Poisoning Knowledge Graph Embeddings via Relation Inference Patterns
This work addresses security vulnerabilities in KGE models for link prediction, which is incremental as it builds on existing poisoning attack methods by leveraging specific inference patterns.
The paper tackles the problem of data poisoning attacks on Knowledge Graph Embedding (KGE) models for link prediction by exploiting inference patterns like symmetry, inversion, and composition to degrade prediction confidence on target facts. The proposed attacks outperform state-of-the-art baselines on four KGE models across two datasets, with symmetry-based attacks showing generalization across all model-dataset combinations.
We study the problem of generating data poisoning attacks against Knowledge Graph Embedding (KGE) models for the task of link prediction in knowledge graphs. To poison KGE models, we propose to exploit their inductive abilities which are captured through the relationship patterns like symmetry, inversion and composition in the knowledge graph. Specifically, to degrade the model's prediction confidence on target facts, we propose to improve the model's prediction confidence on a set of decoy facts. Thus, we craft adversarial additions that can improve the model's prediction confidence on decoy facts through different inference patterns. Our experiments demonstrate that the proposed poisoning attacks outperform state-of-art baselines on four KGE models for two publicly available datasets. We also find that the symmetry pattern based attacks generalize across all model-dataset combinations which indicates the sensitivity of KGE models to this pattern.