Abstract
Graph embedding has been widely used to process various downstream tasks on large-scale graphs, i.e. node classification, community detection and link prediction. Among various embedding methods, Deep Graph Infomax (DGI) is a newly proposed method which achieves excellent performance in node classification. However, such outstanding achievement may cause the over-mining issue of user privacy and the robustness of this embedding method is still unexplored. In this paper, we investigate how to disturb the node classification accuracy of DGI from an attacker's perspective. We propose a novel attack method called Cross Entropy Attack (CEA), which aims to make target nodes be misclassified by DGI model with only limited edges being modified. By slightly changing the topological structure of a graph, CEA can successfully interfere with the accuracy of node classification in an unsupervised manner. Experiment results show that the proposed CEA obviously outperforms two baseline methods in terms of both Misclassified Rate (MR) and Average Modified of Edge (AME).
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call