Graph Neural Networks (GNNs) exhibit promise in the domains of network analysis and recommendation systems. Notwithstanding, these networks are susceptible to node injection attacks. To mitigate this vulnerability, the academic community has put forth a plethora of defensive mechanisms. A significant number of these tactics aim to identify and remove injected nodes by comparing intrinsic node features and the similarity among neighboring nodes, thereby diminishing the impact of such nefarious injections. However, these defensive tactics are not impervious. To illuminate the potential vulnerabilities and quantitatively assess the ramifications of a successful breach, this research presents a Graph Injection Attack based on Node Similarity and a Non-linear Feature Injection Strategy (NSNFGIA), engineered to undermine node similarity-based detection mechanisms. Nodes within the original graph that share mutual neighbors with the injected nodes are selectively targeted, thereby augmenting the number of shared neighbors and enhancing node similarity. Injected features are meticulously initialized and optimized to intensify their impact on the model’s output. Empirical results demonstrate that the proposed methodology surpasses traditional baseline attack strategies in effectiveness.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Graph Injection Attack Based on Node Similarity and Non-Linear Feature Injection Strategy

  • Qingru Li,
  • Yanan Gao,
  • Fangwei Wang,
  • Changguang Wang,
  • Kehinde O. Babaagba,
  • Zhiyuan Tan

摘要

Graph Neural Networks (GNNs) exhibit promise in the domains of network analysis and recommendation systems. Notwithstanding, these networks are susceptible to node injection attacks. To mitigate this vulnerability, the academic community has put forth a plethora of defensive mechanisms. A significant number of these tactics aim to identify and remove injected nodes by comparing intrinsic node features and the similarity among neighboring nodes, thereby diminishing the impact of such nefarious injections. However, these defensive tactics are not impervious. To illuminate the potential vulnerabilities and quantitatively assess the ramifications of a successful breach, this research presents a Graph Injection Attack based on Node Similarity and a Non-linear Feature Injection Strategy (NSNFGIA), engineered to undermine node similarity-based detection mechanisms. Nodes within the original graph that share mutual neighbors with the injected nodes are selectively targeted, thereby augmenting the number of shared neighbors and enhancing node similarity. Injected features are meticulously initialized and optimized to intensify their impact on the model’s output. Empirical results demonstrate that the proposed methodology surpasses traditional baseline attack strategies in effectiveness.