-
- Kaidi Xu
- Electrical & Computer Engineering, Northeastern University, Boston, USA
-
- Hongge Chen
- Electrical Engineering & Computer Science, Massachusetts Institute of Technology, Cambridge, USA
-
- Sijia Liu
- MIT-IBM Watson AI Lab, IBM Research
-
- Pin-Yu Chen
- MIT-IBM Watson AI Lab, IBM Research
-
- Tsui-Wei Weng
- Electrical Engineering & Computer Science, Massachusetts Institute of Technology, Cambridge, USA
-
- Mingyi Hong
- Electrical & Computer Engineering, University of Minnesota, Minneapolis, USA
-
- Xue Lin
- Electrical & Computer Engineering, Northeastern University, Boston, USA
説明
<jats:p>Graph neural networks (GNNs) which apply the deep neural networks to graph data have achieved significant performance for the task of semi-supervised node classification. However, only few work has addressed the adversarial robustness of GNNs. In this paper, we first present a novel gradient-based attack method that facilitates the difficulty of tackling discrete graph data. When comparing to current adversarial attacks on GNNs, the results show that by only perturbing a small number of edge perturbations, including addition and deletion, our optimization-based attack can lead to a noticeable decrease in classification performance. Moreover, leveraging our gradient-based attack, we propose the first optimization-based adversarial training for GNNs. Our method yields higher robustness against both different gradient based and greedy attack methods without sacrifice classification accuracy on original graph.</jats:p>
収録刊行物
-
- Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence
-
Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence 3961-3967, 2019-08
International Joint Conferences on Artificial Intelligence Organization
