Poisoning Knowledge Graph Embeddings via Relation Inference Patterns

Bhardwaj, Peru; Kelleher, John D.; Costabello, Luca; O’Sullivan, Declan

doi:10.18653/v1/2021.acl-long.147

Cited by 10 publications

(3 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Additionally, as in Bhardwaj (2020); Bhardwaj et al (2021), we call for future proposals to defend against the security vulnerabilities of KGE models. Some promising directions might be to use adversarial training techniques or train ensembles of models over subsets of training data to prevent the model predictions being influenced by a few triples only.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods

Bhardwaj¹,

Kelleher²,

Costabello³

et al. 2021

Proceedings of the 2021 Conference on Empirical Methods in Natural Language Processing

Self Cite

View full text Add to dashboard Cite

Despite the widespread use of Knowledge Graph Embeddings (KGE), little is known about the security vulnerabilities that might disrupt their intended behaviour. We study data poisoning attacks against KGE models for link prediction. These attacks craft adversarial additions or deletions at training time to cause model failure at test time. To select adversarial deletions, we propose to use the model-agnostic instance attribution methods from Interpretable Machine Learning, which identify the training instances that are most influential to a neural model's predictions on test instances. We use these influential triples as adversarial deletions. We further propose a heuristic method to replace one of the two entities in each influential triple to generate adversarial additions. Our experiments show that the proposed strategies outperform the state-ofart data poisoning attacks on KGE models and improve the MRR degradation due to the attacks by up to 62% over the baselines.

show abstract

Section: Discussionmentioning

confidence: 99%

“…We also study data poisoning attacks against KGE models in Bhardwaj et al (2021). Here, we exploit the inductive abilities of KGE models to select adversarial additions that improve the predictive performance of the model on a set of decoy triples; which in turn degrades the performance on target triples.…”

Section: Comparison Of Datasetsmentioning

confidence: 99%

Adversarial Attacks on Knowledge Graph Embeddings via Instance Attribution Methods

Bhardwaj¹,

Kelleher²,

Costabello³

et al. 2021

Proceedings of the 2021 Conference on Empirical Methods in Natural Language Processing

Self Cite

View full text Add to dashboard Cite

show abstract

“…Similar problems are seen in the VeReMi Extension database, which has been widely utilized to learn ML classifiers to classify misbehaving nodes in VANETs. There are several approaches to solving this issue: changing the machine learning approach, adding an inaccurate categorization fee, and data sampling [20]. In the context of VANETs, the researchers [21] attempt to oversample the minority category by employing the Synthetic Minority Oversampling Technique (SMOTE), an approach to data augmentation for the less category [22] [23] that duplicates instances from the less category, in order to avoid the issue of imbalanced datasets.…”

Section: B Tackling Unbalanced Datamentioning

confidence: 99%

One Versus All Binary Tree Method to Classify Misbehaviors in Imbalanced VeReMi Dataset

Slama,

Tarhouni,

Zidi

et al. 2023

IEEE Access

View full text Add to dashboard Cite

Nowadays, transportation networks depend heavily on the technology known as vehicular ad hoc networks (VANETs). VANETs enhance traffic control and road safety while also enabling vehicle-tovehicle communication using basic safety messages (BSM), which are susceptible to different kinds of attacks. This study focuses on techniques for detecting and classifying misbehavior in VANETs while dealing with unbalanced data. In order to ensure equal treatment of minority and majority categories, we provide a novel method called One vs. All Binary Tree (OVA-BT). This approach separates binary classifiers for each kind of misbehavior and provides specific assessment metrics for each kind of misbehavior.We evaluate our experiment using five-fold cross-validation with six individual models of ML and an ensemble classifier. The findings demonstrated that the use of OVA-BT enhances the classification accuracy when compared to a traditional single multi-class model and that the classifier ensemble's classification performance is greater than the best individual model on the testing set.

show abstract