Transferable Hypergraph Attack via Injecting Nodes into Pivotal Hyperedges

Recent studies have demonstrated that hypergraph neural networks (HGNNs) are susceptible to adversarial attacks. However, existing methods rely on the specific information mechanisms of target HGNNs, overlooking the common vulnerability caused by the significant differences in hyperedge pivotality along aggregation paths in most HGNNs, thereby limiting the transferability and effectiveness of attacks. In this paper, we present a novel framework, i.e., Transferable Hypergraph Attack via Injecting Nodes into Pivotal Hyperedges (TH-Attack), to address these limitations. Specifically, we design a hyperedge recognizer via pivotality assessment to obtain pivotal hyperedges within the aggregation paths of HGNNs. Furthermore, we introduce a feature inverter based on pivotal hyperedges, which generates malicious nodes by maximizing the semantic divergence between the generated features and the pivotal hyperedges features. Lastly, by injecting these malicious nodes into the pivotal hyperedges, TH-Attack improves the transferability and effectiveness of attacks. Extensive experiments are conducted on six authentic datasets to validate the effectiveness of TH-Attack and the corresponding superiority to state-of-the-art methods.

Key Contributions

• First formalization of the common vulnerability caused by significant differences in hyperedge pivotality along aggregation paths in HGNNs
• Hyperedge recognizer via pivotality assessment to identify the most structurally critical hyperedges in information aggregation paths
• Feature inverter that generates maximally semantically divergent malicious nodes for injection into pivotal hyperedges, achieving superior transferability over state-of-the-art methods

🛡️ Threat Analysis

Details

Similar Papers