• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

在药物发现领域发表神经网络可能会危及训练数据的隐私。

Publishing neural networks in drug discovery might compromise training data privacy.

作者信息

Krüger Fabian P, Östman Johan, Mervin Lewis, Tetko Igor V, Engkvist Ola

机构信息

Discovery Sciences, Molecular AI, AstraZeneca R&D, Mölndal, 431 83, Sweden.

TUM School of Computation, Information and Technology, Department of Mathematics, Technical University of Munich, Munich, 80333, Germany.

出版信息

J Cheminform. 2025 Mar 26;17(1):38. doi: 10.1186/s13321-025-00982-w.

DOI:10.1186/s13321-025-00982-w
PMID:40140934
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC11948693/
Abstract

This study investigates the risks of exposing confidential chemical structures when machine learning models trained on these structures are made publicly available. We use membership inference attacks, a common method to assess privacy that is largely unexplored in the context of drug discovery, to examine neural networks for molecular property prediction in a black-box setting. Our results reveal significant privacy risks across all evaluated datasets and neural network architectures. Combining multiple attacks increases these risks. Molecules from minority classes, often the most valuable in drug discovery, are particularly vulnerable. We also found that representing molecules as graphs and using message-passing neural networks may mitigate these risks. We provide a framework to assess privacy risks of classification models and molecular representations, available at https://github.com/FabianKruger/molprivacy . Our findings highlight the need for careful consideration when sharing neural networks trained on proprietary chemical structures, informing organisations and researchers about the trade-offs between data confidentiality and model openness.

摘要

本研究调查了在公开提供基于这些结构训练的机器学习模型时,暴露机密化学结构的风险。我们使用成员推理攻击(一种在药物发现背景下基本未被探索的评估隐私的常用方法),在黑盒设置中检查用于分子性质预测的神经网络。我们的结果揭示了所有评估数据集和神经网络架构中存在的重大隐私风险。组合多种攻击会增加这些风险。少数类别的分子,通常是药物发现中最有价值的,特别容易受到攻击。我们还发现,将分子表示为图形并使用消息传递神经网络可能会减轻这些风险。我们提供了一个评估分类模型和分子表示隐私风险的框架,可在https://github.com/FabianKruger/molprivacy获取。我们的研究结果强调了在共享基于专有化学结构训练的神经网络时需要仔细考虑,让组织和研究人员了解数据机密性和模型开放性之间的权衡。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/db67db83c467/13321_2025_982_Figc_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/953a73f34b9b/13321_2025_982_Figa_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/210b21ab30a7/13321_2025_982_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/1e89699a33af/13321_2025_982_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/1438064db08a/13321_2025_982_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/788b9a25bb71/13321_2025_982_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/51f9c45f15d2/13321_2025_982_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/c8e6ab000a4d/13321_2025_982_Figb_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/db67db83c467/13321_2025_982_Figc_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/953a73f34b9b/13321_2025_982_Figa_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/210b21ab30a7/13321_2025_982_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/1e89699a33af/13321_2025_982_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/1438064db08a/13321_2025_982_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/788b9a25bb71/13321_2025_982_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/51f9c45f15d2/13321_2025_982_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/c8e6ab000a4d/13321_2025_982_Figb_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/5e9c/11948693/db67db83c467/13321_2025_982_Figc_HTML.jpg

相似文献

1
Publishing neural networks in drug discovery might compromise training data privacy.在药物发现领域发表神经网络可能会危及训练数据的隐私。
J Cheminform. 2025 Mar 26;17(1):38. doi: 10.1186/s13321-025-00982-w.
2
Defense against membership inference attack in graph neural networks through graph perturbation.通过图扰动防御图神经网络中的成员推理攻击
Int J Inf Secur. 2023;22(2):497-509. doi: 10.1007/s10207-022-00646-y. Epub 2022 Dec 16.
3
kMoL: an open-source machine and federated learning library for drug discovery.kMoL:一个用于药物发现的开源机器学习与联邦学习库。
J Cheminform. 2025 Feb 25;17(1):22. doi: 10.1186/s13321-025-00967-9.
4
mDARTS: Searching ML-Based ECG Classifiers Against Membership Inference Attacks.mDARTS:针对成员推理攻击搜索基于机器学习的心电图分类器
IEEE J Biomed Health Inform. 2025 Jan;29(1):177-187. doi: 10.1109/JBHI.2024.3481505. Epub 2025 Jan 7.
5
Differential Privacy Protection Against Membership Inference Attack on Machine Learning for Genomic Data.针对基因组数据机器学习的成员推理攻击的差分隐私保护。
Pac Symp Biocomput. 2021;26:26-37.
6
Deep Neural Network Quantization Framework for Effective Defense against Membership Inference Attacks.用于有效防御成员推理攻击的深度神经网络量化框架
Sensors (Basel). 2023 Sep 7;23(18):7722. doi: 10.3390/s23187722.
7
Tunable Privacy Risk Evaluation of Generative Adversarial Networks.生成式对抗网络的可调隐私风险评估。
Stud Health Technol Inform. 2024 Aug 22;316:1233-1237. doi: 10.3233/SHTI240634.
8
Exploring the Relationship Between Privacy and Utility in Mobile Health: Algorithm Development and Validation via Simulations of Federated Learning, Differential Privacy, and External Attacks.探索移动健康中隐私与效用的关系:通过联邦学习、差分隐私和外部攻击的模拟算法开发和验证。
J Med Internet Res. 2023 Apr 20;25:e43664. doi: 10.2196/43664.
9
Decentralised, collaborative, and privacy-preserving machine learning for multi-hospital data.去中心化、协作和保护隐私的机器学习,适用于多医院数据。
EBioMedicine. 2024 Mar;101:105006. doi: 10.1016/j.ebiom.2024.105006. Epub 2024 Feb 19.
10
GraphormerDTI: A graph transformer-based approach for drug-target interaction prediction.GraphormerDTI:一种基于图Transformer 的药物-靶标相互作用预测方法。
Comput Biol Med. 2024 May;173:108339. doi: 10.1016/j.compbiomed.2024.108339. Epub 2024 Mar 18.

引用本文的文献

1
Advanced machine learning for innovative drug discovery.用于创新药物发现的先进机器学习技术。
J Cheminform. 2025 Aug 8;17(1):122. doi: 10.1186/s13321-025-01061-w.

本文引用的文献

1
Building open-source AI.构建开源人工智能。
Nat Comput Sci. 2023 Nov;3(11):908-911. doi: 10.1038/s43588-023-00540-0.
2
The ChEMBL Database in 2023: a drug discovery platform spanning multiple bioactivity data types and time periods.2023 年的 ChEMBL 数据库:一个涵盖多种生物活性数据类型和时间段的药物发现平台。
Nucleic Acids Res. 2024 Jan 5;52(D1):D1180-D1192. doi: 10.1093/nar/gkad1004.
3
Machine Learning on DNA-Encoded Library Count Data Using an Uncertainty-Aware Probabilistic Loss Function.基于不确定性感知概率损失函数的 DNA 编码库计数数据的机器学习。
J Chem Inf Model. 2022 May 23;62(10):2316-2331. doi: 10.1021/acs.jcim.2c00041. Epub 2022 May 10.
4
Privacy and artificial intelligence: challenges for protecting health information in a new era.隐私与人工智能:新时代保护健康信息的挑战。
BMC Med Ethics. 2021 Sep 15;22(1):122. doi: 10.1186/s12910-021-00687-3.
5
Machine Learning in Drug Discovery: A Review.药物发现中的机器学习:综述
Artif Intell Rev. 2022;55(3):1947-1999. doi: 10.1007/s10462-021-10058-4. Epub 2021 Aug 11.
6
Transformer-CNN: Swiss knife for QSAR modeling and interpretation.Transformer-CNN:用于QSAR建模与解释的多功能工具
J Cheminform. 2020 Mar 18;12(1):17. doi: 10.1186/s13321-020-00423-w.
7
QSAR without borders.无边界定量构效关系。
Chem Soc Rev. 2020 Jun 7;49(11):3525-3564. doi: 10.1039/d0cs00098a. Epub 2020 May 1.
8
Analyzing Learned Molecular Representations for Property Prediction.分析用于性质预测的学习分子表示。
J Chem Inf Model. 2019 Aug 26;59(8):3370-3388. doi: 10.1021/acs.jcim.9b00237. Epub 2019 Aug 13.
9
Applications of machine learning in drug discovery and development.机器学习在药物发现和开发中的应用。
Nat Rev Drug Discov. 2019 Jun;18(6):463-477. doi: 10.1038/s41573-019-0024-5.
10
The rise of deep learning in drug discovery.深度学习在药物发现中的崛起。
Drug Discov Today. 2018 Jun;23(6):1241-1250. doi: 10.1016/j.drudis.2018.01.039. Epub 2018 Jan 31.