all InfoSec news
Attacking Graph Neural Networks with Bit Flips: Weisfeiler and Lehman Go Indifferent. (arXiv:2311.01205v1 [cs.LG])
cs.CR updates on arXiv.org arxiv.org
Prior attacks on graph neural networks have mostly focused on graph poisoning
and evasion, neglecting the network's weights and biases. Traditional
weight-based fault injection attacks, such as bit flip attacks used for
convolutional neural networks, do not consider the unique properties of graph
neural networks. We propose the Injectivity Bit Flip Attack, the first bit flip
attack designed specifically for graph neural networks. Our attack targets the
learnable neighborhood aggregation functions in quantized message passing
neural networks, degrading their ability …
attacks biases evasion flip graph injection injection attacks network networks neural networks poisoning