Attacking and Securing Community Detection: A Game-Theoretic Framework

It has been demonstrated that adversarial graphs, i.e., graphs with imperceptible perturbations, can cause deep graph models to fail on classification tasks. In this work, we extend the concept of adversarial graphs to the community detection problem, which is more challenging. We propose novel attack and defense techniques for community detection problem, with the objective of hiding targeted individuals from detection models and enhancing the robustness of community detection models, respectively. These techniques have many applications in real-world scenarios, for example, protecting personal privacy in social networks and understanding camouflage patterns in transaction networks. To simulate interactive attack and defense behaviors, we further propose a game-theoretic framework, called CD-GAME. One player is a graph attacker, while the other player is a Rayleigh Quotient defender. The CD-GAME models the mutual influence and feedback mechanisms between the attacker and the defender, revealing the dynamic evolutionary process of the game. Both players dynamically update their strategies until they reach the Nash equilibrium. Extensive experiments demonstrate the effectiveness of our proposed attack and defense methods, and both outperform existing baselines by a significant margin. Furthermore, CD-GAME provides valuable insights for understanding interactive attack and defense scenarios in community detection problems. We found that in traditional single-step attack or defense, attacker tends to employ strategies that are most effective, but are easily detected and countered by defender. When the interactive game reaches a Nash equilibrium, attacker adopts more imperceptible strategies that can still achieve satisfactory attack effectiveness even after defense.

Key Contributions

Novel targeted adversarial graph perturbation attack to hide individuals from community detection models, outperforming existing baselines
Rayleigh Quotient-based defender that enhances robustness of community detection models against adversarial graph manipulations
CD-GAME: a game-theoretic framework modeling attacker-defender interaction to Nash equilibrium, revealing that adaptive adversaries adopt more imperceptible strategies than single-step attackers

🛡️ Threat Analysis

Input Manipulation Attack

The core contribution is crafting imperceptible graph perturbations (adversarial inputs) at inference time to cause GNN-based community detection models to misclassify targeted individuals, alongside defenses (Rayleigh Quotient defender) to restore robustness — a classic input manipulation / evasion attack-and-defense setup applied to graph models.

Details

Domains

graph

Model Types

gnn

Threat Tags

white_boxinference_timetargeteddigital

Applications

2025 1 cit.

Input Manipulation Attack

75%

Attacking and Securing Community Detection: A Game-Theoretic Framework

Key Contributions

🛡️ Threat Analysis

Details

Similar Papers

JANUS: A Dual-Constraint Generative Framework for Stealthy Node Injection Attacks

Community Concealment from Unsupervised Graph Learning-Based Clustering

Single-Edge Node Injection Threats to GNN-Based Security Monitoring in Industrial Graph Systems

Optimal Transport-Guided Adversarial Attacks on Graph Neural Network-Based Bot Detection

SEA: Spectral Edge Attack on Graph Neural Networks

Unifying Adversarial Perturbation for Graph Neural Networks

Exact Verification of Graph Neural Networks with Incremental Constraint Solving

Robustness Verification of Graph Neural Networks Via Lightweight Satisfiability Testing