Institute of Computing Technology, Chinese Academy IR
| Graph Adversarial Immunization for Certifiable Robustness | |
| Tao, Shuchang1,2; Cao, Qi1,2; Shen, Huawei1,2; Wu, Yunfan1,2; Hou, Liang1,2; Cheng, Xueqi3 | |
| 2024-04-01 | |
| 发表期刊 | IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING
 |
| ISSN | 1041-4347 |
| 卷号 | 36期号:4页码:1597-1610 |
| 摘要 | Despite achieving great success, graph neural networks (GNNs) are vulnerable to adversarial attacks. Existing defenses focus on developing adversarial training or model modification. In this paper, we propose and formulate graph adversarial immunization, i.e., vaccinating part of graph structure to improve certifiable robustness of graph against any admissible adversarial attack. We first propose edge-level immunization to vaccinate node pairs. Unfortunately, such edge-level immunization cannot defend against emerging node injection attacks, since it only immunizes existing node pairs. To this end, we further propose node-level immunization. To avoid computationally intensive combinatorial optimization associated with adversarial immunization, we develop AdvImmune-Edge and AdvImmune-Node algorithms to effectively obtain the immune node pairs or nodes. Extensive experiments demonstrate the superiority of AdvImmune methods. In particular, AdvImmune-Node remarkably improves the ratio of robust nodes by 79$\%$%, 294$\%$%, and 100$\%$%, after immunizing only 5$\%$% of nodes. Furthermore, AdvImmune methods show excellent defensive performance against various attacks, outperforming state-of-the-art defenses. To the best of our knowledge, this is the first attempt to improve certifiable robustness from graph data perspective without losing performance on clean graphs, providing new insights into graph adversarial learning. |
| 关键词 | Adversarial attack adversarial immunization certifiable robustness graph neural networks node classification |
| DOI | 10.1109/TKDE.2023.3311105 |
| 收录类别 | SCI |
| 语种 | 英语 |
| 资助项目 | National Key Ramp;D Program of China |
| WOS研究方向 | Computer Science ; Engineering |
| WOS类目 | Computer Science, Artificial Intelligence ; Computer Science, Information Systems ; Engineering, Electrical & Electronic |
| WOS记录号 | WOS:001181467200023 |
| 出版者 | IEEE COMPUTER SOC |
| 引用统计 | |
| 文献类型 | 期刊论文 |
| 条目标识符 | http://119.78.100.204/handle/2XEOYT63/38735 |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Cao, Qi; Shen, Huawei |
| 作者单位 | 1.Chinese Acad Sci, Inst Comp Technol, Data Intelligence Syst Res Ctr, Beijing 100190, Peoples R China 2.Univ Chinese Acad Sci, Beijing 100190, Peoples R China 3.Chinese Acad Sci, Inst Comp Technol, CAS Key Lab Network Data Sci & Technol, Beijing 100190, Peoples R China |
| 推荐引用方式 GB/T 7714 | Tao, Shuchang,Cao, Qi,Shen, Huawei,et al. Graph Adversarial Immunization for Certifiable Robustness[J]. IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING,2024,36(4):1597-1610. |
| APA | Tao, Shuchang,Cao, Qi,Shen, Huawei,Wu, Yunfan,Hou, Liang,&Cheng, Xueqi.(2024).Graph Adversarial Immunization for Certifiable Robustness.IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING,36(4),1597-1610. |
| MLA | Tao, Shuchang,et al."Graph Adversarial Immunization for Certifiable Robustness".IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING 36.4(2024):1597-1610. |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论