0 |
Revisiting Graph Adversarial Attack and Defense From a Data Distribution Perspective |
⚔Attack |
📝ICLR |
Code |
2023 |
1 |
Let Graph be the Go Board: Gradient-free Node Injection Attack for Graph Neural Networks via Reinforcement Learning |
⚔Attack |
📝AAAI |
Code |
2023 |
2 |
GUAP: Graph Universal Attack Through Adversarial Patching |
⚔Attack |
📝arXiv |
Code |
2023 |
3 |
Node Injection for Class-specific Network Poisoning |
⚔Attack |
📝arXiv |
Code |
2023 |
4 |
Unnoticeable Backdoor Attacks on Graph Neural Networks |
⚔Attack |
📝WWW |
Code |
2023 |
5 |
Adversarial Attack on Graph Neural Networks as An Influence Maximization Problem |
⚔Attack |
📝WSDM |
Code |
2022 |
6 |
Inference Attacks Against Graph Neural Networks |
⚔Attack |
📝USENIX Security |
Code |
2022 |
7 |
Model Stealing Attacks Against Inductive Graph Neural Networks |
⚔Attack |
📝IEEE Symposium on Security and Privacy |
Code |
2022 |
8 |
Unsupervised Graph Poisoning Attack via Contrastive Loss Back-propagation |
⚔Attack |
📝WWW |
Code |
2022 |
9 |
Neighboring Backdoor Attacks on Graph Convolutional Network |
⚔Attack |
📝arXiv |
Code |
2022 |
10 |
Understanding and Improving Graph Injection Attack by Promoting Unnoticeability |
⚔Attack |
📝ICLR |
Code |
2022 |
11 |
Blindfolded Attackers Still Threatening: Strict Black-Box Adversarial Attacks on Graphs |
⚔Attack |
📝AAAI |
Code |
2022 |
12 |
Black-box Node Injection Attack for Graph Neural Networks |
⚔Attack |
📝arXiv |
Code |
2022 |
13 |
Model Extraction Attacks on Graph Neural Networks: Taxonomy and Realization |
⚔Attack |
📝Asia CCS |
Code |
2022 |
14 |
Bandits for Structure Perturbation-based Black-box Attacks to Graph Neural Networks with Theoretical Guarantees |
⚔Attack |
📝CVPR |
Code |
2022 |
15 |
Transferable Graph Backdoor Attack |
⚔Attack |
📝RAID |
Code |
2022 |
16 |
Cluster Attack: Query-based Adversarial Attacks on Graphs with Graph-Dependent Priors |
⚔Attack |
📝IJCAI |
Code |
2022 |
17 |
Are Gradients on Graph Structure Reliable in Gray-box Attacks? |
⚔Attack |
📝CIKM |
Code |
2022 |
18 |
BinarizedAttack: Structural Poisoning Attacks to Graph-based Anomaly Detection |
⚔Attack |
📝ICDM |
Code |
2022 |
19 |
Sparse Vicious Attacks on Graph Neural Networks |
⚔Attack |
📝arXiv |
Code |
2022 |
20 |
Adversarial Inter-Group Link Injection Degrades the Fairness of Graph Neural Networks |
⚔Attack |
📝ICDM |
Code |
2022 |
21 |
Link-Backdoor: Backdoor Attack on Link Prediction via Node Injection |
⚔Attack |
📝arXiv |
Code |
2022 |
22 |
GANI: Global Attacks on Graph Neural Networks via Imperceptible Node Injections |
⚔Attack |
📝arXiv |
Code |
2022 |
23 |
Are Defenses for Graph Neural Networks Robust? |
⚔Attack |
📝NeurIPS |
Code |
2022 |
24 |
Towards Reasonable Budget Allocation in Untargeted Graph Structure Attacks via Gradient Debias |
⚔Attack |
📝NeurIPS |
Code |
2022 |
25 |
Structack: Structure-based Adversarial Attacks on Graph Neural Networks |
⚔Attack |
📝ACM Hypertext |
Code |
2021 |
26 |
Graph Adversarial Attack via Rewiring |
⚔Attack |
📝KDD |
Code |
2021 |
27 |
TDGIA: Effective Injection Attacks on Graph Neural Networks |
⚔Attack |
📝KDD |
Code |
2021 |
28 |
Adversarial Attack on Large Scale Graph |
⚔Attack |
📝TKDE |
Code |
2021 |
29 |
SAGE: Intrusion Alert-driven Attack Graph Extractor |
⚔Attack |
📝KDD Workshop |
Code |
2021 |
30 |
Adversarial Diffusion Attacks on Graph-based Traffic Prediction Models |
⚔Attack |
📝arXiv |
Code |
2021 |
31 |
VIKING: Adversarial Attack on Network Embeddings via Supervised Network Poisoning |
⚔Attack |
📝PAKDD |
Code |
2021 |
32 |
GraphAttacker: A General Multi-Task GraphAttack Framework |
⚔Attack |
📝arXiv |
Code |
2021 |
33 |
Graph Stochastic Neural Networks for Semi-supervised Learning |
⚔Attack |
📝arXiv |
Code |
2021 |
34 |
Iterative Deep Graph Learning for Graph Neural Networks: Better and Robust Node Embeddings |
⚔Attack |
📝arXiv |
Code |
2021 |
35 |
Single-Node Attack for Fooling Graph Neural Networks |
⚔Attack |
📝KDD Workshop |
Code |
2021 |
36 |
Poisoning Knowledge Graph Embeddings via Relation Inference Patterns |
⚔Attack |
📝ACL |
Code |
2021 |
37 |
Single Node Injection Attack against Graph Neural Networks |
⚔Attack |
📝CIKM |
Code |
2021 |
38 |
Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications |
⚔Attack |
📝ICDM |
Code |
2021 |
39 |
Robustness of Graph Neural Networks at Scale |
⚔Attack |
📝NeurIPS |
Code |
2021 |
40 |
Graph Universal Adversarial Attacks: A Few Bad Actors Ruin Graph Learning Models |
⚔Attack |
📝IJCAI |
Code |
2021 |
41 |
Adversarial Attacks on Graph Classification via Bayesian Optimisation |
⚔Attack |
📝NeurIPS |
Code |
2021 |
42 |
Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods |
⚔Attack |
📝EMNLP |
Code |
2021 |
43 |
UNTANGLE: Unlocking Routing and Logic Obfuscation Using Graph Neural Networks-based Link Prediction |
⚔Attack |
📝ICCAD |
Code |
2021 |
44 |
GraphMI: Extracting Private Graph Data from Graph Neural Networks |
⚔Attack |
📝IJCAI |
Code |
2021 |
45 |
Learning to Deceive Knowledge Graph Augmented Models via Targeted Perturbation |
⚔Attack |
📝ICLR |
Code |
2020 |
46 |
Towards More Practical Adversarial Attacks on Graph Neural Networks |
⚔Attack |
📝NeurIPS |
Code |
2020 |
47 |
Adversarial Label-Flipping Attack and Defense for Graph Neural Networks |
⚔Attack |
📝ICDM |
Code |
2020 |
48 |
Exploratory Adversarial Attacks on Graph Neural Networks |
⚔Attack |
📝ICDM |
Code |
2020 |
49 |
A Targeted Universal Attack on Graph Convolutional Network |
⚔Attack |
📝arXiv |
Code |
2020 |
50 |
Backdoor Attacks to Graph Neural Networks |
⚔Attack |
📝SACMAT |
Code |
2020 |
51 |
Adversarial Attack on Community Detection by Hiding Individuals |
⚔Attack |
📝WWW |
Code |
2020 |
52 |
A Restricted Black-box Adversarial Framework Towards Attacking Graph Embedding Models |
⚔Attack |
📝AAAI |
Code |
2020 |
53 |
Scalable Attack on Graph Data by Injecting Vicious Nodes |
⚔Attack |
📝ECML-PKDD |
Code |
2020 |
54 |
Network disruption: maximizing disagreement and polarization in social networks |
⚔Attack |
📝arXiv |
Code |
2020 |
55 |
Structured Adversarial Attack Towards General Implementation and Better Interpretability |
⚔Attack |
📝ICLR |
Code |
2019 |
56 |
PeerNets Exploiting Peer Wisdom Against Adversarial Attacks |
⚔Attack |
📝ICLR |
Code |
2019 |
57 |
Adversarial Attacks on Node Embeddings via Graph Poisoning |
⚔Attack |
📝ICML |
Code |
2019 |
58 |
Adversarial Attacks on Graph Neural Networks via Meta Learning |
⚔Attack |
📝ICLR |
Code |
2019 |
59 |
Topology Attack and Defense for Graph Neural Networks: An Optimization Perspective |
⚔Attack |
📝IJCAI |
Code |
2019 |
60 |
Adversarial Examples on Graph Data: Deep Insights into Attack and Defense |
⚔Attack |
📝IJCAI |
Code |
2019 |
61 |
A Unified Framework for Data Poisoning Attack to Graph-based Semi-supervised Learning |
⚔Attack |
📝NeurIPS |
Code |
2019 |
62 |
Adversarial Attacks on Neural Networks for Graph Data |
⚔Attack |
📝KDD |
Code |
2018 |
63 |
Adversarial Attack on Graph Structured Data |
⚔Attack |
📝ICML |
Code |
2018 |
64 |
Adversarial Sets for Regularising Neural Link Predictors |
⚔Attack |
📝UAI |
Code |
2017 |
65 |
Adversarial Training for Graph Neural Networks: Pitfalls, Solutions, and New Directions |
🛡Defense |
📝NeurIPS |
Code |
2023 |
66 |
Empowering Graph Representation Learning with Test-Time Graph Transformation |
🛡Defense |
📝ICLR |
Code |
2023 |
67 |
Robust Training of Graph Neural Networks via Noise Governance |
🛡Defense |
📝WSDM |
Code |
2023 |
68 |
Self-Supervised Graph Structure Refinement for Graph Neural Networks |
🛡Defense |
📝WSDM |
Code |
2023 |
69 |
Revisiting Robustness in Graph Machine Learning |
🛡Defense |
📝ICLR |
Code |
2023 |
70 |
Unsupervised Adversarially-Robust Representation Learning on Graphs |
🛡Defense |
📝AAAI |
Code |
2022 |
71 |
Towards Robust Graph Neural Networks for Noisy Graphs with Sparse Labels |
🛡Defense |
📝WSDM |
Code |
2022 |
72 |
Mind Your Solver! On Adversarial Attack and Defense for Combinatorial Optimization |
🛡Defense |
📝arXiv |
Code |
2022 |
73 |
Graph Neural Network for Local Corruption Recovery |
🛡Defense |
📝arXiv |
Code |
2022 |
74 |
Defending Graph Convolutional Networks against Dynamic Graph Perturbations via Bayesian Self-supervision |
🛡Defense |
📝AAAI |
Code |
2022 |
75 |
SimGRACE: A Simple Framework for Graph Contrastive Learning without Data Augmentation |
🛡Defense |
📝WWW |
Code |
2022 |
76 |
GUARD: Graph Universal Adversarial Defense |
🛡Defense |
📝arXiv |
Code |
2022 |
77 |
Bayesian Robust Graph Contrastive Learning |
🛡Defense |
📝arXiv |
Code |
2022 |
78 |
Reliable Representations Make A Stronger Defender: Unsupervised Structure Refinement for Robust GNN |
🛡Defense |
📝KDD |
Code |
2022 |
79 |
Appearance and Structure Aware Robust Deep Visual Graph Matching: Attack, Defense and Beyond |
🛡Defense |
📝CVPR |
Code |
2022 |
80 |
How does Heterophily Impact Robustness of Graph Neural Networks? Theoretical Connections and Practical Implications |
🛡Defense |
📝KDD |
Code |
2022 |
81 |
Robust Graph Neural Networks using Weighted Graph Laplacian |
🛡Defense |
📝SPCOM |
Code |
2022 |
82 |
Robust Tensor Graph Convolutional Networks via T-SVD based Graph Augmentation |
🛡Defense |
📝KDD |
Code |
2022 |
83 |
Robust Node Classification on Graphs: Jointly from Bayesian Label Transition and Topology-based Label Propagation |
🛡Defense |
📝CIKM |
Code |
2022 |
84 |
On the Robustness of Graph Neural Diffusion to Topology Perturbations |
🛡Defense |
📝NeurIPS |
Code |
2022 |
85 |
Spectral Adversarial Training for Robust Graph Neural Network |
🛡Defense |
📝TKDE |
Code |
2022 |
86 |
You Can Have Better Graph Neural Networks by Not Training Weights at All: Finding Untrained GNNs Tickets |
🛡Defense |
📝LoG |
Code |
2022 |
87 |
Learning to Drop: Robust Graph Neural Network via Topological Denoising |
🛡Defense |
📝WSDM |
Code |
2021 |
88 |
Understanding Structural Vulnerability in Graph Convolutional Networks |
🛡Defense |
📝IJCAI |
Code |
2021 |
89 |
A Robust and Generalized Framework for Adversarial Graph Embedding |
🛡Defense |
📝arXiv |
Code |
2021 |
90 |
Information Obfuscation of Graph Neural Network |
🛡Defense |
📝ICML |
Code |
2021 |
91 |
Elastic Graph Neural Networks |
🛡Defense |
📝ICML |
Code |
2021 |
92 |
Node Similarity Preserving Graph Convolutional Networks |
🛡Defense |
📝WSDM |
Code |
2021 |
93 |
NetFense: Adversarial Defenses against Privacy Attacks on Neural Networks for Graph Data |
🛡Defense |
📝TKDE |
Code |
2021 |
94 |
Power up! Robust Graph Convolutional Network against Evasion Attacks based on Graph Powering |
🛡Defense |
📝AAAI |
Code |
2021 |
95 |
Unveiling the potential of Graph Neural Networks for robust Intrusion Detection |
🛡Defense |
📝arXiv |
Code |
2021 |
96 |
A Lightweight Metric Defence Strategy for Graph Neural Networks Against Poisoning Attacks |
🛡Defense |
📝ICICS |
Code |
2021 |
97 |
Node Feature Kernels Increase Graph Convolutional Network Robustness |
🛡Defense |
📝arXiv |
Code |
2021 |
98 |
Not All Low-Pass Filters are Robust in Graph Convolutional Networks |
🛡Defense |
📝NeurIPS |
Code |
2021 |
99 |
Graph Neural Networks with Adaptive Residual |
🛡Defense |
📝NeurIPS |
Code |
2021 |
100 |
Graph Posterior Network: Bayesian Predictive Uncertainty for Node Classification |
🛡Defense |
📝NeurIPS |
Code |
2021 |
101 |
Topological Relational Learning on Graphs |
🛡Defense |
📝NeurIPS |
Code |
2021 |
102 |
Variational Inference for Graph Convolutional Networks in the Absence of Graph Data and Adversarial Settings |
🛡Defense |
📝NeurIPS |
Code |
2020 |
103 |
Graph Random Neural Networks for Semi-Supervised Learning on Graphs |
🛡Defense |
📝NeurIPS |
Code |
2020 |
104 |
Reliable Graph Neural Networks via Robust Aggregation |
🛡Defense |
📝NeurIPS |
Code |
2020 |
105 |
Graph Adversarial Networks: Protecting Information against Adversarial Attacks |
🛡Defense |
📝ICLR OpenReview |
Code |
2020 |
106 |
A Feature-Importance-Aware and Robust Aggregator for GCN |
🛡Defense |
📝CIKM |
Code |
2020 |
107 |
Graph Information Bottleneck |
🛡Defense |
📝NeurIPS |
Code |
2020 |
108 |
Graph Contrastive Learning with Augmentations |
🛡Defense |
📝NeurIPS |
Code |
2020 |
109 |
Graph Structure Reshaping Against Adversarial Attacks on Graph Neural Networks |
🛡Defense |
📝None |
Code |
2020 |
110 |
Adversarial Privacy Preserving Graph Embedding against Inference Attack |
🛡Defense |
📝arXiv |
Code |
2020 |
111 |
GNNGuard: Defending Graph Neural Networks against Adversarial Attacks |
🛡Defense |
📝NeurIPS |
Code |
2020 |
112 |
Transferring Robustness for Graph Neural Network Against Poisoning Attacks |
🛡Defense |
📝WSDM |
Code |
2020 |
113 |
All You Need Is Low (Rank): Defending Against Adversarial Attacks on Graphs |
🛡Defense |
📝WSDM |
Code |
2020 |
114 |
Robust Detection of Adaptive Spammers by Nash Reinforcement Learning |
🛡Defense |
📝KDD |
Code |
2020 |
115 |
Graph Structure Learning for Robust Graph Neural Networks |
🛡Defense |
📝KDD |
Code |
2020 |
116 |
On The Stability of Polynomial Spectral Graph Filters |
🛡Defense |
📝ICASSP |
Code |
2020 |
117 |
On the Robustness of Cascade Diffusion under Node Attacks |
🛡Defense |
📝WWW |
Code |
2020 |
118 |
Enhancing Graph Neural Network-based Fraud Detectors against Camouflaged Fraudsters |
🛡Defense |
📝CIKM |
Code |
2020 |
119 |
DefenseVGAE: Defending against Adversarial Attacks on Graph Data via a Variational Graph Autoencoder |
🛡Defense |
📝arXiv |
Code |
2020 |
120 |
Graph-Revised Convolutional Network |
🛡Defense |
📝ECML-PKDD |
Code |
2020 |
121 |
Graph Adversarial Training: Dynamically Regularizing Based on Graph Structure |
🛡Defense |
📝TKDE |
Code |
2019 |
122 |
Bayesian graph convolutional neural networks for semi-supervised classification |
🛡Defense |
📝AAAI |
Code |
2019 |
123 |
Graph Interpolating Activation Improves Both Natural and Robust Accuracies in Data-Efficient Deep Learning |
🛡Defense |
📝arXiv |
Code |
2019 |
124 |
Adversarial Training Methods for Network Embedding |
🛡Defense |
📝WWW |
Code |
2019 |
125 |
Batch Virtual Adversarial Training for Graph Convolutional Networks |
🛡Defense |
📝ICML |
Code |
2019 |
126 |
Latent Adversarial Training of Graph Convolution Networks |
🛡Defense |
📝LRGSD@ICML |
Code |
2019 |
127 |
Characterizing Malicious Edges targeting on Graph Neural Networks |
🛡Defense |
📝ICLR OpenReview |
Code |
2019 |
128 |
Robust Graph Convolutional Networks Against Adversarial Attacks |
🛡Defense |
📝KDD |
Code |
2019 |
129 |
Investigating Robustness and Interpretability of Link Prediction via Adversarial Modifications |
🛡Defense |
📝NAACL |
Code |
2019 |
130 |
Adversarial Personalized Ranking for Recommendation |
🛡Defense |
📝SIGIR |
Code |
2018 |
131 |
Hierarchical Randomized Smoothing |
🔐Certification |
📝NeurIPS'2023 |
Code |
2023 |
132 |
(Provable) Adversarial Robustness for Group Equivariant Tasks: Graphs, Point Clouds, Molecules, and More |
🔐Certification |
📝NeurIPS'2023 |
Code |
2023 |
133 |
Randomized Message-Interception Smoothing: Gray-box Certificates for Graph Neural Networks |
🔐Certification |
📝NeurIPS'2022 |
Code |
2022 |
134 |
Certified Robustness of Graph Neural Networks against Adversarial Structural Perturbation |
🔐Certification |
📝KDD'2021 |
Code |
2021 |
135 |
Collective Robustness Certificates: Exploiting Interdependence in Graph Neural Networks |
🔐Certification |
📝ICLR'2021 |
Code |
2021 |
136 |
Certified Robustness of Graph Convolution Networks for Graph Classification under Topological Attacks |
🔐Certification |
📝NeurIPS'2020 |
Code |
2020 |
137 |
Efficient Robustness Certificates for Discrete Data: Sparsity - Aware Randomized Smoothing for Graphs, Images and More |
🔐Certification |
📝ICML'2020 |
Code |
2020 |
138 |
Certifiable Robustness of Graph Convolutional Networks under Structure Perturbation |
🔐Certification |
📝KDD'2020 |
Code |
2020 |
139 |
Certifiable Robustness and Robust Training for Graph Convolutional Networks |
🔐Certification |
📝KDD'2019 |
Code |
2019 |
140 |
Certifiable Robustness to Graph Perturbations |
🔐Certification |
📝NeurIPS'2019 |
Code |
2019 |
141 |
Towards a Unified Framework for Fair and Stable Graph Representation Learning |
⚖Stability |
📝UAI'2021 |
Code |
2021 |
142 |
Shift-Robust GNNs: Overcoming the Limitations of Localized Graph Training data |
⚖Stability |
📝NeurIPS'2021 |
Code |
2021 |
143 |
When Do GNNs Work: Understanding and Improving Neighborhood Aggregation |
⚖Stability |
📝IJCAI Workshop'2019 |
Code |
2019 |
144 |
Evaluating Robustness and Uncertainty of Graph Models Under Structural Distributional Shifts |
🚀Others |
📝arXiv‘2023 |
Code |
2023 |
145 |
A Systematic Evaluation of Node Embedding Robustness |
🚀Others |
📝LoG‘2022 |
Code |
2022 |
146 |
FLAG: Adversarial Data Augmentation for Graph Neural Networks |
🚀Others |
📝arXiv'2020 |
Code |
2020 |
147 |
Training Robust Graph Neural Network by Applying Lipschitz Constant Constraint |
🚀Others |
📝CentraleSupélec'2020 |
Code |
2020 |
148 |
DeepRobust: a Platform for Adversarial Attacks and Defenses |
⚙Toolbox |
📝AAAI’2021 |
DeepRobust |
2021 |
149 |
GreatX: A graph reliability toolbox based on PyTorch and PyTorch Geometric |
⚙Toolbox |
📝arXiv’2022 |
GreatX |
2022 |
150 |
Evaluating Graph Vulnerability and Robustness using TIGER |
⚙Toolbox |
📝arXiv‘2021 |
TIGER |
2021 |
151 |
Graph Robustness Benchmark: Rethinking and Benchmarking Adversarial Robustness of Graph Neural Networks |
⚙Toolbox |
📝NeurIPS'2021 |
Graph Robustness Benchmark (GRB) |
2021 |