TY - GEN
T1 - UnboundAttack
T2 - 12th International Conference on Complex Networks and their Applications, COMPLEX NETWORKS 2023
AU - Ennadir, Sofiane
AU - Alkhatib, Amr
AU - Nikolentzos, Giannis
AU - Vazirgiannis, Michalis
AU - Boström, Henrik
N1 - Publisher Copyright:
© The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.
PY - 2024/1/1
Y1 - 2024/1/1
N2 - Graph Neural Networks (GNNs) have demonstrated state-of-the-art performance in various graph representation learning tasks. Recently, studies revealed their vulnerability to adversarial attacks. While the available attack strategies are based on applying perturbations on existing graphs within a specific budget, proposed defense mechanisms successfully guard against this type of attack. This paper proposes a new perspective founded on unrestricted adversarial examples. We propose to produce adversarial attacks by generating completely new data points instead of perturbing existing ones. We introduce a framework, so-called UnboundAttack, leveraging the advancements in graph generation to produce graphs preserving the semantics of the available training data while misleading the targeted classifier. Importantly, our method does not assume any knowledge about the underlying architecture. Finally, we validate the effectiveness of our proposed method in a realistic setting related to molecular graphs.
AB - Graph Neural Networks (GNNs) have demonstrated state-of-the-art performance in various graph representation learning tasks. Recently, studies revealed their vulnerability to adversarial attacks. While the available attack strategies are based on applying perturbations on existing graphs within a specific budget, proposed defense mechanisms successfully guard against this type of attack. This paper proposes a new perspective founded on unrestricted adversarial examples. We propose to produce adversarial attacks by generating completely new data points instead of perturbing existing ones. We introduce a framework, so-called UnboundAttack, leveraging the advancements in graph generation to produce graphs preserving the semantics of the available training data while misleading the targeted classifier. Importantly, our method does not assume any knowledge about the underlying architecture. Finally, we validate the effectiveness of our proposed method in a realistic setting related to molecular graphs.
KW - Adversarial Attacks
KW - Graph Neural Networks
UR - https://www.scopus.com/pages/publications/85187647290
U2 - 10.1007/978-3-031-53468-3_9
DO - 10.1007/978-3-031-53468-3_9
M3 - Conference contribution
AN - SCOPUS:85187647290
SN - 9783031534676
T3 - Studies in Computational Intelligence
SP - 100
EP - 111
BT - Complex Networks and Their Applications XII - Proceedings of The 12th International Conference on Complex Networks and their Applications
A2 - Cherifi, Hocine
A2 - Rocha, Luis M.
A2 - Cherifi, Chantal
A2 - Donduran, Murat
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 28 November 2023 through 30 November 2023
ER -