• Stars
    star
    123
  • Rank 290,145 (Top 6 %)
  • Language
    Python
  • License
    MIT License
  • Created over 6 years ago
  • Updated over 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Adversarial Attack on Graph Structured Data (https://arxiv.org/abs/1806.02371)

graph_adversarial_attack

Adversarial Attack on Graph Structured Data (https://arxiv.org/abs/1806.02371, to appear in ICML 2018). This repo contains the code, data and results reported in the paper.

1. download repo and data

First clone the repo recursively, since it depends on another repo (https://github.com/Hanjun-Dai/pytorch_structure2vec):

git clone [email protected]:Hanjun-Dai/graph_adversarial_attack --recursive

(BTW if you have trouble downloading it because of permission issues, please see this issue )

Then download the data using the following dropbox link:

https://www.dropbox.com/sh/mu8odkd36x54rl3/AABg8ABiMqwcMEM5qKIY97nla?dl=0

Put everything under the 'dropbox' folder, or create a symbolic link with name 'dropbox':

ln -s /path/to/your/downloaded/files dropbox

Finally the folder structure should look like this:

graph_adversarial_attack (project root)
|__  README.md
|__  code
|__  pytorch_structure2vec
|__  dropbox
|__  |__ data
|    |__ scratch
|......

Optionally, you can use the data generator under code/data_generator to generate the synthetic data.

2. install dependencies and build c++ backend

The current code depends on pytorch 0.3.1, cffi and CUDA 9.1. Please install using the following command (for linux):

pip install http://download.pytorch.org/whl/cu91/torch-0.3.1-cp27-cp27mu-linux_x86_64.whl 
pip install cffi==1.11.2

The c++ code needs to be built first:

cd pytorch_structure2vec/s2v_lib
make
cd code/common
make

3. Train the graph classification and node classification model (our attack target)

If you want to retrain the target model, go to either code/graph_classification or code/node_classification and run the script in train mode. For example:

cd code/graph_classification
./run_er_components.sh -phase train

You can also use the pretrained model that is the same as used in this paper, under the folder dropbox/scratch/results

4. Attack the above trained model.

In this paper, we presented 5 different approaches for attack, under both graph-level classification and node-level classification tasks. The code for attack can be found under code/graph_attack and code/node_attack, respectively.

For example, to use Q-leaning to attack the graph classification method, do the following:

cd code/graph_attack
./run_dqn.sh -phase train

Reference

@article{dai2018adversarial,
  title={Adversarial Attack on Graph Structured Data},
  author={Dai, Hanjun and Li, Hui and Tian, Tian and Huang, Xin and Wang, Lin and Zhu, Jun and Song, Le},
  journal={arXiv preprint arXiv:1806.02371},
  year={2018}
}