We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.SI

Change to browse by:

cs

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Social and Information Networks

Title: DeepInsight: Interpretability Assisting Detection of Adversarial Samples on Graphs

Abstract: With the rapid development of artificial intelligence, a number of machine learning algorithms, such as graph neural networks have been proposed to facilitate network analysis or graph data mining. Although effective, recent studies show that these advanced methods may suffer from adversarial attacks, i.e., they may lose effectiveness when only a small fraction of links are unexpectedly changed. This paper investigates three well-known adversarial attack methods, i.e., Nettack, Meta Attack, and GradArgmax. It is found that different attack methods have their specific attack preferences on changing the target network structures. Such attack pattern are further verified by experimental results on some real-world networks, revealing that generally the top four most important network attributes on detecting adversarial samples suffice to explain the preference of an attack method. Based on these findings, the network attributes are utilized to design machine learning models for adversarial sample detection and attack method recognition with outstanding performance.
Subjects: Social and Information Networks (cs.SI)
Cite as: arXiv:2106.09501 [cs.SI]
  (or arXiv:2106.09501v2 [cs.SI] for this version)

Submission history

From: Junhao Zhu [view email]
[v1] Thu, 17 Jun 2021 13:50:19 GMT (304kb,D)
[v2] Thu, 24 Jun 2021 02:07:45 GMT (305kb,D)

Link back to: arXiv, form interface, contact.