IDEA: Invariant defense for graph adversarial robustness
文献类型:期刊论文
| 作者 | Tao, Shuchang1,2; Cao, Qi1; Shen, Huawei1,2; Wu, Yunfan1,2; Xu, Bingbing1; Cheng, Xueqi1,2 |
| 刊名 | INFORMATION SCIENCES
 |
| 出版日期 | 2024-10-01 |
| 卷号 | 680页码:18 |
| 关键词 | Invariant defense Adversarial robustness Causal feature Graph neural networks |
| ISSN号 | 0020-0255 |
| DOI | 10.1016/j.ins.2024.121171 |
| 英文摘要 | Despite the success of graph neural networks (GNNs), their vulnerability to adversarial attacks poses tremendous challenges for practical applications. Existing defense methods suffer from severe performance decline under unseen attacks, due to either limited observed adversarial examples or pre-defined heuristics. To address these limitations, we analyze the causalities in graph adversarial attacks and conclude that causal features are key to achieve graph adversarial robustness, owing to their determinedness for labels and invariance across attacks. To learn these causal features, we innovatively propose an Invariant causal DE fense method against adversarial Attacks (IDEA). We derive node-based and structure-based invariance objectives from an information-theoretic perspective. IDEA ensures strong predictability for labels and invariant predictability across attacks, which is provably a causally invariant defense across various attacks. Extensive experiments demonstrate that IDEA attains state-of-the-art defense performance under all five attacks on all five datasets. The implementation of IDEA is available at https:// github .com /TaoShuchang /IDEA _repo. |
| 资助项目 | National Key R&D Program of China[2022YFB3103700] ; National Key R&D Program of China[2022YFB3103701] ; Strategic Priority Research Program of the Chinese Academy of Sciences[XDB0680101] ; National Natural Science Foundation of China[62102402] ; National Natural Science Foundation of China[U21B2046] ; National Natural Science Foundation of China[62272125] ; Beijing Academy of Artificial Intelligence (BAAI) |
| WOS研究方向 | Computer Science |
| 语种 | 英语 |
| WOS记录号 | WOS:001302686700001 |
| 出版者 | ELSEVIER SCIENCE INC |
| 源URL | [http://119.78.100.204/handle/2XEOYT63/39615]  |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Cao, Qi; Shen, Huawei |
| 作者单位 | 1.Chinese Acad Sci, Inst Comp Technol, CAS Key Lab AI Safety, Beijing, Peoples R China 2.Univ Chinese Acad Sci, Beijing, Peoples R China |
| 推荐引用方式 GB/T 7714 | Tao, Shuchang,Cao, Qi,Shen, Huawei,et al. IDEA: Invariant defense for graph adversarial robustness[J]. INFORMATION SCIENCES,2024,680:18. |
| APA | Tao, Shuchang,Cao, Qi,Shen, Huawei,Wu, Yunfan,Xu, Bingbing,&Cheng, Xueqi.(2024).IDEA: Invariant defense for graph adversarial robustness.INFORMATION SCIENCES,680,18. |
| MLA | Tao, Shuchang,et al."IDEA: Invariant defense for graph adversarial robustness".INFORMATION SCIENCES 680(2024):18. |
入库方式: OAI收割
来源:计算技术研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。