Targeted Discrepancy Attacks: Crafting Selective Adversarial Examples in Graph Neural Networks
In this study, we present a novel approach to adversarial attacks for graph neural networks (GNNs), specifically addressing the unique challenges posed by graphical data. Unlike traditional adversarial attacks, which aim to perturb the input data to induce misclassifications in the target model, our...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10829739/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832586887461601280 |
|---|---|
| author | Hyun Kwon Jang-Woon Baek |
| author_facet | Hyun Kwon Jang-Woon Baek |
| author_sort | Hyun Kwon |
| collection | DOAJ |
| description | In this study, we present a novel approach to adversarial attacks for graph neural networks (GNNs), specifically addressing the unique challenges posed by graphical data. Unlike traditional adversarial attacks, which aim to perturb the input data to induce misclassifications in the target model, our approach strategically crafts adversarial examples to exploit discrepancies in model behavior. We introduce the concept of selective adversarial examples, which are instances that are correctly classified by a “friendly” model but misclassified by an “adversary” model. To achieve this, we propose a novel loss function formulation that simultaneously maximizes the probability of correct classification using a friendly model and minimizes the probability of correct classification using an adversary model. This approach facilitates the generation of adversarial examples that are both subtle and effective, necessitating minimal perturbations in the input graph. We systematically explain the principles and structure of our method and evaluate its performance through experiments conducted on a GNN using the Reddit, ogbn-product, and Citeseer datasets. Our results demonstrate the effectiveness of the proposed approach in generating selective adversarial examples, highlighting its potential applications in military environments, where the ability to selectively target adversary models is crucial. In addition, we provide visualizations of graph adversarial examples to aid in understanding the nature of the attacks. Overall, our contributions are threefold: First, we pioneer the concept of selective adversarial examples within the graph domain. Second, we provide comprehensive insights into the systematic generation and evaluation of these examples. Third, we furnish empirical evidence demonstrating their effectiveness in compromising the robustness of models. |
| format | Article |
| id | doaj-art-c89fc414cad8449fbbc153055ab394e6 |
| institution | Kabale University |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-c89fc414cad8449fbbc153055ab394e62025-01-25T00:01:23ZengIEEEIEEE Access2169-35362025-01-0113137001371010.1109/ACCESS.2024.345672810829739Targeted Discrepancy Attacks: Crafting Selective Adversarial Examples in Graph Neural NetworksHyun Kwon0Jang-Woon Baek1Department of Artificial Intelligence and Data Science, Korea Military Academy, Seoul, South KoreaDepartment of Architectural Engineering, Kyung Hee University, Gyeonggi, South KoreaIn this study, we present a novel approach to adversarial attacks for graph neural networks (GNNs), specifically addressing the unique challenges posed by graphical data. Unlike traditional adversarial attacks, which aim to perturb the input data to induce misclassifications in the target model, our approach strategically crafts adversarial examples to exploit discrepancies in model behavior. We introduce the concept of selective adversarial examples, which are instances that are correctly classified by a “friendly” model but misclassified by an “adversary” model. To achieve this, we propose a novel loss function formulation that simultaneously maximizes the probability of correct classification using a friendly model and minimizes the probability of correct classification using an adversary model. This approach facilitates the generation of adversarial examples that are both subtle and effective, necessitating minimal perturbations in the input graph. We systematically explain the principles and structure of our method and evaluate its performance through experiments conducted on a GNN using the Reddit, ogbn-product, and Citeseer datasets. Our results demonstrate the effectiveness of the proposed approach in generating selective adversarial examples, highlighting its potential applications in military environments, where the ability to selectively target adversary models is crucial. In addition, we provide visualizations of graph adversarial examples to aid in understanding the nature of the attacks. Overall, our contributions are threefold: First, we pioneer the concept of selective adversarial examples within the graph domain. Second, we provide comprehensive insights into the systematic generation and evaluation of these examples. Third, we furnish empirical evidence demonstrating their effectiveness in compromising the robustness of models.https://ieeexplore.ieee.org/document/10829739/Graph neural networkadversarial exampleevasion attacknode classificationmachine learning |
| spellingShingle | Hyun Kwon Jang-Woon Baek Targeted Discrepancy Attacks: Crafting Selective Adversarial Examples in Graph Neural Networks IEEE Access Graph neural network adversarial example evasion attack node classification machine learning |
| title | Targeted Discrepancy Attacks: Crafting Selective Adversarial Examples in Graph Neural Networks |
| title_full | Targeted Discrepancy Attacks: Crafting Selective Adversarial Examples in Graph Neural Networks |
| title_fullStr | Targeted Discrepancy Attacks: Crafting Selective Adversarial Examples in Graph Neural Networks |
| title_full_unstemmed | Targeted Discrepancy Attacks: Crafting Selective Adversarial Examples in Graph Neural Networks |
| title_short | Targeted Discrepancy Attacks: Crafting Selective Adversarial Examples in Graph Neural Networks |
| title_sort | targeted discrepancy attacks crafting selective adversarial examples in graph neural networks |
| topic | Graph neural network adversarial example evasion attack node classification machine learning |
| url | https://ieeexplore.ieee.org/document/10829739/ |
| work_keys_str_mv | AT hyunkwon targeteddiscrepancyattackscraftingselectiveadversarialexamplesingraphneuralnetworks AT jangwoonbaek targeteddiscrepancyattackscraftingselectiveadversarialexamplesingraphneuralnetworks |