Data Poisoning Attack against Knowledge Graph Embedding

Data Poisoning Attack against Knowledge Graph Embedding

Hengtong Zhang, Tianhang Zheng, Jing Gao, Chenglin Miao, Lu Su, Yaliang Li, Kui Ren

Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence
Main track. Pages 4853-4859. https://doi.org/10.24963/ijcai.2019/674

Knowledge graph embedding (KGE) is a technique for learning continuous embeddings for entities and relations in the knowledge graph. Due to its benefit to a variety of downstream tasks such as knowledge graph completion, question answering and recommendation, KGE has gained significant attention recently. Despite its effectiveness in a benign environment, KGE's robustness to adversarial attacks is not well-studied. Existing attack methods on graph data cannot be directly applied to attack the embeddings of knowledge graph due to its heterogeneity. To fill this gap, we propose a collection of data poisoning attack strategies, which can effectively manipulate the plausibility of arbitrary targeted facts in a knowledge graph by adding or deleting facts on the graph. The effectiveness and efficiency of the proposed attack strategies are verified by extensive evaluations on two widely-used benchmarks.
Keywords:
Multidisciplinary Topics and Applications: Security and Privacy
Machine Learning: Adversarial Machine Learning