Data Poisoning Attack against Knowledge Graph Embedding

Knowledge graph embedding (KGE) is a technique for learning continuous embeddings for entities and relations in the knowledge graph. Due to its benefit to a variety of downstream tasks such as knowledge graph completion, question answering and recommendation, KGE has gained significant attention recently. Despite its effectiveness in a benign environment, KGE's robustness to adversarial attacks is not well-studied. Existing attack methods on graph data cannot be directly applied to attack the embeddings of knowledge graph due to its heterogeneity. To fill this gap, we propose a collection of data poisoning attack strategies, which can effectively manipulate the plausibility of arbitrary targeted facts in a knowledge graph by adding or deleting facts on the graph. The effectiveness and efficiency of the proposed attack strategies are verified by extensive evaluations on two widely-used benchmarks.

Authors

• Hengtong Zhang Tencent AI Lab
• Tianhang Zheng The State Key Laboratory of Blockchain and Data Security, Zhejiang University Hangzhou High-Tech Zone (Binjiang) Institute of Blockchain and Data Security
• Jing Gao Purdue University
• Chenglin Miao Iowa State University
• Lu Su Purdue University
• Yaliang Li Alibaba Group
• Kui Ren Zhejiang University

Keywords

• Machine Learning: Adversarial Machine Learning
• Multidisciplinary Topics and Applications: Security and Privacy