GNN Explanations that do not Explain and How to find Them
Steve Azzolin, Stefano Teso, Bruno Lepri, Andrea Passerini, Sagar Malhotra
TL;DR
This paper reveals a counterintuitive vulnerability in Self-Explainable Graph Neural Networks: explanations can be completely unfaithful to the model’s inference yet yield near-perfect accuracy. It provides theoretical conditions showing how label-encoding via anchor sets can produce degenerate explanations, and demonstrates both malicious manipulation and natural emergence of such explanations. To counter this, the authors introduce Extension Sufficiency Test (EST), a robust, perturbation-spanning faithfulness metric, and an empirical benchmark for evaluating faithfulness metrics. Through extensive experiments across multiple graph tasks, EST consistently identifies unfaithful explanations where prior metrics fail, highlighting the need for auditable, reliable explanations in high-stakes settings. Overall, the work emphasizes auditing and robust verification of explanations to ensure that SE-GNNs reveal genuine reasoning rather than superficial or concealed patterns, especially regarding protected attributes.
Abstract
Explanations provided by Self-explainable Graph Neural Networks (SE-GNNs) are fundamental for understanding the model's inner workings and for identifying potential misuse of sensitive attributes. Although recent works have highlighted that these explanations can be suboptimal and potentially misleading, a characterization of their failure cases is unavailable. In this work, we identify a critical failure of SE-GNN explanations: explanations can be unambiguously unrelated to how the SE-GNNs infer labels. We show that, on the one hand, many SE-GNNs can achieve optimal true risk while producing these degenerate explanations, and on the other, most faithfulness metrics can fail to identify these failure modes. Our empirical analysis reveals that degenerate explanations can be maliciously planted (allowing an attacker to hide the use of sensitive attributes) and can also emerge naturally, highlighting the need for reliable auditing. To address this, we introduce a novel faithfulness metric that reliably marks degenerate explanations as unfaithful, in both malicious and natural settings. Our code is available in the supplemental.
