings LLC
BEGIN:VTIMEZONE
TZID:America/Los_Angeles
X-LIC-LOCATION:America/Los_Angeles
BEGIN:DAYLIGHT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
TZNAME:PDT
DTSTART:19700308T020000
RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
TZNAME:PST
DTSTART:19701101T020000
RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTAMP:20260402T024533Z
LOCATION:3006\, Level 3
DTSTART;TZID=America/Los_Angeles:20250624T111500
DTEND;TZID=America/Los_Angeles:20250624T113000
UID:dac_DAC 2025_sess148_RESEARCH649@linklings.com
SUMMARY:Graph in the Vault: Protecting Edge GNN Inference with Trusted Exe
 cution Environment
DESCRIPTION:Ruyi Ding, Tianhong Xu, Aidong Adam Ding, and Yunsi Fei (North
 eastern University)\n\nWide deployment of machine learning models on edge 
 devices has rendered the model intellectual property (IP) and data privacy
  vulnerable. We propose GNNVault, the first secure Graph Neural Network (G
 NN) deployment strategy based on Trusted Execution Environment (TEE). \nGN
 NVault follows the design of  *partition-before-training* and includes a p
 rivate GNN rectifier to complement with a public backbone model. This way,
  both critical GNN model parameters and the private graph used during infe
 rence are protected within secure TEE compartments. Real-world implementat
 ions with Intel SGX demonstrate that GNNVault safeguards GNN inference aga
 inst state-of-the-art link stealing attacks with a negligible accuracy deg
 radation (<2%).\n\nTopics: Security\n\nTracks: SEC1: AI/ML Security/Privac
 y\n\nSession Chairs: Adnan Siraj Rakin (Binghamton University) and Ayesha 
 Siddique (University of Maine)\n\n
END:VEVENT
END:VCALENDAR