Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods

Peru Bhardwaj; John Kelleher; Luca Costabello; Declan O’Sullivan

2021 EMNLP EMNLP 2021

Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods

Abstract

AbstractDespite the widespread use of Knowledge Graph Embeddings (KGE), little is known about the security vulnerabilities that might disrupt their intended behaviour. We study data poisoning attacks against KGE models for link prediction. These attacks craft adversarial additions or deletions at training time to cause model failure at test time. To select adversarial deletions, we propose to use the model-agnostic instance attribution methods from Interpretable Machine Learning, which identify the training instances that are most influential to a neural model’s predictions on test instances. We use these influential triples as adversarial deletions. We further propose a heuristic method to replace one of the two entities in each influential triple to generate adversarial additions. Our experiments show that the proposed strategies outperform the state-of-art data poisoning attacks on KGE models and improve the MRR degradation due to the attacks by up to 62% over the baselines.

🌉 Interdisciplinary Bridge — Artificial Intelligence and Knowledge & Reasoning and Machine Learning

🧭 Keyword Pioneer — instance attribution

🐝 Cross-Pollinator — Artificial Intelligence, Computer Science, Computer Vision, Data Science & Analytics, Deep Learning, Healthcare & Medicine, Interdisciplinary, Knowledge & Reasoning, Machine Learning, Mathematics & Optimization, Natural Language Processing, Reinforcement Learning, Security & Privacy, Speech & Audio

Authors

Peru Bhardwaj , John Kelleher , Luca Costabello , Declan O’Sullivan

Topics

Machine Learning > Learning Types > Adversarial Learning Machine Learning > Application Areas > Privacy Knowledge & Reasoning > Representation > Knowledge Graphs Artificial Intelligence > Core AI > Adversarial Learning Artificial Intelligence > Core AI > Knowledge Graph

Keywords

link prediction data poisoning adversarial attack knowledge graph embedding instance attribution

Download PDF

Related papers

Continual Learning in Multilingual NMT via Language-Specific Embeddings 2021

MultiDoc2Dial: Modeling Dialogues Grounded in Multiple Documents 2021

Efficient Multi-Task Auxiliary Learning: Selecting Auxiliary Data by Feature Similarity 2021

Neural Machine Translation with Heterogeneous Topic Knowledge Embeddings 2021

Semantics-Preserved Data Augmentation for Aspect-Based Sentiment Analysis 2021