TrustGuard: GNN-based Robust and Explainable Trust Evaluation with Dynamicity Support

TL;DR

TrustGuard introduces a four-layer GNN framework that explicitly accounts for trust dynamicity, robustness against trust-related attacks, and explainability through visualizable robust coefficients and temporal attention. The spatial layer uses a dual-role, robust aggregation to handle attacker influence, while the temporal layer employs a position-aware multi-head attention to capture evolving trust patterns, culminating in an MLP that predicts directed trust levels. Empirical results on Bitcoin-OTC and Bitcoin-Alpha show consistent improvements over state-of-the-art baselines in single- and multi-timeslot prediction, both with and without attacks, and demonstrate explainability via visualization and a user study. The work also provides thorough ablations and sensitivity analyses, supporting the significance of dual-role representations, temporal attention, and defense mechanisms, and discusses scalability, extensions to node/community trust, and remaining limitations.

Abstract

Trust evaluation assesses trust relationships between entities and facilitates decision-making. Machine Learning (ML) shows great potential for trust evaluation owing to its learning capabilities. In recent years, Graph Neural Networks (GNNs), as a new ML paradigm, have demonstrated superiority in dealing with graph data. This has motivated researchers to explore their use in trust evaluation, as trust relationships among entities can be modeled as a graph. However, current trust evaluation methods that employ GNNs fail to fully satisfy the dynamic nature of trust, overlook the adverse effects of trust-related attacks, and cannot provide convincing explanations on evaluation results. To address these problems, we propose TrustGuard, a GNN-based accurate trust evaluation model that supports trust dynamicity, is robust against typical attacks, and provides explanations through visualization. Specifically, TrustGuard is designed with a layered architecture that contains a snapshot input layer, a spatial aggregation layer, a temporal aggregation layer, and a prediction layer. Among them, the spatial aggregation layer adopts a defense mechanism to robustly aggregate local trust, and the temporal aggregation layer applies an attention mechanism for effective learning of temporal patterns. Extensive experiments on two real-world datasets show that TrustGuard outperforms state-of-the-art GNN-based trust evaluation models with respect to trust prediction across single-timeslot and multi-timeslot, even in the presence of attacks. In addition, TrustGuard can explain its evaluation results by visualizing both spatial and temporal views.

Figures (12)

• Figure 1: Overall architecture of TrustGuard. Lines of different colors in the spatial aggregation layer indicate the trust propagation and aggregation from the different-order neighbors of node $u$.
• Figure 2: Experimental results of trust prediction over multiple future timeslots.
• Figure 3: Experimental results on the robustness of TrustGuard and baselines under different attacks. (a), (b), and (c) are the results based on Bitcoin-OTC. (d), (e), and (f) are the results based on Bitcoin-Alpha. De: Defense mechanism. TrustGuard is equipped with a mean aggregator in the "attacks+w/o De" setting. On-off attack is only available in dynamic graph models, i.e., TrustGuard herein.
• Figure 4: Visualization of robust coefficients. The results are based on the single-timeslot prediction on observed nodes based on Bitcoin-OTC. Co-bad/Co-good-mouthing attack denotes a collaborative version herein.
• Figure 5: Visualization of attention scores. The results are based on single-timeslot prediction on observed nodes.