TDGIA: Effective Injection Attacks on Graph Neural Networks

Zou, Xu; Zheng, Qinkai; Dong, Yuxiao; Guan, Xinyu; Kharlamov, Evgeny; Lu, Jialiang; Tang, Jie

doi:10.1145/3447548.3467314

Cited by 61 publications

(45 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The most important 5 features selected from feature settings in the analysis of dataset of Welding Machine 2, listed in ranking of descending importance. -Investigating other ML methods (Zou et al 2021;Feng et al 2020), e.g. artificial neural networks, especially recurrent neural networks, which are suitable for processing data with temporal structures.…”

Section: Tablementioning

confidence: 99%

Machine learning with domain knowledge for predictive quality monitoring in resistance spot welding

et al. 2022

Self Cite

View full text Add to dashboard Cite

Digitalisation trends of Industry 4.0 and Internet of Things led to an unprecedented growth of manufacturing data. This opens new horizons for data-driven methods, such as Machine Learning (ML), in monitoring of manufacturing processes. In this work, we propose ML pipelines for quality monitoring in Resistance Spot Welding. Previous approaches mostly focused on estimating quality of welding based on data collected from laboratory or experimental settings. Then, they mostly treated welding operations as independent events while welding is a continuous process with a systematic dynamics and production cycles caused by maintenance. Besides, model interpretation based on engineering know-how, which is an important and common practice in manufacturing industry, has mostly been ignored. In this work, we address these three issues by developing a novel feature-engineering based ML approach. Our method was developed on top of real production data. It allows to analyse sequences of welding instances collected from running manufacturing lines. By capturing dependencies across sequences of welding instances, our method allows to predict quality of upcoming welding operations before they happen. Furthermore, in our work we strive to combine the view of engineering and data science by discussing characteristics of welding data that have been little discussed in the literature, by designing sophisticated feature engineering strategies with support of domain knowledge, and by interpreting the results of ML analysis intensively to provide insights for engineering. We developed 12 ML pipelines in two dimensions: settings of feature engineering and ML methods, where we considered 4 feature settings and 3 ML methods (linear regression, multi-layer perception and support vector regression). We extensively evaluated our ML pipelines on data from two running industrial production lines of 27 welding machines with promising results.

show abstract

Section: Tablementioning

confidence: 99%

Machine learning with domain knowledge for predictive quality monitoring in resistance spot welding

et al. 2022

Self Cite

View full text Add to dashboard Cite

show abstract

“…Section 3 for detailed discussions). ---FLIP [29] ---NEA [29] ---FGSM [12] --Nettack [12] --RL-S2V [30] --Metattack [13] ---STACK [31] ---AFGSM [16] ---SPEIT [17] ---TDGIA [18] ---GRB Mod. Scenario ---GRB Inj.…”

Section: Problem Definitionmentioning

confidence: 99%

“…Graph modification attacks directly modify the existing graph, by adding or removing edges (e.g., DICE [19], FGA [11], FLIP [29], NEA [29], STACK [31]), or further modifying node features (e.g., Nettack [12], FGSM [12], RL-S2V [30], Metattack [13]). Differently, graph injection attacks add new malicious nodes without modifying the original graph (e.g., AFGSM [16], SPEIT [17], TD-GIA [18]). Facing the problem of scalability, some attacks are not applicable to large graphs due to their high time complexity [12,13,30] or expensive memory consumption [11,29].…”

Section: Revisiting Adversarial Attacks and Defenses In Gmlmentioning

confidence: 99%

“…Graph machine learning (GML) models, from network embedding [1,2,3] to graph neural networks (GNNs) [4,5,6,7,8,9], have shown promising performance in various domains, such as social network analysis [1], molecular graphs [5], and recommender systems [10]. However, GML models are known to be vulnerable to adversarial attacks [11,12,13,14,15,16,17,18]. Attackers can modify the original graph by adding or removing edges [11,19,20], perturbing node attributes [12,13,14,15], or injecting malicious nodes [16,17,18] to conduct adversarial attacks.…”

Section: Introductionmentioning

confidence: 99%

“…However, GML models are known to be vulnerable to adversarial attacks [11,12,13,14,15,16,17,18]. Attackers can modify the original graph by adding or removing edges [11,19,20], perturbing node attributes [12,13,14,15], or injecting malicious nodes [16,17,18] to conduct adversarial attacks. Despite the relatively minor changes to the graph, the performance of GML models can be impacted dramatically.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Graph Robustness Benchmark: Benchmarking the Adversarial Robustness of Graph Machine Learning

Zheng¹,

Zou²,

Dong³

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

Adversarial attacks on graphs have posed a major threat to the robustness of graph machine learning (GML) models. Naturally, there is an ever-escalating arms race between attackers and defenders. However, the strategies behind both sides are often not fairly compared under the same and realistic conditions. To bridge this gap, we present the Graph Robustness Benchmark (GRB) with the goal of providing a scalable, unified, modular, and reproducible evaluation for the adversarial robustness of GML models. GRB standardizes the process of attacks and defenses by 1) developing scalable and diverse datasets, 2) modularizing the attack and defense implementations, and 3) unifying the evaluation protocol in refined scenarios. By leveraging the GRB pipeline, the end-users can focus on the development of robust GML models with automated data processing and experimental evaluations. To support open and reproducible research on graph adversarial learning, GRB also hosts public leaderboards across different scenarios. As a starting point, we conduct extensive experiments to benchmark baseline techniques. GRB is open-source and welcomes contributions from the community. Datasets, codes, leaderboards are available at https://cogdl.ai/grb/home.

show abstract

Resisting Graph Adversarial Attack via Cooperative Homophilous Augmentation

Zhu

Zhou

et al. 2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

As the study of graph neural networks becomes more intensive and comprehensive, their robustness and security have received great research interest. The existing global attack methods treat all nodes in the graph as their attack targets. Although existing methods have achieved excellent results, there is still considerable space for improvement. The key problem is that the current approaches rigidly follow the definition of global attacks. They ignore an important issue, i.e., different nodes have different robustness and are not equally resilient to attacks. From a global attacker's view, we should arrange the attack budget wisely, rather than wasting them on highly robust nodes. To this end, we propose a totally new method named partial graph attack (PGA), which selects the vulnerable nodes as attack targets. First, to select the vulnerable items, we propose a hierarchical target selection policy, which allows attackers to only focus on easy-to-attack nodes. Then, we propose a cost-effective anchor-picking policy to pick the most promising anchors for adding or removing edges, and a more aggressive iterative greedy-based attack method to perform more efficient attacks. Extensive experimental results demonstrate that PGA can achieve significant improvements in both attack effect and attack efficiency compared to other existing graph global attack methods.

show abstract

TDGIA: Effective Injection Attacks on Graph Neural Networks

Cited by 61 publications

References 19 publications

Machine learning with domain knowledge for predictive quality monitoring in resistance spot welding

Machine learning with domain knowledge for predictive quality monitoring in resistance spot welding

Graph Robustness Benchmark: Benchmarking the Adversarial Robustness of Graph Machine Learning

Resisting Graph Adversarial Attack via Cooperative Homophilous Augmentation

Contact Info

Product

Resources

About