Graph Adversarial Immunization for Certifiable Robustness
文献类型:期刊论文
| 作者 | Tao, Shuchang2,3; Cao, Qi2,3; Shen, Huawei2,3; Wu, Yunfan2,3; Hou, Liang2,3; Cheng, Xueqi1 |
| 刊名 | IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING
 |
| 出版日期 | 2024-04-01 |
| 卷号 | 36期号:4页码:1597-1610 |
| 关键词 | Adversarial attack adversarial immunization certifiable robustness graph neural networks node classification |
| ISSN号 | 1041-4347 |
| DOI | 10.1109/TKDE.2023.3311105 |
| 英文摘要 | Despite achieving great success, graph neural networks (GNNs) are vulnerable to adversarial attacks. Existing defenses focus on developing adversarial training or model modification. In this paper, we propose and formulate graph adversarial immunization, i.e., vaccinating part of graph structure to improve certifiable robustness of graph against any admissible adversarial attack. We first propose edge-level immunization to vaccinate node pairs. Unfortunately, such edge-level immunization cannot defend against emerging node injection attacks, since it only immunizes existing node pairs. To this end, we further propose node-level immunization. To avoid computationally intensive combinatorial optimization associated with adversarial immunization, we develop AdvImmune-Edge and AdvImmune-Node algorithms to effectively obtain the immune node pairs or nodes. Extensive experiments demonstrate the superiority of AdvImmune methods. In particular, AdvImmune-Node remarkably improves the ratio of robust nodes by 79$\%$%, 294$\%$%, and 100$\%$%, after immunizing only 5$\%$% of nodes. Furthermore, AdvImmune methods show excellent defensive performance against various attacks, outperforming state-of-the-art defenses. To the best of our knowledge, this is the first attempt to improve certifiable robustness from graph data perspective without losing performance on clean graphs, providing new insights into graph adversarial learning. |
| 资助项目 | National Key Ramp;D Program of China |
| WOS研究方向 | Computer Science ; Engineering |
| 语种 | 英语 |
| WOS记录号 | WOS:001181467200023 |
| 出版者 | IEEE COMPUTER SOC |
| 源URL | [http://119.78.100.204/handle/2XEOYT63/38734]  |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Cao, Qi; Shen, Huawei |
| 作者单位 | 1.Chinese Acad Sci, Inst Comp Technol, CAS Key Lab Network Data Sci & Technol, Beijing 100190, Peoples R China 2.Univ Chinese Acad Sci, Beijing 100190, Peoples R China 3.Chinese Acad Sci, Inst Comp Technol, Data Intelligence Syst Res Ctr, Beijing 100190, Peoples R China |
| 推荐引用方式 GB/T 7714 | Tao, Shuchang,Cao, Qi,Shen, Huawei,et al. Graph Adversarial Immunization for Certifiable Robustness[J]. IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING,2024,36(4):1597-1610. |
| APA | Tao, Shuchang,Cao, Qi,Shen, Huawei,Wu, Yunfan,Hou, Liang,&Cheng, Xueqi.(2024).Graph Adversarial Immunization for Certifiable Robustness.IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING,36(4),1597-1610. |
| MLA | Tao, Shuchang,et al."Graph Adversarial Immunization for Certifiable Robustness".IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING 36.4(2024):1597-1610. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。