Scalable Attack on Graph Data by Important Nodes

Recent research shows that graph neural networks (GNNs) are easily disrupted due to the lack of robustness, a phenomenon that poses a serious security threat. Currently, most efforts to attack GNNs mainly use gradient information to guide the attacks and achieve superior performance. However, gradient-based attacks often lead to suboptimal results due to the discrete structure of graph data. The high complexity of time and space for large-scale graphs also take away the advantage of gradient attacks. In this work, we propose an attack method based on Important Nodes Controllable Labels (INCLA), which finds the set of important nodes for each class in the graph that have a great influence on the network during the graph convolution process and connects the target nodes to the important nodes to achieve the attack effect. In addition, since the gradient optimization attacks in graph neural networks are all salience attacks, which lead to their poor unnoticeability. We construct more unnoticeable adversarial examples based on the association between target nodes and important nodes, and use the Degree Assortativity Change (DAC) metric and Homophily Ratio Change (HRC) metric for verification. Extensive experimental results show that INCLA can significantly improve the time efficiency while maintaining the attack performance compared to the state-of-the-art adversarial attacks with the same attack budget.