Reinforcement Learning For Data Poisoning on Graph Neural Networks

TL;DR

This paper explores a novel approach to data poisoning attacks on graph neural networks for classification tasks, utilizing reinforcement learning to identify vulnerabilities during training.

Contribution

It introduces a new method applying reinforcement learning to perform data poisoning attacks on graph neural networks, addressing a largely unexplored area.

Findings

Reinforcement learning effectively identifies data poisoning strategies.

Graph neural networks show vulnerability to training-time attacks.

The approach highlights potential security risks in graph-based models.

Abstract

Adversarial Machine Learning has emerged as a substantial subfield of Computer Science due to a lack of robustness in the models we train along with crowdsourcing practices that enable attackers to tamper with data. In the last two years, interest has surged in adversarial attacks on graphs yet the Graph Classification setting remains nearly untouched. Since a Graph Classification dataset consists of discrete graphs with class labels, related work has forgone direct gradient optimization in favor of an indirect Reinforcement Learning approach. We will study the novel problem of Data Poisoning (training time) attack on Neural Networks for Graph Classification using Reinforcement Learning Agents.