Data Poisoning Attack against Knowledge Graph Embedding

TL;DR

This paper introduces novel data poisoning attack strategies targeting knowledge graph embeddings, demonstrating their effectiveness in manipulating specific facts by adding or deleting data, with extensive evaluations on benchmark datasets.

Contribution

It proposes new attack methods specifically designed for the heterogeneity of knowledge graphs, filling a gap in understanding their robustness against adversarial attacks.

Findings

Attack strategies effectively manipulate targeted facts.

Proposed methods are efficient and scalable.

Successful evaluations on benchmark datasets.

Abstract

Knowledge graph embedding (KGE) is a technique for learning continuous embeddings for entities and relations in the knowledge graph.Due to its benefit to a variety of downstream tasks such as knowledge graph completion, question answering and recommendation, KGE has gained significant attention recently. Despite its effectiveness in a benign environment, KGE' robustness to adversarial attacks is not well-studied. Existing attack methods on graph data cannot be directly applied to attack the embeddings of knowledge graph due to its heterogeneity. To fill this gap, we propose a collection of data poisoning attack strategies, which can effectively manipulate the plausibility of arbitrary targeted facts in a knowledge graph by adding or deleting facts on the graph. The effectiveness and efficiency of the proposed attack strategies are verified by extensive evaluations on two widely-used benchmarks.