Adversarial Attacks on Node Embeddings via Graph Poisoning
Aleksandar Bojchevski, Stephan G\"unnemann
TL;DR
This paper investigates the robustness of node embedding methods based on random walks against adversarial graph poisoning attacks, revealing vulnerabilities and proposing effective perturbation strategies.
Contribution
It provides the first analysis of adversarial vulnerabilities in random walk-based node embeddings and develops transferable attack methods.
Findings
Adversarial perturbations degrade embedding quality and downstream task performance.
Proposed attacks are effective across multiple models and attack restrictions.
Graph poisoning can significantly compromise network representation learning.
Abstract
The goal of network representation learning is to learn low-dimensional node embeddings that capture the graph structure and are useful for solving downstream tasks. However, despite the proliferation of such methods, there is currently no study of their robustness to adversarial attacks. We provide the first adversarial vulnerability analysis on the widely used family of methods based on random walks. We derive efficient adversarial perturbations that poison the network structure and have a negative effect on both the quality of the embeddings and the downstream tasks. We further show that our attacks are transferable since they generalize to many models and are successful even when the attacker is restricted.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdversarial Robustness in Machine Learning · Advanced Graph Neural Networks · Network Security and Intrusion Detection