We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.SI

Change to browse by:

cs

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Social and Information Networks

Title: DeepInsight: Interpretability Assisting Detection of Adversarial Samples on Graphs

Abstract: With the rapid development of artificial intelligence, a series of machine learning algorithms, e.g., graph neural networks, have been proposed to facilitate network analysis or graph data mining. Unfortunately, recent studies indicate that such advanced methods may suffer from adversarial attacks, i.e., they may lose effectiveness when only a small fraction of links are purposely changed. However, little is known what's the difference between adversarial nodes and clean nodes, and what's the preference of each attack method, in terms of network structure. In this paper, we theoretically investigate three well-known adversarial attack methods, i.e., Nettack, Meta Attack, and GradArgmax, and find that different attack methods have their specific attack preferences on changing network structure. Such attack patterns are further validated by the experimental results on real-world networks, i.e., generally the top 4 most important network attributes on detecting adversarial samples are sufficient to explain the preference of each attack method. Based on these findings, we further utilize the network attributes to design machine learning models for adversarial sample detection and attack method recognition, achieving the outstanding performance.
Subjects: Social and Information Networks (cs.SI)
Cite as: arXiv:2106.09501 [cs.SI]
  (or arXiv:2106.09501v1 [cs.SI] for this version)

Submission history

From: Junhao Zhu [view email]
[v1] Thu, 17 Jun 2021 13:50:19 GMT (304kb,D)
[v2] Thu, 24 Jun 2021 02:07:45 GMT (305kb,D)

Link back to: arXiv, form interface, contact.