Jisuanji kexue yu tansuo (Dec 2021)

Research Progress of Adversarial Defenses on Graphs

  • LI Penghui, ZHAI Zhengli, FENG Shu

DOI
https://doi.org/10.3778/j.issn.1673-9418.2105021
Journal volume & issue
Vol. 15, no. 12
pp. 2292 – 2303

Abstract

Read online

Graph neural networks (GNN) have been successfully applied in complex tasks in many fields, but recent studies show that GNN is vulnerable to graph adversarial attacks, leading to severe performance degradation. The vulnerability of GNN affects all applications including node classification, link prediction and community detection. Graph adversarial attacks can be implemented efficiently, which brings serious security risks and privacy issues. Graph adversarial defense is dedicated to improving the robustness and generalization of GNN to resist adversarial attacks. Research progress of graph adversarial defense algorithm is reviewed. First, the work background and related concepts of graph adversarial defense are introduced, and the development process of graph adversarial defense is analyzed. Then, according to different defense strategies of the defense algorithm, the algorithms are divided into four categories, including attack detection, adversarial training, robustness certification and immu-nologic defense and the strategies of each type of defense algorithm are summarized. Furthermore, the principles and implementation of defense algorithm are analyzed, and typical algorithms are compared in terms of defense strategies, target task, advantages, disadvantages and experiments. Finally, through a comprehensive and systematic analysis of the existing graph adversarial defense algorithm, the problems and developing directions of the defense algorithm are summarized to provide help for further development of graph adversarial defense.

Keywords