计算机科学与探索2024,Vol.18Issue(8):1935-1959,25.DOI:10.3778/j.issn.1673-9418.2311117
图神经网络对抗攻击与鲁棒性评测前沿进展
Advances of Adversarial Attacks and Robustness Evaluation for Graph Neural Networks
摘要
Abstract
In recent years,graph neural networks(GNNs)have gradually become an important research direction in artificial intelligence.However,the adversarial vulnerability of GNNs poses severe challenges to their practical ap-plications.To gain a comprehensive understanding of adversarial attacks and robustness evaluation on GNNs,related state-of-the-art advancements are reviewed and discussed.Firstly,this paper introduces the research background of adversarial attacks on GNNs,provides a formal definition of these attacks,and elucidates the basic concepts and framework for research on adversarial attacks and robustness evaluation in GNNs.Following this,this paper gives an overview of the specific methods proposed in the field of adversarial attacks on GNNs,and details the foremost methods while categorizing them based on the type of adversarial attack and range of attack targets.Their operating mechanisms,principles,and pros and cons are also analyzed.Additionally,considering the model robustness evalua-tion's dependency on adversarial attack methods and adversarial perturbation degree,this paper focuses on direct evaluation indicators.To aid in designing and evaluating adversarial attack methods and GNNs'robust models,this paper compares representative methods considering implementation ease,accuracy,and execution time.This paper foresees ongoing challenges and future research areas.Current research on GNNs'adversarial robustness is experiment-oriented,lacking a guiding theoretical framework,necessitating further systematic theoretical research to ensure GNN-based systems'trustworthiness.关键词
图神经网络/对抗脆弱性/对抗攻击/鲁棒性评测Key words
graph neural network/adversarial vulnerability/adversarial attacks/robustness evaluation分类
信息技术与安全科学引用本文复制引用
吴涛,曹新汶,先兴平,袁霖,张殊,崔灿一星,田侃..图神经网络对抗攻击与鲁棒性评测前沿进展[J].计算机科学与探索,2024,18(8):1935-1959,25.基金项目
国家自然科学基金(62376047,62106030) (62376047,62106030)
重庆市自然科学基金创新发展联合基金重点项目(CSTB2023NSCQ-LZX0003,CSTB2023NSCQ-LMX0023) (CSTB2023NSCQ-LZX0003,CSTB2023NSCQ-LMX0023)
重庆市教委科学技术研究计划重点项目(KJZD-K202300603) (KJZD-K202300603)
重庆市技术创新与应用发展面上项目(CSTB2022TIAD-GPX0014). This work was supported by the National Natural Science Foundation of China(62376047,62106030),the Key Projects of Chongqing Natural Science Foundation Innovation and Development Joint Fund(CSTB2023NSCQ-LZX0003,CSTB2023NSCQ-LMX0023),the Key Project of Science and Technology Research Program of Chongqing Education Commission(KJZD-K202300603),and the Project of Chongqing Technological Innovation and Application Development Project(CSTB2022TIAD-GPX0014). (CSTB2022TIAD-GPX0014)
