Data Poisoning Attack against Knowledge Graph Embedding
This addresses a security vulnerability in knowledge graph systems, which are used in tasks like recommendation and question answering, by introducing novel attack methods for a previously understudied area.
The authors tackled the problem of adversarial attacks on knowledge graph embeddings by proposing data poisoning strategies that manipulate the plausibility of targeted facts through additions or deletions, achieving effective results as verified on two benchmarks.
Knowledge graph embedding (KGE) is a technique for learning continuous embeddings for entities and relations in the knowledge graph.Due to its benefit to a variety of downstream tasks such as knowledge graph completion, question answering and recommendation, KGE has gained significant attention recently. Despite its effectiveness in a benign environment, KGE' robustness to adversarial attacks is not well-studied. Existing attack methods on graph data cannot be directly applied to attack the embeddings of knowledge graph due to its heterogeneity. To fill this gap, we propose a collection of data poisoning attack strategies, which can effectively manipulate the plausibility of arbitrary targeted facts in a knowledge graph by adding or deleting facts on the graph. The effectiveness and efficiency of the proposed attack strategies are verified by extensive evaluations on two widely-used benchmarks.