Timezone: »
Poster
Are Defenses for Graph Neural Networks Robust?
Felix Mujkanovic · Simon Geisler · Stephan Günnemann · Aleksandar Bojchevski
A cursory reading of the literature suggests that we have made a lot of progress in designing effective adversarial defenses for Graph Neural Networks (GNNs). Yet, the standard methodology has a serious flaw – virtually all of the defenses are evaluated against non-adaptive attacks leading to overly optimistic robustness estimates. We perform a thorough robustness analysis of 7 of the most popular defenses spanning the entire spectrum of strategies, i.e., aimed at improving the graph, the architecture, or the training. The results are sobering – most defenses show no or only marginal improvement compared to an undefended baseline. We advocate using custom adaptive attacks as a gold standard and we outline the lessons we learned from successfully designing such attacks. Moreover, our diverse collection of perturbed graphs forms a (black-box) unit test offering a first glance at a model's robustness.
Author Information
Felix Mujkanovic (Technical University of Munich)
Simon Geisler (Technical University of Munich)
Stephan Günnemann (Technical University of Munich)
Aleksandar Bojchevski (CISPA Helmholtz Center for Information Security)
More from the Same Authors
-
2021 : Whole Brain Vessel Graphs: A Dataset and Benchmark for Graph Learning and Neuroscience »
Johannes C. Paetzold · Julian McGinnis · Suprosanna Shit · Ivan Ezhov · Paul Büschl · Chinmay Prabhakar · Anjany Sekuboyina · Mihail Todorov · Georgios Kaissis · Ali Ertürk · Stephan Günnemann · Bjoern Menze -
2021 : 3D Pre-training improves GNNs for Molecular Property Prediction »
Hannes Stärk · Dominique Beaini · Gabriele Corso · Prudencio Tossou · Christian Dallago · Stephan Günnemann · Pietro Lió -
2021 : 3D Pre-training improves GNNs for Molecular Property Prediction »
Hannes Stärk · Gabriele Corso · Christian Dallago · Stephan Günnemann · Pietro Lió -
2022 : torchode: A Parallel ODE Solver for PyTorch »
Marten Lienen · Stephan Günnemann -
2022 : Modeling Temporal Data as Continuous Functions with Process Diffusion »
Marin Biloš · Kashif Rasul · Anderson Schneider · Yuriy Nevmyvaka · Stephan Günnemann -
2022 : Training Differentially Private Graph Neural Networks with Random Walk Sampling »
Morgane Ayle · Jan Schuchardt · Lukas Gosch · Daniel Zügner · Stephan Günnemann -
2022 : Revisiting Robustness in Graph Machine Learning »
Lukas Gosch · Daniel Sturm · Simon Geisler · Stephan Günnemann -
2022 : Revisiting Robustness in Graph Machine Learning »
Lukas Gosch · Daniel Sturm · Simon Geisler · Stephan Günnemann -
2022 : Contributed Talk: Revisiting Robustness in Graph Machine Learning »
Lukas Gosch · Daniel Sturm · Simon Geisler · Stephan Günnemann -
2022 Poster: Invariance-Aware Randomized Smoothing Certificates »
Jan Schuchardt · Stephan Günnemann -
2022 Poster: Predicting Cellular Responses to Novel Drug Perturbations at a Single-Cell Resolution »
Leon Hetzel · Simon Boehm · Niki Kilbertus · Stephan Günnemann · mohammad lotfollahi · Fabian Theis -
2022 Poster: Randomized Message-Interception Smoothing: Gray-box Certificates for Graph Neural Networks »
Yan Scholten · Jan Schuchardt · Simon Geisler · Aleksandar Bojchevski · Stephan Günnemann -
2021 Poster: Robustness of Graph Neural Networks at Scale »
Simon Geisler · Tobias Schmidt · Hakan Şirin · Daniel Zügner · Aleksandar Bojchevski · Stephan Günnemann -
2021 Poster: Directional Message Passing on Molecular Graphs via Synthetic Coordinates »
Johannes Gasteiger · Chandan Yeshwanth · Stephan Günnemann -
2021 Poster: Neural Flows: Efficient Alternative to Neural ODEs »
Marin Biloš · Johanna Sommer · Syama Sundar Rangapuram · Tim Januschowski · Stephan Günnemann -
2021 Poster: Detecting Anomalous Event Sequences with Temporal Point Processes »
Oleksandr Shchur · Ali Caner Turkmen · Tim Januschowski · Jan Gasthaus · Stephan Günnemann -
2021 Poster: GemNet: Universal Directional Graph Neural Networks for Molecules »
Johannes Gasteiger · Florian Becker · Stephan Günnemann -
2021 Poster: Graph Posterior Network: Bayesian Predictive Uncertainty for Node Classification »
Maximilian Stadler · Bertrand Charpentier · Simon Geisler · Daniel Zügner · Stephan Günnemann -
2020 Poster: Fast and Flexible Temporal Point Processes with Triangular Maps »
Oleksandr Shchur · Nicholas Gao · Marin Biloš · Stephan Günnemann -
2020 Poster: Deep Rao-Blackwellised Particle Filters for Time Series Forecasting »
Richard Kurle · Syama Sundar Rangapuram · Emmanuel de Bézenac · Stephan Günnemann · Jan Gasthaus -
2020 Poster: Reliable Graph Neural Networks via Robust Aggregation »
Simon Geisler · Daniel Zügner · Stephan Günnemann -
2020 Oral: Fast and Flexible Temporal Point Processes with Triangular Maps »
Oleksandr Shchur · Nicholas Gao · Marin Biloš · Stephan Günnemann -
2020 Poster: Posterior Network: Uncertainty Estimation without OOD Samples via Density-Based Pseudo-Counts »
Bertrand Charpentier · Daniel Zügner · Stephan Günnemann -
2019 Poster: Failing Loudly: An Empirical Study of Methods for Detecting Dataset Shift »
Stephan Rabanser · Stephan Günnemann · Zachary Lipton -
2019 Poster: Diffusion Improves Graph Learning »
Johannes Gasteiger · Stefan Weißenberger · Stephan Günnemann -
2019 Poster: Uncertainty on Asynchronous Time Event Prediction »
Marin Biloš · Bertrand Charpentier · Stephan Günnemann -
2019 Spotlight: Uncertainty on Asynchronous Time Event Prediction »
Marin Biloš · Bertrand Charpentier · Stephan Günnemann -
2019 Poster: Certifiable Robustness to Graph Perturbations »
Aleksandar Bojchevski · Stephan Günnemann -
2018 : Spotlights »
Guangneng Hu · Ke Li · Aviral Kumar · Phi Vu Tran · Samuel G. Fadel · Rita Kuznetsova · Bong-Nam Kang · Behrouz Haji Soleimani · Jinwon An · Nathan de Lara · Anjishnu Kumar · Tillman Weyde · Melanie Weber · Kristen Altenburger · Saeed Amizadeh · Xiaoran Xu · Yatin Nandwani · Yang Guo · Maria Pacheco · William Fedus · Guillaume Jaume · Yuka Yoneda · Yunpu Ma · Yunsheng Bai · Berk Kapicioglu · Maximilian Nickel · Fragkiskos Malliaros · Beier Zhu · Aleksandar Bojchevski · Joshua Joseph · Gemma Roig · Esma Balkir · Xander Steenbrugge