Toward Certified Robustness of Graph Neural Networks in Adversarial AIoT Environments

Yuni Lai, Jialong Zhou, Xiaoge Zhang, Kai Zhou

Research output: Journal article publicationJournal articleAcademic researchpeer-review

Abstract

Graph neural networks (GNNs) have transformed network analysis, leading to state-of-the-art performance across a variety of tasks. Especially, GNNs are increasingly been employed as detection tools in the AIoT environment in various security applications. However, GNNs have also been shown vulnerable to adversarial graph perturbation. We present the first approach for certifying robustness of general GNNs against attacks that add or remove graph edges either at training or prediction time. Extensive experiments demonstrate that our approach significantly outperforms prior art in certified robust predictions. In addition, we show that a non-certified adaptation of our method exhibits significantly better robust accuracy against state-of-the-art attacks that past approaches. Thus, we achieve both the best certified bounds and best practical robustness of GNNs to structural attacks to date.

Original languageEnglish
Pages (from-to)13920-13932
Number of pages13
JournalIEEE Internet of Things Journal
Volume10
Issue number15
DOIs
Publication statusPublished - 1 Aug 2023

Keywords

  • Adversarial Artificial-IoT (AIoT)
  • certified robustness
  • graph neural networks (GNNs)
  • poisoning attacks

ASJC Scopus subject areas

  • Signal Processing
  • Information Systems
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Toward Certified Robustness of Graph Neural Networks in Adversarial AIoT Environments'. Together they form a unique fingerprint.

Cite this