| 0 |
Revisiting Graph Adversarial Attack and Defense From a Data Distribution Perspective |
⚔Attack |
📝ICLR |
 Code |
2023 |
| 1 |
Let Graph be the Go Board: Gradient-free Node Injection Attack for Graph Neural Networks via Reinforcement Learning |
⚔Attack |
📝AAAI |
Code |
2023 |
| 2 |
GUAP: Graph Universal Attack Through Adversarial Patching |
⚔Attack |
📝arXiv |
Code |
2023 |
| 3 |
Node Injection for Class-specific Network Poisoning |
⚔Attack |
📝arXiv |
Code |
2023 |
| 4 |
Unnoticeable Backdoor Attacks on Graph Neural Networks |
⚔Attack |
📝WWW |
Code |
2023 |
| 5 |
Adversarial Attack on Graph Neural Networks as An Influence Maximization Problem |
⚔Attack |
📝WSDM |
Code |
2022 |
| 6 |
Inference Attacks Against Graph Neural Networks |
⚔Attack |
📝USENIX Security |
Code |
2022 |
| 7 |
Model Stealing Attacks Against Inductive Graph Neural Networks |
⚔Attack |
📝IEEE Symposium on Security and Privacy |
Code |
2022 |
| 8 |
Unsupervised Graph Poisoning Attack via Contrastive Loss Back-propagation |
⚔Attack |
📝WWW |
Code |
2022 |
| 9 |
Neighboring Backdoor Attacks on Graph Convolutional Network |
⚔Attack |
📝arXiv |
Code |
2022 |
| 10 |
Understanding and Improving Graph Injection Attack by Promoting Unnoticeability |
⚔Attack |
📝ICLR |
Code |
2022 |
| 11 |
Blindfolded Attackers Still Threatening: Strict Black-Box Adversarial Attacks on Graphs |
⚔Attack |
📝AAAI |
Code |
2022 |
| 12 |
Black-box Node Injection Attack for Graph Neural Networks |
⚔Attack |
📝arXiv |
Code |
2022 |
| 13 |
Model Extraction Attacks on Graph Neural Networks: Taxonomy and Realization |
⚔Attack |
📝Asia CCS |
Code |
2022 |
| 14 |
Bandits for Structure Perturbation-based Black-box Attacks to Graph Neural Networks with Theoretical Guarantees |
⚔Attack |
📝CVPR |
Code |
2022 |
| 15 |
Transferable Graph Backdoor Attack |
⚔Attack |
📝RAID |
Code |
2022 |
| 16 |
Cluster Attack: Query-based Adversarial Attacks on Graphs with Graph-Dependent Priors |
⚔Attack |
📝IJCAI |
Code |
2022 |
| 17 |
Are Gradients on Graph Structure Reliable in Gray-box Attacks? |
⚔Attack |
📝CIKM |
Code |
2022 |
| 18 |
BinarizedAttack: Structural Poisoning Attacks to Graph-based Anomaly Detection |
⚔Attack |
📝ICDM |
Code |
2022 |
| 19 |
Sparse Vicious Attacks on Graph Neural Networks |
⚔Attack |
📝arXiv |
Code |
2022 |
| 20 |
Adversarial Inter-Group Link Injection Degrades the Fairness of Graph Neural Networks |
⚔Attack |
📝ICDM |
Code |
2022 |
| 21 |
Link-Backdoor: Backdoor Attack on Link Prediction via Node Injection |
⚔Attack |
📝arXiv |
Code |
2022 |
| 22 |
GANI: Global Attacks on Graph Neural Networks via Imperceptible Node Injections |
⚔Attack |
📝arXiv |
Code |
2022 |
| 23 |
Are Defenses for Graph Neural Networks Robust? |
⚔Attack |
📝NeurIPS |
Code |
2022 |
| 24 |
Towards Reasonable Budget Allocation in Untargeted Graph Structure Attacks via Gradient Debias |
⚔Attack |
📝NeurIPS |
Code |
2022 |
| 25 |
Structack: Structure-based Adversarial Attacks on Graph Neural Networks |
⚔Attack |
📝ACM Hypertext |
Code |
2021 |
| 26 |
Graph Adversarial Attack via Rewiring |
⚔Attack |
📝KDD |
Code |
2021 |
| 27 |
TDGIA: Effective Injection Attacks on Graph Neural Networks |
⚔Attack |
📝KDD |
Code |
2021 |
| 28 |
Adversarial Attack on Large Scale Graph |
⚔Attack |
📝TKDE |
Code |
2021 |
| 29 |
SAGE: Intrusion Alert-driven Attack Graph Extractor |
⚔Attack |
📝KDD Workshop |
Code |
2021 |
| 30 |
Adversarial Diffusion Attacks on Graph-based Traffic Prediction Models |
⚔Attack |
📝arXiv |
Code |
2021 |
| 31 |
VIKING: Adversarial Attack on Network Embeddings via Supervised Network Poisoning |
⚔Attack |
📝PAKDD |
Code |
2021 |
| 32 |
GraphAttacker: A General Multi-Task GraphAttack Framework |
⚔Attack |
📝arXiv |
Code |
2021 |
| 33 |
Graph Stochastic Neural Networks for Semi-supervised Learning |
⚔Attack |
📝arXiv |
Code |
2021 |
| 34 |
Iterative Deep Graph Learning for Graph Neural Networks: Better and Robust Node Embeddings |
⚔Attack |
📝arXiv |
Code |
2021 |
| 35 |
Single-Node Attack for Fooling Graph Neural Networks |
⚔Attack |
📝KDD Workshop |
Code |
2021 |
| 36 |
Poisoning Knowledge Graph Embeddings via Relation Inference Patterns |
⚔Attack |
📝ACL |
Code |
2021 |
| 37 |
Single Node Injection Attack against Graph Neural Networks |
⚔Attack |
📝CIKM |
Code |
2021 |
| 38 |
Adapting Membership Inference Attacks to GNN for Graph Classification: Approaches and Implications |
⚔Attack |
📝ICDM |
Code |
2021 |
| 39 |
Robustness of Graph Neural Networks at Scale |
⚔Attack |
📝NeurIPS |
Code |
2021 |
| 40 |
Graph Universal Adversarial Attacks: A Few Bad Actors Ruin Graph Learning Models |
⚔Attack |
📝IJCAI |
Code |
2021 |
| 41 |
Adversarial Attacks on Graph Classification via Bayesian Optimisation |
⚔Attack |
📝NeurIPS |
Code |
2021 |
| 42 |
Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods |
⚔Attack |
📝EMNLP |
Code |
2021 |
| 43 |
UNTANGLE: Unlocking Routing and Logic Obfuscation Using Graph Neural Networks-based Link Prediction |
⚔Attack |
📝ICCAD |
Code |
2021 |
| 44 |
GraphMI: Extracting Private Graph Data from Graph Neural Networks |
⚔Attack |
📝IJCAI |
Code |
2021 |
| 45 |
Learning to Deceive Knowledge Graph Augmented Models via Targeted Perturbation |
⚔Attack |
📝ICLR |
Code |
2020 |
| 46 |
Towards More Practical Adversarial Attacks on Graph Neural Networks |
⚔Attack |
📝NeurIPS |
Code |
2020 |
| 47 |
Adversarial Label-Flipping Attack and Defense for Graph Neural Networks |
⚔Attack |
📝ICDM |
Code |
2020 |
| 48 |
Exploratory Adversarial Attacks on Graph Neural Networks |
⚔Attack |
📝ICDM |
Code |
2020 |
| 49 |
A Targeted Universal Attack on Graph Convolutional Network |
⚔Attack |
📝arXiv |
Code |
2020 |
| 50 |
Backdoor Attacks to Graph Neural Networks |
⚔Attack |
📝SACMAT |
Code |
2020 |
| 51 |
Adversarial Attack on Community Detection by Hiding Individuals |
⚔Attack |
📝WWW |
Code |
2020 |
| 52 |
A Restricted Black-box Adversarial Framework Towards Attacking Graph Embedding Models |
⚔Attack |
📝AAAI |
Code |
2020 |
| 53 |
Scalable Attack on Graph Data by Injecting Vicious Nodes |
⚔Attack |
📝ECML-PKDD |
Code |
2020 |
| 54 |
Network disruption: maximizing disagreement and polarization in social networks |
⚔Attack |
📝arXiv |
Code |
2020 |
| 55 |
Structured Adversarial Attack Towards General Implementation and Better Interpretability |
⚔Attack |
📝ICLR |
Code |
2019 |
| 56 |
PeerNets Exploiting Peer Wisdom Against Adversarial Attacks |
⚔Attack |
📝ICLR |
Code |
2019 |
| 57 |
Adversarial Attacks on Node Embeddings via Graph Poisoning |
⚔Attack |
📝ICML |
Code |
2019 |
| 58 |
Adversarial Attacks on Graph Neural Networks via Meta Learning |
⚔Attack |
📝ICLR |
Code |
2019 |
| 59 |
Topology Attack and Defense for Graph Neural Networks: An Optimization Perspective |
⚔Attack |
📝IJCAI |
Code |
2019 |
| 60 |
Adversarial Examples on Graph Data: Deep Insights into Attack and Defense |
⚔Attack |
📝IJCAI |
Code |
2019 |
| 61 |
A Unified Framework for Data Poisoning Attack to Graph-based Semi-supervised Learning |
⚔Attack |
📝NeurIPS |
Code |
2019 |
| 62 |
Adversarial Attacks on Neural Networks for Graph Data |
⚔Attack |
📝KDD |
Code |
2018 |
| 63 |
Adversarial Attack on Graph Structured Data |
⚔Attack |
📝ICML |
Code |
2018 |
| 64 |
Adversarial Sets for Regularising Neural Link Predictors |
⚔Attack |
📝UAI |
Code |
2017 |
| 65 |
Adversarial Training for Graph Neural Networks: Pitfalls, Solutions, and New Directions |
🛡Defense |
📝NeurIPS |
Code |
2023 |
| 66 |
Empowering Graph Representation Learning with Test-Time Graph Transformation |
🛡Defense |
📝ICLR |
Code |
2023 |
| 67 |
Robust Training of Graph Neural Networks via Noise Governance |
🛡Defense |
📝WSDM |
Code |
2023 |
| 68 |
Self-Supervised Graph Structure Refinement for Graph Neural Networks |
🛡Defense |
📝WSDM |
Code |
2023 |
| 69 |
Revisiting Robustness in Graph Machine Learning |
🛡Defense |
📝ICLR |
Code |
2023 |
| 70 |
Unsupervised Adversarially-Robust Representation Learning on Graphs |
🛡Defense |
📝AAAI |
Code |
2022 |
| 71 |
Towards Robust Graph Neural Networks for Noisy Graphs with Sparse Labels |
🛡Defense |
📝WSDM |
Code |
2022 |
| 72 |
Mind Your Solver! On Adversarial Attack and Defense for Combinatorial Optimization |
🛡Defense |
📝arXiv |
Code |
2022 |
| 73 |
Graph Neural Network for Local Corruption Recovery |
🛡Defense |
📝arXiv |
Code |
2022 |
| 74 |
Defending Graph Convolutional Networks against Dynamic Graph Perturbations via Bayesian Self-supervision |
🛡Defense |
📝AAAI |
Code |
2022 |
| 75 |
SimGRACE: A Simple Framework for Graph Contrastive Learning without Data Augmentation |
🛡Defense |
📝WWW |
Code |
2022 |
| 76 |
GUARD: Graph Universal Adversarial Defense |
🛡Defense |
📝arXiv |
Code |
2022 |
| 77 |
Bayesian Robust Graph Contrastive Learning |
🛡Defense |
📝arXiv |
Code |
2022 |
| 78 |
Reliable Representations Make A Stronger Defender: Unsupervised Structure Refinement for Robust GNN |
🛡Defense |
📝KDD |
Code |
2022 |
| 79 |
Appearance and Structure Aware Robust Deep Visual Graph Matching: Attack, Defense and Beyond |
🛡Defense |
📝CVPR |
Code |
2022 |
| 80 |
How does Heterophily Impact Robustness of Graph Neural Networks? Theoretical Connections and Practical Implications |
🛡Defense |
📝KDD |
Code |
2022 |
| 81 |
Robust Graph Neural Networks using Weighted Graph Laplacian |
🛡Defense |
📝SPCOM |
Code |
2022 |
| 82 |
Robust Tensor Graph Convolutional Networks via T-SVD based Graph Augmentation |
🛡Defense |
📝KDD |
Code |
2022 |
| 83 |
Robust Node Classification on Graphs: Jointly from Bayesian Label Transition and Topology-based Label Propagation |
🛡Defense |
📝CIKM |
Code |
2022 |
| 84 |
On the Robustness of Graph Neural Diffusion to Topology Perturbations |
🛡Defense |
📝NeurIPS |
Code |
2022 |
| 85 |
Spectral Adversarial Training for Robust Graph Neural Network |
🛡Defense |
📝TKDE |
Code |
2022 |
| 86 |
You Can Have Better Graph Neural Networks by Not Training Weights at All: Finding Untrained GNNs Tickets |
🛡Defense |
📝LoG |
Code |
2022 |
| 87 |
Learning to Drop: Robust Graph Neural Network via Topological Denoising |
🛡Defense |
📝WSDM |
Code |
2021 |
| 88 |
Understanding Structural Vulnerability in Graph Convolutional Networks |
🛡Defense |
📝IJCAI |
Code |
2021 |
| 89 |
A Robust and Generalized Framework for Adversarial Graph Embedding |
🛡Defense |
📝arXiv |
Code |
2021 |
| 90 |
Information Obfuscation of Graph Neural Network |
🛡Defense |
📝ICML |
Code |
2021 |
| 91 |
Elastic Graph Neural Networks |
🛡Defense |
📝ICML |
Code |
2021 |
| 92 |
Node Similarity Preserving Graph Convolutional Networks |
🛡Defense |
📝WSDM |
Code |
2021 |
| 93 |
NetFense: Adversarial Defenses against Privacy Attacks on Neural Networks for Graph Data |
🛡Defense |
📝TKDE |
Code |
2021 |
| 94 |
Power up! Robust Graph Convolutional Network against Evasion Attacks based on Graph Powering |
🛡Defense |
📝AAAI |
Code |
2021 |
| 95 |
Unveiling the potential of Graph Neural Networks for robust Intrusion Detection |
🛡Defense |
📝arXiv |
Code |
2021 |
| 96 |
A Lightweight Metric Defence Strategy for Graph Neural Networks Against Poisoning Attacks |
🛡Defense |
📝ICICS |
Code |
2021 |
| 97 |
Node Feature Kernels Increase Graph Convolutional Network Robustness |
🛡Defense |
📝arXiv |
Code |
2021 |
| 98 |
Not All Low-Pass Filters are Robust in Graph Convolutional Networks |
🛡Defense |
📝NeurIPS |
Code |
2021 |
| 99 |
Graph Neural Networks with Adaptive Residual |
🛡Defense |
📝NeurIPS |
Code |
2021 |
| 100 |
Graph Posterior Network: Bayesian Predictive Uncertainty for Node Classification |
🛡Defense |
📝NeurIPS |
Code |
2021 |
| 101 |
Topological Relational Learning on Graphs |
🛡Defense |
📝NeurIPS |
Code |
2021 |
| 102 |
Variational Inference for Graph Convolutional Networks in the Absence of Graph Data and Adversarial Settings |
🛡Defense |
📝NeurIPS |
Code |
2020 |
| 103 |
Graph Random Neural Networks for Semi-Supervised Learning on Graphs |
🛡Defense |
📝NeurIPS |
Code |
2020 |
| 104 |
Reliable Graph Neural Networks via Robust Aggregation |
🛡Defense |
📝NeurIPS |
Code |
2020 |
| 105 |
Graph Adversarial Networks: Protecting Information against Adversarial Attacks |
🛡Defense |
📝ICLR OpenReview |
Code |
2020 |
| 106 |
A Feature-Importance-Aware and Robust Aggregator for GCN |
🛡Defense |
📝CIKM |
Code |
2020 |
| 107 |
Graph Information Bottleneck |
🛡Defense |
📝NeurIPS |
Code |
2020 |
| 108 |
Graph Contrastive Learning with Augmentations |
🛡Defense |
📝NeurIPS |
Code |
2020 |
| 109 |
Graph Structure Reshaping Against Adversarial Attacks on Graph Neural Networks |
🛡Defense |
📝None |
Code |
2020 |
| 110 |
Adversarial Privacy Preserving Graph Embedding against Inference Attack |
🛡Defense |
📝arXiv |
Code |
2020 |
| 111 |
GNNGuard: Defending Graph Neural Networks against Adversarial Attacks |
🛡Defense |
📝NeurIPS |
Code |
2020 |
| 112 |
Transferring Robustness for Graph Neural Network Against Poisoning Attacks |
🛡Defense |
📝WSDM |
Code |
2020 |
| 113 |
All You Need Is Low (Rank): Defending Against Adversarial Attacks on Graphs |
🛡Defense |
📝WSDM |
Code |
2020 |
| 114 |
Robust Detection of Adaptive Spammers by Nash Reinforcement Learning |
🛡Defense |
📝KDD |
Code |
2020 |
| 115 |
Graph Structure Learning for Robust Graph Neural Networks |
🛡Defense |
📝KDD |
Code |
2020 |
| 116 |
On The Stability of Polynomial Spectral Graph Filters |
🛡Defense |
📝ICASSP |
Code |
2020 |
| 117 |
On the Robustness of Cascade Diffusion under Node Attacks |
🛡Defense |
📝WWW |
Code |
2020 |
| 118 |
Enhancing Graph Neural Network-based Fraud Detectors against Camouflaged Fraudsters |
🛡Defense |
📝CIKM |
Code |
2020 |
| 119 |
DefenseVGAE: Defending against Adversarial Attacks on Graph Data via a Variational Graph Autoencoder |
🛡Defense |
📝arXiv |
Code |
2020 |
| 120 |
Graph-Revised Convolutional Network |
🛡Defense |
📝ECML-PKDD |
Code |
2020 |
| 121 |
Graph Adversarial Training: Dynamically Regularizing Based on Graph Structure |
🛡Defense |
📝TKDE |
Code |
2019 |
| 122 |
Bayesian graph convolutional neural networks for semi-supervised classification |
🛡Defense |
📝AAAI |
Code |
2019 |
| 123 |
Graph Interpolating Activation Improves Both Natural and Robust Accuracies in Data-Efficient Deep Learning |
🛡Defense |
📝arXiv |
Code |
2019 |
| 124 |
Adversarial Training Methods for Network Embedding |
🛡Defense |
📝WWW |
Code |
2019 |
| 125 |
Batch Virtual Adversarial Training for Graph Convolutional Networks |
🛡Defense |
📝ICML |
Code |
2019 |
| 126 |
Latent Adversarial Training of Graph Convolution Networks |
🛡Defense |
📝LRGSD@ICML |
Code |
2019 |
| 127 |
Characterizing Malicious Edges targeting on Graph Neural Networks |
🛡Defense |
📝ICLR OpenReview |
Code |
2019 |
| 128 |
Robust Graph Convolutional Networks Against Adversarial Attacks |
🛡Defense |
📝KDD |
Code |
2019 |
| 129 |
Investigating Robustness and Interpretability of Link Prediction via Adversarial Modifications |
🛡Defense |
📝NAACL |
Code |
2019 |
| 130 |
Adversarial Personalized Ranking for Recommendation |
🛡Defense |
📝SIGIR |
Code |
2018 |
| 131 |
Hierarchical Randomized Smoothing |
🔐Certification |
📝NeurIPS'2023 |
Code |
2023 |
| 132 |
(Provable) Adversarial Robustness for Group Equivariant Tasks: Graphs, Point Clouds, Molecules, and More |
🔐Certification |
📝NeurIPS'2023 |
Code |
2023 |
| 133 |
Randomized Message-Interception Smoothing: Gray-box Certificates for Graph Neural Networks |
🔐Certification |
📝NeurIPS'2022 |
Code |
2022 |
| 134 |
Certified Robustness of Graph Neural Networks against Adversarial Structural Perturbation |
🔐Certification |
📝KDD'2021 |
Code |
2021 |
| 135 |
Collective Robustness Certificates: Exploiting Interdependence in Graph Neural Networks |
🔐Certification |
📝ICLR'2021 |
Code |
2021 |
| 136 |
Certified Robustness of Graph Convolution Networks for Graph Classification under Topological Attacks |
🔐Certification |
📝NeurIPS'2020 |
Code |
2020 |
| 137 |
Efficient Robustness Certificates for Discrete Data: Sparsity - Aware Randomized Smoothing for Graphs, Images and More |
🔐Certification |
📝ICML'2020 |
Code |
2020 |
| 138 |
Certifiable Robustness of Graph Convolutional Networks under Structure Perturbation |
🔐Certification |
📝KDD'2020 |
Code |
2020 |
| 139 |
Certifiable Robustness and Robust Training for Graph Convolutional Networks |
🔐Certification |
📝KDD'2019 |
Code |
2019 |
| 140 |
Certifiable Robustness to Graph Perturbations |
🔐Certification |
📝NeurIPS'2019 |
Code |
2019 |
| 141 |
Towards a Unified Framework for Fair and Stable Graph Representation Learning |
⚖Stability |
📝UAI'2021 |
Code |
2021 |
| 142 |
Shift-Robust GNNs: Overcoming the Limitations of Localized Graph Training data |
⚖Stability |
📝NeurIPS'2021 |
Code |
2021 |
| 143 |
When Do GNNs Work: Understanding and Improving Neighborhood Aggregation |
⚖Stability |
📝IJCAI Workshop'2019 |
Code |
2019 |
| 144 |
Evaluating Robustness and Uncertainty of Graph Models Under Structural Distributional Shifts |
🚀Others |
📝arXiv‘2023 |
Code |
2023 |
| 145 |
A Systematic Evaluation of Node Embedding Robustness |
🚀Others |
📝LoG‘2022 |
Code |
2022 |
| 146 |
FLAG: Adversarial Data Augmentation for Graph Neural Networks |
🚀Others |
📝arXiv'2020 |
Code |
2020 |
| 147 |
Training Robust Graph Neural Network by Applying Lipschitz Constant Constraint |
🚀Others |
📝CentraleSupélec'2020 |
Code |
2020 |
| 148 |
DeepRobust: a Platform for Adversarial Attacks and Defenses |
⚙Toolbox |
📝AAAI’2021 |
DeepRobust |
2021 |
| 149 |
GreatX: A graph reliability toolbox based on PyTorch and PyTorch Geometric |
⚙Toolbox |
📝arXiv’2022 |
GreatX |
2022 |
| 150 |
Evaluating Graph Vulnerability and Robustness using TIGER |
⚙Toolbox |
📝arXiv‘2021 |
TIGER |
2021 |
| 151 |
Graph Robustness Benchmark: Rethinking and Benchmarking Adversarial Robustness of Graph Neural Networks |
⚙Toolbox |
📝NeurIPS'2021 |
Graph Robustness Benchmark (GRB) |
2021 |