这篇文章研究的内容是:通过改变图的拓扑结构,来影响分类器模型的预测结果,进而研究分类器模型到底学到了什么,并且有效提升模型的鲁棒性。 这篇文章首先提出了一种基于强化学习的攻击方法,该方法只需要分类器模型的预测标签,就可以学习到有效的攻击策略;另外在给定模型梯度信息的情况下,提出了一种叫“梯度算法”的攻击...
系统标签: adversarial graph attack structured data classifier AdversarialAttackonGraphStructuredData HanjunDai 1 HuiLi 2 TianTian 3 XinHuang 2 LinWang 2 JunZhu 3 LeSong 12 Abstract Deeplearningongraphstructureshasshownexcit- ingresultsinvariousapplications.However,few attentionshavebeenpaidtotherobustnessof...
ICML 2018 的一篇论文《Adversarial Attack on Graph Structured Data》试图探讨对 GNN 网络进行对抗攻击,并尝试了多种算法。 虽然深度学习在计算机视觉、语音识别、NLP等领域中的很多任务都取得了显著的突破性成果,深度神经网络模型也越来越完善,但是这些技术是否真正成熟,产品是否足够安全、可靠?这些将成为以后越来越被...
Deep learning on graph structures has shown exciting results in various applications. However, few attentions have been paid to the robustness of such models, in contrast to numerous research work for image or text adversarial attack and defense. In this paper, we focus on the adversarial attacks...
Inspired by the practical importance of graph structured data, link prediction, one of the most frequently applied tasks on graph data, has garnered considerable attention in recent years, and they have been widely applied in item recommendation, privacy inference attack, knowledge graph completion, ...
除了不同场景下,通过对抗性样本进行攻击方法,还有对模型本身的攻击,如对 RNN、强化学习等模型的攻击。ICML 2018 的一篇论文《Adversarial Attack on Graph Structured Data》试图探讨对 GNN 网络进行对抗攻击,并尝试了多种算法。 虽然深度学习在计算机视觉、语音识别、NLP等领域中的很多任务都取得了显著的突破性成果,深...
除了不同场景下,通过对抗性样本进行攻击方法,还有对模型本身的攻击,如对 RNN、强化学习等模型的攻击。ICML 2018 的一篇论文《Adversarial Attack on Graph Structured Data》试图探讨对 GNN 网络进行对抗攻击,并尝试了多种算法。 虽然深度学习在计算机视觉、语音识别、NLP等领域中的很多任务都取得了显著的突破性成果,深...
Dai, H., et al.: Adversarial attack on graph structured data. In: CoRR abs/1806.02371 (2018).arXiv: 1806.02371 Dalvi, N., et al.: Adversarial classification. In: Proceedings of the Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2004, pp. 99–108. ...
A curated collection of adversarial attack and defense on graph data. - EdisonLeeeee/Graph-Adversarial-Learning
[19] Adversarial examples on graph data: Deep insights into attack and defense. arXiv'19ASR(攻击成功率) represents the percentage of adversary domain nodes converted from malicious to benign,即由于对抗攻击而未被检测到的恶意样本。NFR(负翻转率)represents the percentage of benign neighbors that turn...