Abstract
Graph Neural Networks (GNNs for short), a generalization of neural networks to graph-structured data, performance good in closed setting with perfect data for variety tasks, including node classification, link prediction and graph classification. However, GNNs are vulnerable to adversarial attacks, i.e., a small perturbation to the graph structure and node features in wild setting can lead to non-trivial performance degradation. Non-robustness is one of the main obstacle to applying GNNs in the wild. In this work, we focus on one of the most popular GNNs, Graph Convolutional Networks (GCN for short), and propose Stochastic Activation GCN (SA-GCN for short) to improve the robustness of GCN models. More specifically, we propose building a roust model by directly introducing a regularization term to the objective function and maximizing the feature distribution variance. Extensive experiments show that this simple design makes SA-GCN achieving significantly improved robustness against adversarial attacks. Moreover, our approach generalizes well and can be equipped with various models. Conducted empirical experiments demonstrate the effectiveness of SA-GCN.
Supported by Huxiang Youth Talent Support Program (No. 2021RC3076), and Training Program for Excellent Young Innovators of Changsha (No. KQ2009009).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Bapst, V., et al.: Unveiling the predictive power of static structure in glassy systems. Nature Physics (2020)
Bojchevski, A., Günnemann, S.: Certifiable robustness to graph perturbations. In: Proceedings of NeurIPS (2019)
Dai, H., et al.: Adversarial attack on graph structured data. In: Proceedings of ICML (2018)
Giles, C.L., Bollacker, K.D., Lawrence, S.: Citeseer: an automatic citation indexing system. In: Proceedings of the Third ACM Conference on Digital Libraries (1998)
Glorot, X., Bengio, Y.: Understanding the difficulty of training deep feedforward neural networks. In: Proceedings of AISTATS (2010)
Hamilton, W.L., Ying, Z., Leskovec, J.: Inductive representation learning on large graphs. In: Proceedings of NeurIPS (2017)
He, Z., Rakin, A.S., Fan, D.: Parametric noise injection: trainable randomness to improve deep neural network robustness against adversarial attack. In: Proceedings of CVPR (2019)
Jeddi, A., Shafiee, M.J., Karg, M., Scharfenberger, C., Wong, A.: Learn2perturb: an end-to-end feature perturbation learning to improve adversarial robustness. In: Proceedings of CVPR (2020)
Jin, W., et al.: Adversarial attacks and defenses on graphs. SIGKDD Explor. Newsl. 22(2), 19–34 (2020)
Johnson, J., Gupta, A., Fei-Fei, L.: Image generation from scene graphs. In: Proceedings of CVPR (2018)
Kipf, T.N., Welling, M.: Semi-supervised classification with graph convolutional networks. In: Proceedings of ICLR (2017)
Lee, J.B., Rossi, R.A., Kong, X.: Graph classification using structural attention. In: Proceedings of KDD (2018)
Li, Y., Jin, W., Xu, H., Tang, J.: Deeprobust: a platform for adversarial attacks and defenses. In: Proceedings of AAAI (2021)
Liu, X., Cheng, M., Zhang, H., Hsieh, C.: Towards robust neural networks via random self-ensemble. In: Proceedings of ECCV (2018)
McCallum, A.K., Nigam, K., Rennie, J., Seymore, K.: Automating the construction of internet portals with machine learning. Inf. Retrieval 3(2), 127–163 (2000). https://doi.org/10.1023/A:1009953814988
Pal, A., Eksombatchai, C., Zhou, Y., Zhao, B., Rosenberg, C., Leskovec, J.: Pinnersage: multi-modal user embedding framework for recommendations at pinterest. In: Proceedings of KDD (2020)
Shanthamallu, U.S., Thiagarajan, J.J., Spanias, A.: Uncertainty-matching graph neural networks to defend against poisoning attacks. In: Proceedings of AAAI (2021)
Sun, Y., Wang, S., Tang, X., Hsieh, T., Honavar, V.G.: Adversarial attacks on graph neural networks via node injections: a hierarchical reinforcement learning approach. In: Proceedings of WWW (2020)
Velickovic, P., Cucurull, G., Casanova, A., Romero, A., Liò, P., Bengio, Y.: Graph attention networks. In: Proceedings of ICLR (2018)
Wang, H., Zhou, C., Chen, X., Wu, J., Pan, S., Wang, J.: Graph stochastic neural networks for semi-supervised learning. In: Proceedings of NeurIPS (2020)
Wang, J., Luo, M., Suya, F., Li, J., Yang, Z., Zheng, Q.: Scalable attack on graph data by injecting vicious nodes. Data Min. Knowl. Discov. 34(5), 1363–1389 (2020)
Wu, H., Wang, C., Tyshetskiy, Y., Docherty, A., Lu, K., Zhu, L.: Adversarial examples for graph data: deep insights into attack and defense. In: Proceedings of IJCAI (2019)
Xu, H., et al.: Adversarial attacks and defenses in images, graphs and text: a review. Int. J. Autom. Comput. 17(2), 151–178 (2020). https://doi.org/10.1007/s11633-019-1211-x
Xu, K., et al.: Topology attack and defense for graph neural networks: an optimization perspective. In: Proceedings of IJCAI (2019)
Xu, M., Zhao, C., Rojas, D.S., Thabet, A.K., Ghanem, B.: G-TAD: sub-graph localization for temporal action detection. In: Proceedings of CVPR (2020)
You, J., Liu, B., Ying, Z., Pande, V.S., Leskovec, J.: Graph convolutional policy network for goal-directed molecular graph generation. In: Proceedings of NeurIPS (2018)
Yu, T., Yang, Y., Li, D., Hospedales, T.M., Xiang, T.: Simple and effective stochastic neural networks. In: Proceedings of AAAI (2021)
Zhang, Y., Pal, S., Coates, M., Üstebay, D.: Bayesian graph convolutional neural networks for semi-supervised classification. In: Proceedings of AAAI (2019)
Zheng, C., et al.: Robust graph representation learning via neural sparsification. In: Proceedings of ICML (2020)
Zhu, D., Cui, P., Wang, D., Zhu, W.: Deep variational network embedding in wasserstein space. In: Proceedings of KDD (2018)
Zhu, D., Zhang, Z., Cui, P., Zhu, W.: Robust graph convolutional networks against adversarial attacks. In: Proceedings of KDD (2019)
Zhu, Y., Xu, W., Zhang, J., Liu, Q., Wu, S., Wang, L.: Deep graph structure learning for robust representations: a survey. CoRR (2021)
Zügner, D., Akbarnejad, A., Günnemann, S.: Adversarial attacks on neural networks for graph data. In: Proceedings of KDD (2018)
Zügner, D., Günnemann, S.: Certifiable robustness of graph convolutional networks under structure perturbations. In: Proceedings of KDD (2020)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Yu, Z., Yang, H., Wang, L., Sun, L., Zhou, Y. (2022). Towards Robust Graph Convolution Network via Stochastic Activation. In: Tan, Y., Shi, Y., Niu, B. (eds) Advances in Swarm Intelligence. ICSI 2022. Lecture Notes in Computer Science, vol 13345. Springer, Cham. https://doi.org/10.1007/978-3-031-09726-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-031-09726-3_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-09725-6
Online ISBN: 978-3-031-09726-3
eBook Packages: Computer ScienceComputer Science (R0)