β π‘ Awesome Graph Adversarial Learning
β π‘ Awesome Graph Adversarial Learningπ Quick Lookβ Attackπ‘ Defenseπ Certificationβ Stabilityπ Othersπ Surveyβ Toolboxπ Resource
This repository contains Attack-related papers, Defense-related papers, Robustness Certification papers, etc., ranging from 2017 to 2021. If you find this repo useful, please cite: A Survey of Adversarial Learning on Graph, arXiv'20, Link
@article{chen2020survey,
title={A Survey of Adversarial Learning on Graph},
author={Chen, Liang and Li, Jintang and Peng, Jiaying and Xie,
Tao and Cao, Zengxu and Xu, Kun and He,
Xiangnan and Zheng, Zibin and Wu, Bingzhe},
journal={arXiv preprint arXiv:2003.05730},
year={2020}
}π Quick Look
The papers in this repo are categorized or sorted:
| By Alphabet | By Year | By Venue | Papers with Code |
If you want to get a quick look at the recently updated papers in the repository (in 30 days), you can refer to
β Attack
2023
- Revisiting Graph Adversarial Attack and Defense From a Data Distribution Perspective,
π ICLR,
Code - Let Graph be the Go Board: Gradient-free Node Injection Attack for Graph Neural Networks via Reinforcement Learning,
π AAAI,Code - GUAP: Graph Universal Attack Through Adversarial Patching,
π arXiv,Code - Node Injection for Class-specific Network Poisoning,
π arXiv,Code - Unnoticeable Backdoor Attacks on Graph Neural Networks,
π WWW,Code - A semantic backdoor attack against Graph Convolutional Networks,
π arXiv
2022
- Adversarial Attack on Graph Neural Networks as An Influence Maximization Problem,
π WSDM,Code - Inference Attacks Against Graph Neural Networks,
π USENIX Security,Code - Model Stealing Attacks Against Inductive Graph Neural Networks,
π IEEE Symposium on Security and Privacy,Code - Unsupervised Graph Poisoning Attack via Contrastive Loss Back-propagation,
π WWW,Code - Neighboring Backdoor Attacks on Graph Convolutional Network,
π arXiv,Code - Understanding and Improving Graph Injection Attack by Promoting Unnoticeability,
π ICLR,Code - Blindfolded Attackers Still Threatening: Strict Black-Box Adversarial Attacks on Graphs,
π AAAI,Code - More is Better (Mostly): On the Backdoor Attacks in Federated Graph Neural Networks,
π arXiv - Black-box Node Injection Attack for Graph Neural Networks,
π arXiv,Code - Interpretable and Effective Reinforcement Learning for Attacking against Graph-based Rumor Detection,
π arXiv - Projective Ranking-based GNN Evasion Attacks,
π arXiv - GAP: Differentially Private Graph Neural Networks with Aggregation Perturbation,
π arXiv - Model Extraction Attacks on Graph Neural Networks: Taxonomy and Realization,
π Asia CCS,Code - Bandits for Structure Perturbation-based Black-box Attacks to Graph Neural Networks with Theoretical Guarantees,
π CVPR,Code - Transferable Graph Backdoor Attack,
π RAID,Code - Adversarial Robustness of Graph-based Anomaly Detection,
π arXiv - Label specificity attack: Change your label as I want,
π IJIS - AdverSparse: An Adversarial Attack Framework for Deep Spatial-Temporal Graph Neural Networks,
π ICASSP - Surrogate Representation Learning with Isometric Mapping for Gray-box Graph Adversarial Attacks,
π WSDM - Cluster Attack: Query-based Adversarial Attacks on Graphs with Graph-Dependent Priors,
π IJCAI,Code - Label-Only Membership Inference Attack against Node-Level Graph Neural NetworksCluster Attack: Query-based Adversarial Attacks on Graphs with Graph-Dependent Priors,
π arXiv - Adversarial Camouflage for Node Injection Attack on Graphs,
π arXiv - Are Gradients on Graph Structure Reliable in Gray-box Attacks?,
π CIKM,Code - Adversarial Camouflage for Node Injection Attack on Graphs,
π arXiv - Graph Structural Attack by Perturbing Spectral Distance,
π KDD - What Does the Gradient Tell When Attacking the Graph Structure,
π arXiv - BinarizedAttack: Structural Poisoning Attacks to Graph-based Anomaly Detection,
π ICDM,Code - Model Inversion Attacks against Graph Neural Networks,
π TKDE - Sparse Vicious Attacks on Graph Neural Networks,
π arXiv,Code - Poisoning GNN-based Recommender Systems with Generative Surrogate-based Attacks,
π ACM TIS - Dealing with the unevenness: deeper insights in graph-based attack and defense,
π Machine Learning - Membership Inference Attacks Against Robust Graph Neural Network,
π CSS - Adversarial Inter-Group Link Injection Degrades the Fairness of Graph Neural Networks,
π ICDM,Code - Revisiting Item Promotion in GNN-based Collaborative Filtering: A Masked Targeted Topological Attack Perspective,
π arXiv - Link-Backdoor: Backdoor Attack on Link Prediction via Node Injection,
π arXiv,Code - Private Graph Extraction via Feature Explanations,
π arXiv - Towards Secrecy-Aware Attacks Against Trust Prediction in Signed Graphs,
π arXiv - Camouflaged Poisoning Attack on Graph Neural Networks,
π ICDM - LOKI: A Practical Data Poisoning Attack Framework against Next Item Recommendations,
π TKDE - Adversarial for Social Privacy: A Poisoning Strategy to Degrade User Identity Linkage,
π arXiv - Exploratory Adversarial Attacks on Graph Neural Networks for Semi-Supervised Node Classification,
π Pattern Recognition - GANI: Global Attacks on Graph Neural Networks via Imperceptible Node Injections,
π arXiv,Code - Motif-Backdoor: Rethinking the Backdoor Attack on Graph Neural Networks via Motifs,
π arXiv - Are Defenses for Graph Neural Networks Robust?,
π NeurIPS,Code - Adversarial Label Poisoning Attack on Graph Neural Networks via Label Propagation,
π ECCV - Imperceptible Adversarial Attacks on Discrete-Time Dynamic Graph Models,
π NeurIPS - Towards Reasonable Budget Allocation in Untargeted Graph Structure Attacks via Gradient Debias,
π NeurIPS,Code - Adversary for Social Good: Leveraging Attribute-Obfuscating Attack to Protect User Privacy on Social Networks,
π SecureComm
2021
- Stealing Links from Graph Neural Networks,
π USENIX Security - PATHATTACK: Attacking Shortest Paths in Complex Networks,
π arXiv - Structack: Structure-based Adversarial Attacks on Graph Neural Networks,
π ACM Hypertext,Code - Optimal Edge Weight Perturbations to Attack Shortest Paths,
π arXiv - GReady for Emerging Threats to Recommender Systems? A Graph Convolution-based Generative Shilling Attack,
π Information Sciences - Graph Adversarial Attack via Rewiring,
π KDD,Code - Membership Inference Attack on Graph Neural Networks,
π arXiv - Graph Backdoor,
π USENIX Security - TDGIA: Effective Injection Attacks on Graph Neural Networks,
π KDD,Code - Adversarial Attack Framework on Graph Embedding Models with Limited Knowledge,
π arXiv - Adversarial Attack on Large Scale Graph,
π TKDE,Code - Black-box Gradient Attack on Graph Neural Networks: Deeper Insights in Graph-based Attack and Defense,
π arXiv - Joint Detection and Localization of Stealth False Data Injection Attacks in Smart Grids using Graph Neural Networks,
π arXiv - Universal Spectral Adversarial Attacks for Deformable Shapes,
π CVPR - SAGE: Intrusion Alert-driven Attack Graph Extractor,
π KDD Workshop,Code - Adversarial Diffusion Attacks on Graph-based Traffic Prediction Models,
π arXiv,Code - VIKING: Adversarial Attack on Network Embeddings via Supervised Network Poisoning,
π PAKDD,Code - Explainability-based Backdoor Attacks Against Graph Neural Networks,
π WiseML@WiSec - GraphAttacker: A General Multi-Task GraphAttack Framework,
π arXiv,Code - Attacking Graph Neural Networks at Scale,
π AAAI workshop - Node-Level Membership Inference Attacks Against Graph Neural Networks,
π arXiv - Reinforcement Learning For Data Poisoning on Graph Neural Networks,
π arXiv - DeHiB: Deep Hidden Backdoor Attack on Semi-Supervised Learning via Adversarial Perturbation,
π AAAI - Graphfool: Targeted Label Adversarial Attack on Graph Embedding,
π arXiv - Towards Revealing Parallel Adversarial Attack on Politician Socialnet of Graph Structure,
π Security and Communication Networks - Network Embedding Attack: An Euclidean Distance Based Method,
π MDATA - Preserve, Promote, or Attack? GNN Explanation via Topology Perturbation,
π arXiv - Jointly Attacking Graph Neural Network and its Explanations,
π arXiv - Graph Stochastic Neural Networks for Semi-supervised Learning,
π arXiv,Code - Iterative Deep Graph Learning for Graph Neural Networks: Better and Robust Node Embeddings,
π arXiv,Code - Single-Node Attack for Fooling Graph Neural Networks,
π KDD Workshop,Code - The Robustness of Graph k-shell Structure under Adversarial Attacks,
π arXiv - Poisoning Knowledge Graph Embeddings via Relation Inference Patterns,
π ACL,Code - A Hard Label Black-box Adversarial Attack Against Graph Neural Networks,
π CCS - GNNUnlock: Graph Neural Networks-based Oracle-less Unlocking Scheme for Provably Secure Logic Locking,
π DATE Conference - Single Node Injection Attack against Graph Neural Networks,
π CIKM,Code - Spatially Focused Attack against Spatiotemporal Graph Neural Networks,
π arXiv - Derivative-free optimization adversarial attacks for graph convolutional networks,
π PeerJ - Projective Ranking: A Transferable Evasion Attack Method on Graph Neural Networks,
π CIKM - Time-aware Gradient Attack on Dynamic Network Link Prediction,
π TKDE - Graph-Fraudster: Adversarial Attacks on Graph Neural Network Based Vertical Federated Learning,
π arXiv - Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications,
π ICDM,Code - Watermarking Graph Neural Networks based on Backdoor Attacks,
π arXiv - Robustness of Graph Neural Networks at Scale,
π NeurIPS,Code - Generalization of Neural Combinatorial Solvers Through the Lens of Adversarial Robustness,
π NeurIPS - Graph Universal Adversarial Attacks: A Few Bad Actors Ruin Graph Learning Models,
π IJCAI,Code - Adversarial Attacks on Graph Classification via Bayesian Optimisation,
π NeurIPS,Code - Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods,
π EMNLP,Code - COREATTACK: Breaking Up the Core Structure of Graphs,
π arXiv - UNTANGLE: Unlocking Routing and Logic Obfuscation Using Graph Neural Networks-based Link Prediction,
π ICCAD,Code - GraphMI: Extracting Private Graph Data from Graph Neural Networks,
π IJCAI,Code - Structural Attack against Graph Based Android Malware Detection,
π CCS - Adversarial Attack against Cross-lingual Knowledge Graph Alignment,
π EMNLP - FHA: Fast Heuristic Attack Against Graph Convolutional Networks,
π ICDS - Task and Model Agnostic Adversarial Attack on Graph Neural Networks,
π arXiv - How Members of Covert Networks Conceal the Identities of Their Leaders,
π ACM TIST - Revisiting Adversarial Attacks on Graph Neural Networks for Graph Classification,
π arXiv
2020
- A Graph Matching Attack on Privacy-Preserving Record Linkage,
π CIKM - Semantic-preserving Reinforcement Learning Attack Against Graph Neural Networks for Malware Detection,
π arXiv - Adaptive Adversarial Attack on Graph Embedding via GAN,
π SocialSec - Scalable Adversarial Attack on Graph Neural Networks with Alternating Direction Method of Multipliers,
π arXiv - One Vertex Attack on Graph Neural Networks-based Spatiotemporal Forecasting,
π ICLR OpenReview - Near-Black-Box Adversarial Attacks on Graph Neural Networks as An Influence Maximization Problem,
π ICLR OpenReview - Adversarial Attacks on Deep Graph Matching,
π NeurIPS - Attacking Graph-Based Classification without Changing Existing Connections,
π ACSAC - Cross Entropy Attack on Deep Graph Infomax,
π IEEE ISCAS - Learning to Deceive Knowledge Graph Augmented Models via Targeted Perturbation,
π ICLR,Code - Towards More Practical Adversarial Attacks on Graph Neural Networks,
π NeurIPS,Code - Adversarial Label-Flipping Attack and Defense for Graph Neural Networks,
π ICDM,Code - Exploratory Adversarial Attacks on Graph Neural Networks,
π ICDM,Code - A Targeted Universal Attack on Graph Convolutional Network,
π arXiv,Code - Query-free Black-box Adversarial Attacks on Graphs,
π arXiv - Reinforcement Learning-based Black-Box Evasion Attacks to Link Prediction in Dynamic Graphs,
π arXiv - Efficient Evasion Attacks to Graph Neural Networks via Influence Function,
π arXiv - Backdoor Attacks to Graph Neural Networks,
π SACMAT,Code - Link Prediction Adversarial Attack Via Iterative Gradient Attack,
π IEEE Trans - Adversarial Attack on Hierarchical Graph Pooling Neural Networks,
π arXiv - Adversarial Attack on Community Detection by Hiding Individuals,
π WWW,Code - Manipulating Node Similarity Measures in Networks,
π AAMAS - A Restricted Black-box Adversarial Framework Towards Attacking Graph Embedding Models,
π AAAI,Code - Indirect Adversarial Attacks via Poisoning Neighbors for Graph Convolutional Networks,
π BigData - Adversarial Attacks on Graph Neural Networks via Node Injections: A Hierarchical Reinforcement Learning Approach,
π WWW - An Efficient Adversarial Attack on Graph Structured Data,
π IJCAI Workshop - Practical Adversarial Attacks on Graph Neural Networks,
π ICML Workshop - Adversarial Attacks on Graph Neural Networks: Perturbations and their Patterns,
π TKDD - Adversarial Attacks on Link Prediction Algorithms Based on Graph Neural Networks,
π Asia CCS - Scalable Attack on Graph Data by Injecting Vicious Nodes,
π ECML-PKDD,Code - Attackability Characterization of Adversarial Evasion Attack on Discrete Data,
π KDD - MGA: Momentum Gradient Attack on Network,
π arXiv - Adversarial Attacks to Scale-Free Networks: Testing the Robustness of Physical Criteria,
π arXiv - Adversarial Perturbations of Opinion Dynamics in Networks,
π arXiv - Network disruption: maximizing disagreement and polarization in social networks,
π arXiv,Code - Adversarial attack on BC classification for scale-free networks,
π AIP Chaos
2019
- Attacking Graph Convolutional Networks via Rewiring,
π arXiv - Unsupervised Euclidean Distance Attack on Network Embedding,
π arXiv - Structured Adversarial Attack Towards General Implementation and Better Interpretability,
π ICLR,Code - Generalizable Adversarial Attacks with Latent Variable Perturbation Modelling,
π arXiv - Vertex Nomination, Consistent Estimation, and Adversarial Modification,
π arXiv - PeerNets Exploiting Peer Wisdom Against Adversarial Attacks,
π ICLR,Code - Network Structural Vulnerability A Multi-Objective Attacker Perspective,
π IEEE Trans - Multiscale Evolutionary Perturbation Attack on Community Detection,
π arXiv - Ξ±Cyber: Enhancing Robustness of Android Malware Detection System against Adversarial Attacks on Heterogeneous Graph based Model,
π CIKM - Adversarial Attacks on Node Embeddings via Graph Poisoning,
π ICML,Code - GA Based Q-Attack on Community Detection,
π TCSS - Data Poisoning Attack against Knowledge Graph Embedding,
π IJCAI - Adversarial Attacks on Graph Neural Networks via Meta Learning,
π ICLR,Code - Topology Attack and Defense for Graph Neural Networks: An Optimization Perspective,
π IJCAI,Code - Adversarial Examples on Graph Data: Deep Insights into Attack and Defense,
π IJCAI,Code - A Unified Framework for Data Poisoning Attack to Graph-based Semi-supervised Learning,
π NeurIPS,Code - Attacking Graph-based Classification via Manipulating the Graph Structure,
π CCS
2018
- Fake Node Attacks on Graph Convolutional Networks,
π arXiv - Data Poisoning Attack against Unsupervised Node Embedding Methods,
π arXiv - Fast Gradient Attack on Network Embedding,
π arXiv - Attack Tolerance of Link Prediction Algorithms: How to Hide Your Relations in a Social Network,
π arXiv - Adversarial Attacks on Neural Networks for Graph Data,
π KDD,Code - Hiding Individuals and Communities in a Social Network,
π Nature Human Behavior - Attacking Similarity-Based Link Prediction in Social Networks,
π AAMAS - Adversarial Attack on Graph Structured Data,
π ICML,Code
2017
- Practical Attacks Against Graph-based Clustering,
π CCS - Adversarial Sets for Regularising Neural Link Predictors,
π UAI,Code
π‘ Defense
2023
- ASGNN: Graph Neural Networks with Adaptive Structure,
π ICLR OpenReview - Empowering Graph Representation Learning with Test-Time Graph Transformation,
π ICLR,Code - Robust Training of Graph Neural Networks via Noise Governance,
π WSDM,Code - Self-Supervised Graph Structure Refinement for Graph Neural Networks,
π WSDM,Code - Revisiting Robustness in Graph Machine Learning,
π ICLR,Code - Robust Mid-Pass Filtering Graph Convolutional Networks,
π WWW - Towards Robust Graph Neural Networks via Adversarial Contrastive Learning,
π BigData
2022
- Unsupervised Adversarially-Robust Representation Learning on Graphs,
π AAAI,Code - Towards Robust Graph Neural Networks for Noisy Graphs with Sparse Labels,
π WSDM,Code - Mind Your Solver! On Adversarial Attack and Defense for Combinatorial Optimization,
π arXiv,Code - Learning Robust Representation through Graph Adversarial Contrastive Learning,
π arXiv - GARNET: Reduced-Rank Topology Learning for Robust and Scalable Graph Neural Networks,
π arXiv - Graph Neural Network for Local Corruption Recovery,
π arXiv,Code - Robust Heterogeneous Graph Neural Networks against Adversarial Attacks,
π AAAI - How Does Bayesian Noisy Self-Supervision Defend Graph Convolutional Networks?,
π Neural Processing Letters - Defending Graph Convolutional Networks against Dynamic Graph Perturbations via Bayesian Self-supervision,
π AAAI,Code - SimGRACE: A Simple Framework for Graph Contrastive Learning without Data Augmentation,
π WWW,Code - Exploring High-Order Structure for Robust Graph Structure Learning,
π arXiv - GUARD: Graph Universal Adversarial Defense,
π arXiv,Code - Detecting Topology Attacks against Graph Neural Networks,
π arXiv - LPGNet: Link Private Graph Networks for Node Classification,
π arXiv - EvenNet: Ignoring Odd-Hop Neighbors Improves Robustness of Graph Neural Networks,
π arXiv - Bayesian Robust Graph Contrastive Learning,
π arXiv,Code - Reliable Representations Make A Stronger Defender: Unsupervised Structure Refinement for Robust GNN,
π KDD,Code - Robust Graph Representation Learning for Local Corruption Recovery,
π ICML workshop - Appearance and Structure Aware Robust Deep Visual Graph Matching: Attack, Defense and Beyond,
π CVPR,Code - Large-Scale Privacy-Preserving Network Embedding against Private Link Inference Attacks,
π arXiv - Robust Graph Neural Networks via Ensemble Learning,
π Mathematics - AN-GCN: An Anonymous Graph Convolutional Network Against Edge-Perturbing Attacks,
π IEEE TNNLS - How does Heterophily Impact Robustness of Graph Neural Networks? Theoretical Connections and Practical Implications,
π KDD,Code - Robust Graph Neural Networks using Weighted Graph Laplacian,
π SPCOM,Code - ARIEL: Adversarial Graph Contrastive Learning,
π arXivΒ· - Robust Tensor Graph Convolutional Networks via T-SVD based Graph Augmentation,
π KDD,Code - NOSMOG: Learning Noise-robust and Structure-aware MLPs on Graphs,
π arXiv - Robust Node Classification on Graphs: Jointly from Bayesian Label Transition and Topology-based Label Propagation,
π CIKM,Code - On the Robustness of Graph Neural Diffusion to Topology Perturbations,
π NeurIPS,Code - IoT-based Android Malware Detection Using Graph Neural Network With Adversarial Defense,
π IEEE IOT - Robust cross-network node classification via constrained graph mutual information,
π KBS - Defending Against Backdoor Attack on Graph Nerual Network by Explainability,
π arXiv - Towards an Optimal Asymmetric Graph Structure for Robust Semi-supervised Node Classification,
π KDD - FocusedCleaner: Sanitizing Poisoned Graphs for Robust GNN-based Node Classification,
π arXiv - EvenNet: Ignoring Odd-Hop Neighbors Improves Robustness of Graph Neural Networks,
π NeurIPS,Code - Resisting Graph Adversarial Attack via Cooperative Homophilous Augmentation,
π ECML-PKDD - Spectral Adversarial Training for Robust Graph Neural Network,
π TKDE,Code - On the Vulnerability of Graph Learning based Collaborative Filtering,
π TIS - GARNET: Reduced-Rank Topology Learning for Robust and Scalable Graph Neural Networks,
π LoG,Code - You Can Have Better Graph Neural Networks by Not Training Weights at All: Finding Untrained GNNs Tickets,
π LoG,Code - Robust Graph Representation Learning via Predictive Coding,
π arXiv - FocusedCleaner: Sanitizing Poisoned Graphs for Robust GNN-based Node Classification,
π arXiv
2021
- Learning to Drop: Robust Graph Neural Network via Topological Denoising,
π WSDM,Code - How effective are Graph Neural Networks in Fraud Detection for Network Data?,
π arXiv - Graph Sanitation with Application to Node Classification,
π arXiv - Understanding Structural Vulnerability in Graph Convolutional Networks,
π IJCAI,Code - A Robust and Generalized Framework for Adversarial Graph Embedding,
π arXiv,Code - Integrated Defense for Resilient Graph Matching,
π ICML - Unveiling Anomalous Nodes Via Random Sampling and Consensus on Graphs,
π ICASSP - Robust Network Alignment via Attack Signal Scaling and Adversarial Perturbation Elimination,
π WWW - Information Obfuscation of Graph Neural Network,
π ICML,Code - Improving Robustness of Graph Neural Networks with Heterophily-Inspired Designs,
π arXiv - On Generalization of Graph Autoencoders with Adversarial Training,
π ECML - DeepInsight: Interpretability Assisting Detection of Adversarial Samples on Graphs,
π ECML - Elastic Graph Neural Networks,
π ICML,Code - Robust Counterfactual Explanations on Graph Neural Networks,
π arXiv - Node Similarity Preserving Graph Convolutional Networks,
π WSDM,Code - Enhancing Robustness and Resilience of Multiplex Networks Against Node-Community Cascading Failures,
π IEEE TSMC - NetFense: Adversarial Defenses against Privacy Attacks on Neural Networks for Graph Data,
π TKDE,Code - Robust Graph Learning Under Wasserstein Uncertainty,
π arXiv - Towards Robust Graph Contrastive Learning,
π arXiv - Expressive 1-Lipschitz Neural Networks for Robust Multiple Graph Learning against Adversarial Attacks,
π ICML - UAG: Uncertainty-Aware Attention Graph Neural Network for Defending Adversarial Attacks,
π AAAI - Uncertainty-Matching Graph Neural Networks to Defend Against Poisoning Attacks,
π AAAI - Power up! Robust Graph Convolutional Network against Evasion Attacks based on Graph Powering,
π AAAI,Code - Personalized privacy protection in social networks through adversarial modeling,
π AAAI - Interpretable Stability Bounds for Spectral Graph Filters,
π arXiv - Randomized Generation of Adversary-Aware Fake Knowledge Graphs to Combat Intellectual Property Theft,
π AAAI - Unified Robust Training for Graph NeuralNetworks against Label Noise,
π arXiv - An Introduction to Robust Graph Convolutional Networks,
π arXiv - E-GraphSAGE: A Graph Neural Network based Intrusion Detection System,
π arXiv - Spatio-Temporal Sparsification for General Robust Graph Convolution Networks,
π arXiv - Robust graph convolutional networks with directional graph adversarial training,
π Applied Intelligence - Detection and Defense of Topological Adversarial Attacks on Graphs,
π AISTATS - Unveiling the potential of Graph Neural Networks for robust Intrusion Detection,
π arXiv,Code - Adversarial Robustness of Probabilistic Network Embedding for Link Prediction,
π arXiv - EGC2: Enhanced Graph Classification with Easy Graph Compression,
π arXiv - LinkTeller: Recovering Private Edges from Graph Neural Networks via Influence Analysis,
π arXiv - Structure-Aware Hierarchical Graph Pooling using Information Bottleneck,
π IJCNN - Mal2GCN: A Robust Malware Detection Approach Using Deep Graph Convolutional Networks With Non-Negative Weights,
π arXiv - CoG: a Two-View Co-training Framework for Defending Adversarial Attacks on Graph,
π arXiv - Releasing Graph Neural Networks with Differential Privacy Guarantees,
π arXiv - Speedup Robust Graph Structure Learning with Low-Rank Information,
π CIKM - A Lightweight Metric Defence Strategy for Graph Neural Networks Against Poisoning Attacks,
π ICICS,Code - Node Feature Kernels Increase Graph Convolutional Network Robustness,
π arXiv,Code - On the Relationship between Heterophily and Robustness of Graph Neural Networks,
π arXiv - Distributionally Robust Semi-Supervised Learning Over Graphs,
π ICLR - Robustness of Graph Neural Networks at Scale,
π NeurIPS,Code - Graph Transplant: Node Saliency-Guided Graph Mixup with Local Structure Preservation,
π arXiv - Not All Low-Pass Filters are Robust in Graph Convolutional Networks,
π NeurIPS,Code - Towards Robust Reasoning over Knowledge Graphs,
π arXiv - Robust Graph Neural Networks via Probabilistic Lipschitz Constraints,
π arXiv - Graph Neural Networks with Adaptive Residual,
π NeurIPS,Code - Graph-based Adversarial Online Kernel Learning with Adaptive Embedding,
π ICDM - Graph Posterior Network: Bayesian Predictive Uncertainty for Node Classification,
π NeurIPS,Code - Graph Neural Networks with Feature and Structure Aware Random Walk,
π arXiv - Topological Relational Learning on Graphs,
π NeurIPS,Code
2020
- Ricci-GNN: Defending Against Structural Attacks Through a Geometric Approach,
π ICLR OpenReview - Provable Overlapping Community Detection in Weighted Graphs,
π NeurIPS - Variational Inference for Graph Convolutional Networks in the Absence of Graph Data and Adversarial Settings,
π NeurIPS,Code - Graph Random Neural Networks for Semi-Supervised Learning on Graphs,
π NeurIPS,Code - Reliable Graph Neural Networks via Robust Aggregation,
π NeurIPS,Code - Towards Robust Graph Neural Networks against Label Noise,
π ICLR OpenReview - Graph Adversarial Networks: Protecting Information against Adversarial Attacks,
π ICLR OpenReview,Code - A Novel Defending Scheme for Graph-Based Classification Against Graph Structure Manipulating Attack,
π SocialSec - Iterative Deep Graph Learning for Graph Neural Networks: Better and Robust Node Embeddings,
π NeurIPS,Code - Node Copying for Protection Against Graph Neural Network Topology Attacks,
π arXiv - Community detection in sparse time-evolving graphs with a dynamical Bethe-Hessian,
π NeurIPS - A Feature-Importance-Aware and Robust Aggregator for GCN,
π CIKM,Code - Anti-perturbation of Online Social Networks by Graph Label Transition,
π arXiv - Graph Information Bottleneck,
π NeurIPS,Code - Adversarial Detection on Graph Structured Data,
π PPMLP - Graph Contrastive Learning with Augmentations,
π NeurIPS,Code - Learning Graph Embedding with Adversarial Training Methods,
π IEEE Transactions on Cybernetics - I-GCN: Robust Graph Convolutional Network via Influence Mechanism,
π arXiv - Adversary for Social Good: Protecting Familial Privacy through Joint Adversarial Attacks,
π AAAI - Smoothing Adversarial Training for GNN,
π IEEE TCSS - Graph Structure Reshaping Against Adversarial Attacks on Graph Neural Networks,
π None,Code - RoGAT: a robust GNN combined revised GAT with adjusted graphs,
π arXiv - ResGCN: Attention-based Deep Residual Modeling for Anomaly Detection on Attributed Networks,
π arXiv - Adversarial Perturbations of Opinion Dynamics in Networks,
π arXiv - Adversarial Privacy Preserving Graph Embedding against Inference Attack,
π arXiv,Code - Robust Graph Learning From Noisy Data,
π IEEE Trans - GNNGuard: Defending Graph Neural Networks against Adversarial Attacks,
π NeurIPS,Code - Transferring Robustness for Graph Neural Network Against Poisoning Attacks,
π WSDM,Code - All You Need Is Low (Rank): Defending Against Adversarial Attacks on Graphs,
π WSDM,Code - How Robust Are Graph Neural Networks to Structural Noise?,
π DLGMA - Robust Detection of Adaptive Spammers by Nash Reinforcement Learning,
π KDD,Code - Graph Structure Learning for Robust Graph Neural Networks,
π KDD,Code - On The Stability of Polynomial Spectral Graph Filters,
π ICASSP,Code - On the Robustness of Cascade Diffusion under Node Attacks,
π WWW,Code - Friend or Faux: Graph-Based Early Detection of Fake Accounts on Social Networks,
π WWW - Towards an Efficient and General Framework of Robust Training for Graph Neural Networks,
π ICASSP - Robust Graph Representation Learning via Neural Sparsification,
π ICML - Robust Training of Graph Convolutional Networks via Latent Perturbation,
π ECML-PKDD - Robust Collective Classification against Structural Attacks,
π Preprint - Enhancing Graph Neural Network-based Fraud Detectors against Camouflaged Fraudsters,
π CIKM,Code - Topological Effects on Attacks Against Vertex Classification,
π arXiv - Tensor Graph Convolutional Networks for Multi-relational and Robust Learning,
π arXiv - DefenseVGAE: Defending against Adversarial Attacks on Graph Data via a Variational Graph Autoencoder,
π arXiv,Code - Dynamic Knowledge Graph-based Dialogue Generation with Improved Adversarial Meta-Learning,
π arXiv - AANE: Anomaly Aware Network Embedding For Anomalous Link Detection,
π ICDM - Provably Robust Node Classification via Low-Pass Message Passing,
π ICDM - Graph-Revised Convolutional Network,
π ECML-PKDD,Code
2019
- Graph Adversarial Training: Dynamically Regularizing Based on Graph Structure,
π TKDE,Code - Bayesian graph convolutional neural networks for semi-supervised classification,
π AAAI,Code - Target Defense Against Link-Prediction-Based Attacks via Evolutionary Perturbations,
π arXiv - Examining Adversarial Learning against Graph-based IoT Malware Detection Systems,
π arXiv - Adversarial Embedding: A robust and elusive Steganography and Watermarking technique,
π arXiv - Graph Interpolating Activation Improves Both Natural and Robust Accuracies in Data-Efficient Deep Learning,
π arXiv,Code - Adversarial Defense Framework for Graph Neural Network,
π arXiv - GraphSAC: Detecting anomalies in large-scale graphs,
π arXiv - Edge Dithering for Robust Adaptive Graph Convolutional Networks,
π arXiv - Can Adversarial Network Attack be Defended?,
π arXiv - GraphDefense: Towards Robust Graph Convolutional Networks,
π arXiv - Adversarial Training Methods for Network Embedding,
π WWW,Code - Adversarial Examples on Graph Data: Deep Insights into Attack and Defense,
π IJCAI,Code - Improving Robustness to Attacks Against Vertex Classification,
π MLG@KDD - Adversarial Robustness of Similarity-Based Link Prediction,
π ICDM - Ξ±Cyber: Enhancing Robustness of Android Malware Detection System against Adversarial Attacks on Heterogeneous Graph based Model,
π CIKM - Batch Virtual Adversarial Training for Graph Convolutional Networks,
π ICML,Code - Latent Adversarial Training of Graph Convolution Networks,
π LRGSD@ICML,Code - Characterizing Malicious Edges targeting on Graph Neural Networks,
π ICLR OpenReview,Code - Comparing and Detecting Adversarial Attacks for Graph Deep Learning,
π RLGM@ICLR - Virtual Adversarial Training on Graph Convolutional Networks in Node Classification,
π PRCV - Robust Graph Convolutional Networks Against Adversarial Attacks,
π KDD,Code - Investigating Robustness and Interpretability of Link Prediction via Adversarial Modifications,
π NAACL,Code - Topology Attack and Defense for Graph Neural Networks: An Optimization Perspective,
π IJCAI,Code - Robust Graph Data Learning via Latent Graph Convolutional Representation,
π arXiv
2018
2017
π Certification
- Localized Randomized Smoothing for Collective Robustness Certification,
π ICLR'2023 - Graph Adversarial Immunization for Certifiable Robustness,
π arXiv'2023 - Randomized Message-Interception Smoothing: Gray-box Certificates for Graph Neural Networks,
π NeurIPS'2022,Code - Certified Robustness of Graph Neural Networks against Adversarial Structural Perturbation,
π KDD'2021,Code - Collective Robustness Certificates: Exploiting Interdependence in Graph Neural Networks,
π ICLR'2021,Code - Adversarial Immunization for Improving Certifiable Robustness on Graphs,
π WSDM'2021 - Certifying Robustness of Graph Laplacian Based Semi-Supervised Learning,
π ICLR OpenReview'2021 - Robust Certification for Laplace Learning on Geometric Graphs,
π MSMLβ2021 - Improving the Robustness of Wasserstein Embedding by Adversarial PAC-Bayesian Learning,
π AAAI'2020 - Certified Robustness of Graph Convolution Networks for Graph Classification under Topological Attacks,
π NeurIPS'2020,Code - Certified Robustness of Community Detection against Adversarial Structural Perturbation via Randomized Smoothing,
π WWW'2020 - Efficient Robustness Certificates for Discrete Data: Sparsity - Aware Randomized Smoothing for Graphs, Images and More,
π ICML'2020,Code - Abstract Interpretation based Robustness Certification for Graph Convolutional Networks,
π ECAI'2020 - Certifiable Robustness of Graph Convolutional Networks under Structure Perturbation,
π KDD'2020,Code - Certified Robustness of Graph Classification against Topology Attack with Randomized Smoothing,
π GLOBECOM'2020 - Certifiable Robustness and Robust Training for Graph Convolutional Networks,
π KDD'2019,Code - Certifiable Robustness to Graph Perturbations,
π NeurIPS'2019,Code
β Stability
- On the Prediction Instability of Graph Neural Networks,
π arXiv'2022 - Stability and Generalization Capabilities of Message Passing Graph Neural Networks,
π arXiv'2022 - Towards a Unified Framework for Fair and Stable Graph Representation Learning,
π UAI'2021,Code - Training Stable Graph Neural Networks Through Constrained Learning,
π arXiv'2021 - Shift-Robust GNNs: Overcoming the Limitations of Localized Graph Training data,
π arXiv'2021 - Stability of Graph Convolutional Neural Networks to Stochastic Perturbations,
π arXiv'2021 - Graph and Graphon Neural Network Stability,
π arXiv'2020 - On the Stability of Graph Convolutional Neural Networks under Edge Rewiring,
π arXiv'2020 - Stability of Graph Neural Networks to Relative Perturbations,
π ICASSP'2020 - Graph Neural Networks: Architectures, Stability and Transferability,
π arXiv'2020 - Should Graph Convolution Trust Neighbors? A Simple Causal Inference Method,
π arXiv'2020 - When Do GNNs Work: Understanding and Improving Neighborhood Aggregation,
π IJCAI Workshop'2019,Code - Stability Properties of Graph Neural Networks,
π arXiv'2019 - Stability and Generalization of Graph Convolutional Neural Networks,
π KDD'2019
π Others
- Evaluating Robustness and Uncertainty of Graph Models Under Structural Distributional Shifts,
π arXivβ2023,Code - We Cannot Guarantee Safety: The Undecidability of Graph Neural Network Verification,
π arXiv'2022 - A Systematic Evaluation of Node Embedding Robustness,
π LoGβ2022,Code
Generating Adversarial Examples with Graph Neural Networks, π UAI'2021 - SIGL: Securing Software Installations Through Deep Graph Learning,
π USENIX'2021 - FLAG: Adversarial Data Augmentation for Graph Neural Networks,
π arXiv'2020,Code - Dynamic Knowledge Graph-based Dialogue Generation with Improved Adversarial Meta-Learning,
π arXiv'2020 - Watermarking Graph Neural Networks by Random Graphs,
π arXiv'2020 - Training Robust Graph Neural Network by Applying Lipschitz Constant Constraint,
π CentraleSupΓ©lec'2020,Code - CAP: Co-Adversarial Perturbation on Weights and Features for Improving Generalization of Graph Neural Networks,
π arXiv'2021 - When Does Self-Supervision Help Graph Convolutional Networks?,
π ICML'2020 - Perturbation Sensitivity of GNNs,
π cs224w'2019
π Survey
- Graph Vulnerability and Robustness: A Survey,
π TKDE'2022 - A Comprehensive Survey on Trustworthy Graph Neural Networks: Privacy, Robustness, Fairness, and Explainability,
π arXiv'2022 - Trustworthy Graph Neural Networks: Aspects, Methods and Trends,
π arXiv'2022 - A Survey of Trustworthy Graph Learning: Reliability, Explainability, and Privacy Protection,
π arXiv'2022 - A Comparative Study on Robust Graph Neural Networks to Structural Noises,
π AAAI DLG'2022 - Deep Graph Structure Learning for Robust Representations: A Survey,
π arXiv'2021 - Robustness of deep learning models on graphs: A survey,
π AI Open'2021 - Graph Neural Networks Methods, Applications, and Opportunities,
π arXiv'2021 - Adversarial Attacks and Defenses on Graphs: A Review, A Tool and Empirical Studies,
π SIGKDD Explorations'2021 - A Survey of Adversarial Learning on Graph,
π arXiv'2020 - Graph Neural Networks Taxonomy, Advances and Trends,
π arXiv'2020 - Recent Advances in Reliable Deep Graph Learning: Inherent Noise, Distribution Shift, and Adversarial Attack,
π arXiv'2022 - Adversarial Attacks and Defenses in Images, Graphs and Text: A Review,
π arXiv'2019 - Deep Learning on Graphs: A Survey,
π arXiv'2018 - Adversarial Attack and Defense on Graph Data: A Survey,
π arXiv'2018
β Toolbox
- DeepRobust: a Platform for Adversarial Attacks and Defenses,
π AAAIβ2021,DeepRobust - GreatX: A graph reliability toolbox based on PyTorch and PyTorch Geometric,
π arXivβ2022,GreatX - Evaluating Graph Vulnerability and Robustness using TIGER,
π arXivβ2021,TIGER - Graph Robustness Benchmark: Rethinking and Benchmarking Adversarial Robustness of Graph Neural Networks,
π NeurIPS'2021,Graph Robustness Benchmark (GRB)
π Resource
- Awesome Adversarial Learning on Recommender System Link
- Awesome Graph Attack and Defense Papers Link
- Graph Adversarial Learning Literature Link
- A Complete List of All (arXiv) Adversarial Example Papers
π Link - Adversarial Attacks and Defenses Frontiers, Advances and Practice, KDD'20 tutorial,
π Link - Trustworthy Graph Learning: Reliability, Explainability, and Privacy Protection, KDD'22 tutorial,
π Link - Adversarial Robustness of Representation Learning for Knowledge Graphs, PhD Thesis at Trinity College Dublin,
π Link