Power up! Robust Graph Convolutional Network via Graph Powering
This work addresses the adversarial robustness problem for users of graph-structured data in machine learning, representing an incremental improvement by building on existing GCN methods.
The paper tackles the vulnerability of Graph Convolutional Networks (GCNs) to topological attacks by proposing a new convolution operator based on robust graph theory, which is provably robust in the spectral domain and improves expressivity and interpretability. It also introduces a robust training paradigm using a sequence of graphs to enhance transferability, with experiments showing simultaneous performance gains in both benign and adversarial scenarios.
Graph convolutional networks (GCNs) are powerful tools for graph-structured data. However, they have been recently shown to be vulnerable to topological attacks. To enhance adversarial robustness, we go beyond spectral graph theory to robust graph theory. By challenging the classical graph Laplacian, we propose a new convolution operator that is provably robust in the spectral domain and is incorporated in the GCN architecture to improve expressivity and interpretability. By extending the original graph to a sequence of graphs, we also propose a robust training paradigm that encourages transferability across graphs that span a range of spatial and spectral characteristics. The proposed approaches are demonstrated in extensive experiments to simultaneously improve performance in both benign and adversarial situations.