Safety in Graph Machine Learning: Threats and Safeguards
Song Wang, Yushun Dong, Binchi Zhang, Zihan Chen, Xingbo Fu, Yinhan He, Cong Shen, Chuxu Zhang, Nitesh V. Chawla, Jundong Li
TL;DR
This survey addresses safety in Graph ML by organizing issues into three core aspects—reliability, generalizability, and confidentiality—and by classifying threats as model, data, or attack. It provides a systematic review of threats and safeguards across these axes, detailing uncertainty quantification, anomaly detection, data-poisoning defenses, domain and test-time adaptation, evasion defenses, privacy-preserving techniques (differential privacy, graph unlearning), federated graph learning, and model-stealing protections. The paper contributes a novel taxonomy, a comprehensive threat-guides mapping, and practical directions for building safe Graph ML systems with real-world impact in finance, healthcare, and beyond. Overall, it lays groundwork for safety-centered research and guides practitioners toward robust, privacy-preserving, and generalizable graph-based decision making.
Abstract
Graph Machine Learning (Graph ML) has witnessed substantial advancements in recent years. With their remarkable ability to process graph-structured data, Graph ML techniques have been extensively utilized across diverse applications, including critical domains like finance, healthcare, and transportation. Despite their societal benefits, recent research highlights significant safety concerns associated with the widespread use of Graph ML models. Lacking safety-focused designs, these models can produce unreliable predictions, demonstrate poor generalizability, and compromise data confidentiality. In high-stakes scenarios such as financial fraud detection, these vulnerabilities could jeopardize both individuals and society at large. Therefore, it is imperative to prioritize the development of safety-oriented Graph ML models to mitigate these risks and enhance public confidence in their applications. In this survey paper, we explore three critical aspects vital for enhancing safety in Graph ML: reliability, generalizability, and confidentiality. We categorize and analyze threats to each aspect under three headings: model threats, data threats, and attack threats. This novel taxonomy guides our review of effective strategies to protect against these threats. Our systematic review lays a groundwork for future research aimed at developing practical, safety-centered Graph ML models. Furthermore, we highlight the significance of safe Graph ML practices and suggest promising avenues for further investigation in this crucial area.