Value at Adversarial Risk: A Graph Defense Strategy against Cost-Aware Attacks

Authors

  • Junlong Liao Fudan University
  • Wenda Fu Fudan University
  • Cong Wang Peking University
  • Zhongyu Wei Fudan University
  • Jiarong Xu Fudan University

DOI:

https://doi.org/10.1609/aaai.v38i12.29282

Keywords:

ML: Adversarial Learning & Robustness, ML: Graph-based Machine Learning

Abstract

Deep learning methods on graph data have achieved remarkable efficacy across a variety of real-world applications, such as social network analysis and transaction risk detection. Nevertheless, recent studies have illuminated a concerning fact: even the most expressive Graph Neural Networks (GNNs) are vulnerable to graph adversarial attacks. While several methods have been proposed to enhance the robustness of GNN models against adversarial attacks, few have focused on a simple yet realistic approach: valuing the adversarial risks and focused safeguards at the node level. This empowers defenders to allocate heightened security level to vulnerable nodes, while lower to robust nodes. With this new perspective, we propose a novel graph defense strategy RisKeeper, such that the adversarial risk can be directly kept in the input graph. We start at valuing the adversarial risk, by introducing a cost-aware projected gradient descent attack that takes into account both cost avoidance and compliance with costs budgets. Subsequently, we present a learnable approach to ascertain the ideal security level for each individual node by solving a bi-level optimization problem. Through extensive experiments on four real-world datasets, we demonstrate that our method achieves superior performance surpassing state-of-the-art methods. Our in-depth case studies provide further insights into vulnerable and robust structural patterns, serving as inspiration for practitioners to exercise heightened vigilance.
AAAI-24 / IAAI-24 / EAAI-24 Proceedings Cover

Downloads

Published

2024-03-24

How to Cite

Liao, J., Fu, W., Wang, C., Wei, Z., & Xu, J. (2024). Value at Adversarial Risk: A Graph Defense Strategy against Cost-Aware Attacks. Proceedings of the AAAI Conference on Artificial Intelligence, 38(12), 13763-13771. https://doi.org/10.1609/aaai.v38i12.29282

Issue

Vol. 38 No. 12: AAAI-24 Technical Tracks 12

Section

AAAI Technical Track on Machine Learning III