Related papers: Perseus: Leveraging Common Data Patterns with Curriculum Learning for More Robust Graph Neural Networks

Perseus: Leveraging Common Data Patterns with Curriculum Learning for More Robust Graph Neural Networks

URL: http://arxiv.org/abs/2410.12425v1
Date: Wed, 16 Oct 2024 10:08:02 GMT
Title: Perseus: Leveraging Common Data Patterns with Curriculum Learning for More Robust Graph Neural Networks
Authors: Kaiwen Xia, Huijun Wu, Duanyu Li, Min Xie, Ruibo Wang, Wenzhe Zhang,
Abstract summary: Graph Neural Networks (GNNs) excel at handling graph data but remain vulnerable to adversarial attacks. We propose Perseus, a novel adversarial defense method based on curriculum learning. Experiments show Perseus achieves superior performance and are significantly more robust to adversarial attacks.
Score: 4.196444883507288
License:
Abstract: Graph Neural Networks (GNNs) excel at handling graph data but remain vulnerable to adversarial attacks. Existing defense methods typically rely on assumptions like graph sparsity and homophily to either preprocess the graph or guide structure learning. However, preprocessing methods often struggle to accurately distinguish between normal edges and adversarial perturbations, leading to suboptimal results due to the loss of valuable edge information. Robust graph neural network models train directly on graph data affected by adversarial perturbations, without preprocessing. This can cause the model to get stuck in poor local optima, negatively affecting its performance. To address these challenges, we propose Perseus, a novel adversarial defense method based on curriculum learning. Perseus assesses edge difficulty using global homophily and applies a curriculum learning strategy to adjust the learning order, guiding the model to learn the full graph structure while adaptively focusing on common data patterns. This approach mitigates the impact of adversarial perturbations. Experiments show that models trained with Perseus achieve superior performance and are significantly more robust to adversarial attacks.

Related papers

Uncovering Capabilities of Model Pruning in Graph Contrastive Learning [0.0]
We reformulate the problem of graph contrastive learning via contrasting different model versions rather than augmented views. We extensively validate our method on various benchmarks regarding graph classification via unsupervised and transfer learning.
arXiv Detail & Related papers (2024-10-27T07:09:31Z)
Talos: A More Effective and Efficient Adversarial Defense for GNN Models Based on the Global Homophily of Graphs [2.4866716181615467]
Graph neural network (GNN) models are susceptible to adversarial attacks. We propose a new defense method named Talos, which enhances the global, rather than local, homophily of graphs as a defense.
arXiv Detail & Related papers (2024-06-06T08:08:01Z)
Deceptive Fairness Attacks on Graphs via Meta Learning [102.53029537886314]
We study deceptive fairness attacks on graphs to answer the question: How can we achieve poisoning attacks on a graph learning model to exacerbate the bias deceptively? We propose a meta learning-based framework named FATE to attack various fairness definitions and graph learning models. We conduct extensive experimental evaluations on real-world datasets in the task of semi-supervised node classification.
arXiv Detail & Related papers (2023-10-24T09:10:14Z)
Model Inversion Attacks against Graph Neural Networks [65.35955643325038]
We study model inversion attacks against Graph Neural Networks (GNNs) In this paper, we present GraphMI to infer the private training graph data. Our experimental results show that such defenses are not sufficiently effective and call for more advanced defenses against privacy attacks.
arXiv Detail & Related papers (2022-09-16T09:13:43Z)
Adversarial Graph Contrastive Learning with Information Regularization [51.14695794459399]
Contrastive learning is an effective method in graph representation learning. Data augmentation on graphs is far less intuitive and much harder to provide high-quality contrastive samples. We propose a simple but effective method, Adversarial Graph Contrastive Learning (ARIEL) It consistently outperforms the current graph contrastive learning methods in the node classification task over various real-world datasets.
arXiv Detail & Related papers (2022-02-14T05:54:48Z)
Training Robust Graph Neural Networks with Topology Adaptive Edge Dropping [116.26579152942162]
Graph neural networks (GNNs) are processing architectures that exploit graph structural information to model representations from network data. Despite their success, GNNs suffer from sub-optimal generalization performance given limited training data. This paper proposes Topology Adaptive Edge Dropping to improve generalization performance and learn robust GNN models.
arXiv Detail & Related papers (2021-06-05T13:20:36Z)
GraphMI: Extracting Private Graph Data from Graph Neural Networks [59.05178231559796]
We present textbfGraph textbfModel textbfInversion attack (GraphMI), which aims to extract private graph data of the training graph by inverting GNN. Specifically, we propose a projected gradient module to tackle the discreteness of graph edges while preserving the sparsity and smoothness of graph features. We design a graph auto-encoder module to efficiently exploit graph topology, node attributes, and target model parameters for edge inference.
arXiv Detail & Related papers (2021-06-05T07:07:52Z)
Adversarial Attack Framework on Graph Embedding Models with Limited Knowledge [126.32842151537217]
Existing works usually perform the attack in a white-box fashion. We demand to attack various kinds of graph embedding models with black-box driven. We prove that GF-Attack can perform an effective attack without knowing the number of layers of graph embedding models.
arXiv Detail & Related papers (2021-05-26T09:18:58Z)
Node Copying for Protection Against Graph Neural Network Topology Attacks [24.81359861632328]
In particular, corruptions of the graph topology can degrade the performance of graph based learning algorithms severely. We propose an algorithm that uses node copying to mitigate the degradation in classification that is caused by adversarial attacks.
arXiv Detail & Related papers (2020-07-09T18:09:55Z)
Adversarial Attacks on Graph Neural Networks via Meta Learning [4.139895092509202]
We investigate training time attacks on graph neural networks for node classification perturbing the discrete graph structure. Our core principle is to use meta-gradients to solve the bilevel problem underlying training-time attacks.
arXiv Detail & Related papers (2019-02-22T09:20:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.