LoReTTA: A Low Resource Framework To Poison Continuous Time Dynamic Graphs

Temporal Graph Neural Networks (TGNNs) are increasingly used in high-stakes domains, such as financial forecasting, recommendation systems, and fraud detection. However, their susceptibility to poisoning attacks poses a critical security risk. We introduce LoReTTA (Low Resource Two-phase Temporal Attack), a novel adversarial framework on Continuous-Time Dynamic Graphs, which degrades TGNN performance by an average of 29.47% across 4 widely benchmark datasets and 4 State-of-the-Art (SotA) models. LoReTTA operates through a two-stage approach: (1) sparsify the graph by removing high-impact edges using any of the 16 tested temporal importance metrics, (2) strategically replace removed edges with adversarial negatives via LoReTTA's novel degree-preserving negative sampling algorithm. Our plug-and-play design eliminates the need for expensive surrogate models while adhering to realistic unnoticeability constraints. LoReTTA degrades performance by upto 42.0% on MOOC, 31.5% on Wikipedia, 28.8% on UCI, and 15.6% on Enron. LoReTTA outperforms 11 attack baselines, remains undetectable to 4 leading anomaly detection systems, and is robust to 4 SotA adversarial defense training methods, establishing its effectiveness, unnoticeability, and robustness.

Key Contributions

• Two-phase poisoning framework (LoReTTA) for Continuous-Time Dynamic Graphs that sparsifies the graph via temporal importance metrics and replaces edges with adversarial negatives using a degree-preserving negative sampling algorithm
• Plug-and-play design requiring no surrogate models, evaluated across 16 temporal importance metrics and shown to evade 4 anomaly detection systems
• Achieves average 29.47% TGNN performance degradation across 4 benchmark datasets and 4 SOTA models, outperforming 11 attack baselines and remaining robust against 4 adversarial defense methods

🛡️ Threat Analysis

Details

Similar Papers