A Lightweight Method for Defense Graph Neural Networks Adversarial Attacks
Graph neural network has been widely used in various fields in recent years. However, the appearance of an adversarial attack makes the reliability of the existing neural networks challenging in application. Premeditated attackers, can make very small perturbations to the data to fool the neural net...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-12-01
|
| Series: | Entropy |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1099-4300/25/1/39 |
| _version_ | 1797443036469264384 |
|---|---|
| author | Zhi Qiao Zhenqiang Wu Jiawang Chen Ping’an Ren Zhiliang Yu |
| author_facet | Zhi Qiao Zhenqiang Wu Jiawang Chen Ping’an Ren Zhiliang Yu |
| author_sort | Zhi Qiao |
| collection | DOAJ |
| description | Graph neural network has been widely used in various fields in recent years. However, the appearance of an adversarial attack makes the reliability of the existing neural networks challenging in application. Premeditated attackers, can make very small perturbations to the data to fool the neural network to produce wrong results. These incorrect results can lead to disastrous consequences. So, how to defend against adversarial attacks has become an urgent research topic. Many researchers have tried to improve the model robustness directly or by using adversarial training to reduce the negative impact of an adversarial attack. However, the majority of the defense strategies currently in use are inextricably linked to the model-training process, which incurs significant running and memory space costs. We offer a lightweight and easy-to-implement approach that is based on graph transformation. Extensive experiments demonstrate that our approach has a similar defense effect (with accuracy rate returns of nearly 80%) as existing methods and only uses 10% of their run time when defending against adversarial attacks on GCN (graph convolutional neural networks). |
| first_indexed | 2024-03-09T12:50:17Z |
| format | Article |
| id | doaj.art-bb08ecfddd794e0299c2a2afff35c1b2 |
| institution | Directory Open Access Journal |
| issn | 1099-4300 |
| language | English |
| last_indexed | 2024-03-09T12:50:17Z |
| publishDate | 2022-12-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Entropy |
| spelling | doaj.art-bb08ecfddd794e0299c2a2afff35c1b22023-11-30T22:07:22ZengMDPI AGEntropy1099-43002022-12-012513910.3390/e25010039A Lightweight Method for Defense Graph Neural Networks Adversarial AttacksZhi Qiao0Zhenqiang Wu1Jiawang Chen2Ping’an Ren3Zhiliang Yu4School of Computer Scinece, Shaanxi Normal University, Xi’an 710119, ChinaSchool of Computer Scinece, Shaanxi Normal University, Xi’an 710119, ChinaSchool of Computer Scinece, Shaanxi Normal University, Xi’an 710119, ChinaSchool of Computer Scinece, Shaanxi Normal University, Xi’an 710119, ChinaSchool of Mathematics and Computer Science, Shaanxi University of Technology, Hanzhong 723001, ChinaGraph neural network has been widely used in various fields in recent years. However, the appearance of an adversarial attack makes the reliability of the existing neural networks challenging in application. Premeditated attackers, can make very small perturbations to the data to fool the neural network to produce wrong results. These incorrect results can lead to disastrous consequences. So, how to defend against adversarial attacks has become an urgent research topic. Many researchers have tried to improve the model robustness directly or by using adversarial training to reduce the negative impact of an adversarial attack. However, the majority of the defense strategies currently in use are inextricably linked to the model-training process, which incurs significant running and memory space costs. We offer a lightweight and easy-to-implement approach that is based on graph transformation. Extensive experiments demonstrate that our approach has a similar defense effect (with accuracy rate returns of nearly 80%) as existing methods and only uses 10% of their run time when defending against adversarial attacks on GCN (graph convolutional neural networks).https://www.mdpi.com/1099-4300/25/1/39graph datadefendgraph transformation |
| spellingShingle | Zhi Qiao Zhenqiang Wu Jiawang Chen Ping’an Ren Zhiliang Yu A Lightweight Method for Defense Graph Neural Networks Adversarial Attacks Entropy graph data defend graph transformation |
| title | A Lightweight Method for Defense Graph Neural Networks Adversarial Attacks |
| title_full | A Lightweight Method for Defense Graph Neural Networks Adversarial Attacks |
| title_fullStr | A Lightweight Method for Defense Graph Neural Networks Adversarial Attacks |
| title_full_unstemmed | A Lightweight Method for Defense Graph Neural Networks Adversarial Attacks |
| title_short | A Lightweight Method for Defense Graph Neural Networks Adversarial Attacks |
| title_sort | lightweight method for defense graph neural networks adversarial attacks |
| topic | graph data defend graph transformation |
| url | https://www.mdpi.com/1099-4300/25/1/39 |
| work_keys_str_mv | AT zhiqiao alightweightmethodfordefensegraphneuralnetworksadversarialattacks AT zhenqiangwu alightweightmethodfordefensegraphneuralnetworksadversarialattacks AT jiawangchen alightweightmethodfordefensegraphneuralnetworksadversarialattacks AT pinganren alightweightmethodfordefensegraphneuralnetworksadversarialattacks AT zhiliangyu alightweightmethodfordefensegraphneuralnetworksadversarialattacks AT zhiqiao lightweightmethodfordefensegraphneuralnetworksadversarialattacks AT zhenqiangwu lightweightmethodfordefensegraphneuralnetworksadversarialattacks AT jiawangchen lightweightmethodfordefensegraphneuralnetworksadversarialattacks AT pinganren lightweightmethodfordefensegraphneuralnetworksadversarialattacks AT zhiliangyu lightweightmethodfordefensegraphneuralnetworksadversarialattacks |