Institute of Computing Technology, Chinese Academy IR
| IDEA: Invariant defense for graph adversarial robustness | |
| Tao, Shuchang1,2; Cao, Qi1; Shen, Huawei1,2; Wu, Yunfan1,2; Xu, Bingbing1; Cheng, Xueqi1,2 | |
| 2024-10-01 | |
| 发表期刊 | INFORMATION SCIENCES
 |
| ISSN | 0020-0255 |
| 卷号 | 680页码:18 |
| 摘要 | Despite the success of graph neural networks (GNNs), their vulnerability to adversarial attacks poses tremendous challenges for practical applications. Existing defense methods suffer from severe performance decline under unseen attacks, due to either limited observed adversarial examples or pre-defined heuristics. To address these limitations, we analyze the causalities in graph adversarial attacks and conclude that causal features are key to achieve graph adversarial robustness, owing to their determinedness for labels and invariance across attacks. To learn these causal features, we innovatively propose an Invariant causal DE fense method against adversarial Attacks (IDEA). We derive node-based and structure-based invariance objectives from an information-theoretic perspective. IDEA ensures strong predictability for labels and invariant predictability across attacks, which is provably a causally invariant defense across various attacks. Extensive experiments demonstrate that IDEA attains state-of-the-art defense performance under all five attacks on all five datasets. The implementation of IDEA is available at https:// github .com /TaoShuchang /IDEA _repo. |
| 关键词 | Invariant defense Adversarial robustness Causal feature Graph neural networks |
| DOI | 10.1016/j.ins.2024.121171 |
| 收录类别 | SCI |
| 语种 | 英语 |
| 资助项目 | National Key R&D Program of China[2022YFB3103700] ; National Key R&D Program of China[2022YFB3103701] ; Strategic Priority Research Program of the Chinese Academy of Sciences[XDB0680101] ; National Natural Science Foundation of China[62102402] ; National Natural Science Foundation of China[U21B2046] ; National Natural Science Foundation of China[62272125] ; Beijing Academy of Artificial Intelligence (BAAI) |
| WOS研究方向 | Computer Science |
| WOS类目 | Computer Science, Information Systems |
| WOS记录号 | WOS:001302686700001 |
| 出版者 | ELSEVIER SCIENCE INC |
| 引用统计 | |
| 文献类型 | 期刊论文 |
| 条目标识符 | http://119.78.100.204/handle/2XEOYT63/39616 |
| 专题 | 中国科学院计算技术研究所期刊论文_英文 |
| 通讯作者 | Cao, Qi; Shen, Huawei |
| 作者单位 | 1.Chinese Acad Sci, Inst Comp Technol, CAS Key Lab AI Safety, Beijing, Peoples R China 2.Univ Chinese Acad Sci, Beijing, Peoples R China |
| 推荐引用方式 GB/T 7714 | Tao, Shuchang,Cao, Qi,Shen, Huawei,et al. IDEA: Invariant defense for graph adversarial robustness[J]. INFORMATION SCIENCES,2024,680:18. |
| APA | Tao, Shuchang,Cao, Qi,Shen, Huawei,Wu, Yunfan,Xu, Bingbing,&Cheng, Xueqi.(2024).IDEA: Invariant defense for graph adversarial robustness.INFORMATION SCIENCES,680,18. |
| MLA | Tao, Shuchang,et al."IDEA: Invariant defense for graph adversarial robustness".INFORMATION SCIENCES 680(2024):18. |
| 条目包含的文件 | 条目无相关文件。 | |||||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论