pith. sign in

arxiv: 1806.02371 · v1 · pith:DBGXLMHLnew · submitted 2018-06-06 · 💻 cs.LG · cs.CR· cs.SI· stat.ML

Adversarial Attack on Graph Structured Data

Hanjun Dai , Hui Li , Tian Tian , Xin Huang , Lin Wang , Jun Zhu , Le Song This is my paper
classification 💻 cs.LG cs.CRcs.SIstat.ML
keywords attackadversarialattacksdatagraphlearningmodelsprediction
0
0 comments X
read the original abstract

Deep learning on graph structures has shown exciting results in various applications. However, few attentions have been paid to the robustness of such models, in contrast to numerous research work for image or text adversarial attack and defense. In this paper, we focus on the adversarial attacks that fool the model by modifying the combinatorial structure of data. We first propose a reinforcement learning based attack method that learns the generalizable attack policy, while only requiring prediction labels from the target classifier. Also, variants of genetic algorithms and gradient methods are presented in the scenario where prediction confidence or gradients are available. We use both synthetic and real-world data to show that, a family of Graph Neural Network models are vulnerable to these attacks, in both graph-level and node-level classification tasks. We also show such attacks can be used to diagnose the learned classifiers.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Can Subgraph Explanations Be Weaponized to Steal Graph Neural Networks?

    cs.LG 2026-05 unverdicted novelty 6.0

    The paper demonstrates a black-box model extraction attack on graph classification models that leverages binary subgraph explanations to guide Monte Carlo edge sensitivity estimation with concentration guarantees.