Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Hypergraph Attacks via Injecting Homogeneous Nodes into Elite Hyperedges

Meixia He, Peican Zhu, Keke Tang, Yangming Guo

TL;DR

This work addresses adversarial attacks on Hypergraph Neural Networks (HGNNs) by shifting from hypergraph modification to node-injection attacks that exploit node-spanning and hyperedge group identity. The authors introduce IE-Attack, comprising an Elite Hyperedges Sampler to identify influential hyperedges based on a cycle-ratio metric and a Kernel Density Estimation (KDE)–based Homogeneous Node Generator to craft attacker nodes with group-consistent features. By injecting a single homogeneous node into elite hyperedges, IE-Attack achieves higher misclassification rates than state-of-the-art baselines across five datasets and multiple hypergraph construction methods, while remaining robust to detection methods. The results demonstrate the practical impact of considering higher-order propagation dynamics and social-group-inspired hyperedge identity in crafting imperceptible, effective attacks on HGNNs, with future work extending to black-box scenarios and other HGNN variants.

Abstract

Recent studies have shown that Hypergraph Neural Networks (HGNNs) are vulnerable to adversarial attacks. Existing approaches focus on hypergraph modification attacks guided by gradients, overlooking node spanning in the hypergraph and the group identity of hyperedges, thereby resulting in limited attack performance and detectable attacks. In this manuscript, we present a novel framework, i.e., Hypergraph Attacks via Injecting Homogeneous Nodes into Elite Hyperedges (IE-Attack), to tackle these challenges. Initially, utilizing the node spanning in the hypergraph, we propose the elite hyperedges sampler to identify hyperedges to be injected. Subsequently, a node generator utilizing Kernel Density Estimation (KDE) is proposed to generate the homogeneous node with the group identity of hyperedges. Finally, by injecting the homogeneous node into elite hyperedges, IE-Attack improves the attack performance and enhances the imperceptibility of attacks. Extensive experiments are conducted on five authentic datasets to validate the effectiveness of IE-Attack and the corresponding superiority to state-of-the-art methods.

Hypergraph Attacks via Injecting Homogeneous Nodes into Elite Hyperedges

TL;DR

This work addresses adversarial attacks on Hypergraph Neural Networks (HGNNs) by shifting from hypergraph modification to node-injection attacks that exploit node-spanning and hyperedge group identity. The authors introduce IE-Attack, comprising an Elite Hyperedges Sampler to identify influential hyperedges based on a cycle-ratio metric and a Kernel Density Estimation (KDE)–based Homogeneous Node Generator to craft attacker nodes with group-consistent features. By injecting a single homogeneous node into elite hyperedges, IE-Attack achieves higher misclassification rates than state-of-the-art baselines across five datasets and multiple hypergraph construction methods, while remaining robust to detection methods. The results demonstrate the practical impact of considering higher-order propagation dynamics and social-group-inspired hyperedge identity in crafting imperceptible, effective attacks on HGNNs, with future work extending to black-box scenarios and other HGNN variants.

Abstract

Recent studies have shown that Hypergraph Neural Networks (HGNNs) are vulnerable to adversarial attacks. Existing approaches focus on hypergraph modification attacks guided by gradients, overlooking node spanning in the hypergraph and the group identity of hyperedges, thereby resulting in limited attack performance and detectable attacks. In this manuscript, we present a novel framework, i.e., Hypergraph Attacks via Injecting Homogeneous Nodes into Elite Hyperedges (IE-Attack), to tackle these challenges. Initially, utilizing the node spanning in the hypergraph, we propose the elite hyperedges sampler to identify hyperedges to be injected. Subsequently, a node generator utilizing Kernel Density Estimation (KDE) is proposed to generate the homogeneous node with the group identity of hyperedges. Finally, by injecting the homogeneous node into elite hyperedges, IE-Attack improves the attack performance and enhances the imperceptibility of attacks. Extensive experiments are conducted on five authentic datasets to validate the effectiveness of IE-Attack and the corresponding superiority to state-of-the-art methods.

Paper Structure

This paper contains 24 sections, 12 equations, 5 figures, 4 tables.

Table of Contents

  1. Introduction
  2. Related Works
  3. Graph Injection Attack
  4. Hypergraph Neural Networks
  5. Preliminary and Problem Statement
  6. Graph Neural Networks
  7. Hypergraph Neural Networks
  8. Main Challenges of Node Injection Attack in HGNNs
  9. Methodology
  10. Elite Hyperedges Sampler
  11. Homogeneous Node Generator
  12. Injection Attack for HGNNs
  13. Optimization
  14. Experiments
  15. Experimental Setting
  16. ...and 9 more sections

Figures (5)

  • Figure 1: An illustration of the attack scenarios of hypergraph. (a) The same user spans multiple chat groups and chat groups exhibit group identity in social network. (b) Current hypergraph attack methods only involve hypergraph modification attacks and are easily detectable.
  • Figure 2: Framework of IE-Attack. (a) Elite Hyperedges Sampler obtains elite hyperedges. (b) Homogeneous Node Generator generates the homogeneous node. (c) IE-Attack attacks HGNNs by injecting the homogeneous node into elite hyperedges.
  • Figure 3: Visualization of node classification obtained by HGNNs after attack on Cora under Hyper-KNN.
  • Figure 4: Misclassification rate (%) of IE-Attack compared to other methods for obtaining elite hyperedges.
  • Figure 5: Attack performance of IE-Attack compared to baselines under elite hyperedge perturbation budget $\eta$.