Reinforcement Learning for Data Poisoning on Graph Neural Networks

Jacob Dineen; ASM Ahsan-Ul Haque; Matthew Bielskas

Reinforcement Learning for Data Poisoning on Graph Neural Networks

Jacob Dineen, ASM Ahsan-Ul Haque, Matthew Bielskas

SBP-BRiMS 2021

arXiv alphaXiv Google Scholar Semantic Scholar PDF Code

Abstract

Adversarial Machine Learning has emerged as a substantial subfield of Computer Science due to a lack of robustness in the models we train along with crowdsourcing practices that enable attackers to tamper with data. In the last two years, interest has surged in adversarial attacks on graphs yet the Graph Classification setting remains nearly untouched. Since a Graph Classification dataset consists of discrete graphs with class labels, related work has forgone direct gradient optimization in favor of an indirect Reinforcement Learning approach. We will study the novel problem of Data Poisoning (training-time) attacks on Neural Networks for Graph Classification using Reinforcement Learning Agents.

Citation

@inproceedings{dineen2021reinforcement,
title={Reinforcement Learning for Data Poisoning on Graph Neural Networks},
author={Dineen, Jacob and Haque, ASM Ahsan-Ul and Bielskas, Matthew},
booktitle={Social, Cultural, and Behavioral Modeling: 14th International Conference, SBP-BRiMS 2021, Virtual Event, July 6--9, 2021, Proceedings 14},
pages={141--150},
year={2021},
organization={Springer}
}