English

Attacks on Node Attributes in Graph Neural Networks

Social and Information Networks 2024-03-06 v2 Cryptography and Security Machine Learning

Abstract

Graphs are commonly used to model complex networks prevalent in modern social media and literacy applications. Our research investigates the vulnerability of these graphs through the application of feature based adversarial attacks, focusing on both decision time attacks and poisoning attacks. In contrast to state of the art models like Net Attack and Meta Attack, which target node attributes and graph structure, our study specifically targets node attributes. For our analysis, we utilized the text dataset Hellaswag and graph datasets Cora and CiteSeer, providing a diverse basis for evaluation. Our findings indicate that decision time attacks using Projected Gradient Descent (PGD) are more potent compared to poisoning attacks that employ Mean Node Embeddings and Graph Contrastive Learning strategies. This provides insights for graph data security, pinpointing where graph-based models are most vulnerable and thereby informing the development of stronger defense mechanisms against such attacks.

Keywords

Cite

@article{arxiv.2402.12426,
  title  = {Attacks on Node Attributes in Graph Neural Networks},
  author = {Ying Xu and Michael Lanier and Anindya Sarkar and Yevgeniy Vorobeychik},
  journal= {arXiv preprint arXiv:2402.12426},
  year   = {2024}
}

Comments

Accepted to AAAI 2024 AICS workshop

R2 v1 2026-06-28T14:53:36.473Z