Graphs are commonly used to model complex networks prevalent in modern social media and literacy applications. Our research investigates the vulnerability of these graphs through the application of feature based adversarial attacks, focusing on both decision-time attacks and poisoning attacks. In contrast to state-of-the-art models like Net Attack and Meta Attack, which target node attributes and graph structure, our study specifically targets node attributes. For our analysis, we utilized the text dataset Hellaswag and graph datasets Cora and CiteSeer, providing a diverse basis for evaluation. Our findings indicate that decision-time attacks using Projected Gradient Descent (PGD) are more potent compared to poisoning attacks that employ Mean Node Embeddings and Graph Contrastive Learning strategies. This provides insights for graph data security, pinpointing where graph-based models are most vulnerable and thereby informing the development of stronger defense mechanisms against such attacks.

翻译：图结构常被用于建模现代社交媒体及文献应用中普遍存在的复杂网络。本研究通过特征级对抗攻击探索图结构的脆弱性，重点聚焦于决策时攻击与投毒攻击两类场景。与当前针对节点属性和图结构的Net Attack、Meta Attack等先进模型不同，本研究专门针对节点属性展开分析。我们采用文本数据集Hellaswag以及图数据集Cora和CiteSeer作为评估基础，确保了评估维度的多样性。研究结果表明：相较于采用平均节点嵌入和图对比学习策略的投毒攻击，基于投影梯度下降（PGD）的决策时攻击具有更显著的攻击效能。该发现为图数据安全领域提供了重要启示，精准揭示了图模型最脆弱的环节，进而为构建抵御此类攻击的强健防御机制提供理论指导。