DeepAI AI Chat
Log In Sign Up

Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods

by   Peru Bhardwaj, et al.
ADAPT Centre

Despite the widespread use of Knowledge Graph Embeddings (KGE), little is known about the security vulnerabilities that might disrupt their intended behaviour. We study data poisoning attacks against KGE models for link prediction. These attacks craft adversarial additions or deletions at training time to cause model failure at test time. To select adversarial deletions, we propose to use the model-agnostic instance attribution methods from Interpretable Machine Learning, which identify the training instances that are most influential to a neural model's predictions on test instances. We use these influential triples as adversarial deletions. We further propose a heuristic method to replace one of the two entities in each influential triple to generate adversarial additions. Our experiments show that the proposed strategies outperform the state-of-art data poisoning attacks on KGE models and improve the MRR degradation due to the attacks by up to 62


page 1

page 2

page 3

page 4


Poisoning Knowledge Graph Embeddings via Relation Inference Patterns

We study the problem of generating data poisoning attacks against Knowle...

Adversarial Attacks on Neural Networks for Graph Data

Deep learning models for graphs have achieved strong performance for the...

Attribution of Gradient Based Adversarial Attacks for Reverse Engineering of Deceptions

Machine Learning (ML) algorithms are susceptible to adversarial attacks ...

Adversarial Robustness of Representation Learning for Knowledge Graphs

Knowledge graphs represent factual knowledge about the world as relation...

Can Adversarial Examples Be Parsed to Reveal Victim Model Information?

Numerous adversarial attack methods have been developed to generate impe...

Investigating Robustness and Interpretability of Link Prediction via Adversarial Modifications

Representing entities and relations in an embedding space is a well-stud...

Are You Tampering With My Data?

We propose a novel approach towards adversarial attacks on neural networ...