Data Poisoning Attack against Knowledge Graph Embedding
Authors: Hengtong Zhang, Tianhang Zheng, Jing Gao, Chenglin Miao, Lu Su, Yaliang Li, Kui Ren
IJCAI 2019 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | The effectiveness and efficiency of the proposed attack strategies are verified by extensive evaluations on two widely-used benchmarks. Empirically, we perform poisoning attack experiments against three most representative KGE methods on two common KGE datasets (FB15K, WN18), and verify the effectiveness of the proposed adversarial attack. |
| Researcher Affiliation | Collaboration | 1SUNY at Buffalo, Buffalo, NY USA 2Alibaba Group, Bellevue, WA USA 3Zhejiang University, Zhejiang, China {hengtong, tzheng4, jing, cmiao, lusu}@buffalo.edu, yaliang.li@alibaba-inc.com, kuiren@zju.edu.cn |
| Pseudocode | Yes | Algorithm 1 Indirect Attack |
| Open Source Code | No | The paper refers to an existing open-source toolkit ('THUNLPOpen KE') used for the targeted KGE models, but it does not provide concrete access to the source code for the attack methodology described in this paper. |
| Open Datasets | Yes | In this paper, we use two common KGE benchmark datasets for our experiment: FB15k and WN18. ... Both FB15k and WN18 are first introduced by [Bordes et al., 2013]. |
| Dataset Splits | No | The paper states 'The training set and the test set of these two datasets are already fixed.' but does not provide specific percentages or counts for training, validation, or test dataset splits, nor does it explicitly mention a validation set being used. |
| Hardware Specification | Yes | The attack models are run on a laptop with 4 GB RAM, 2.7 GHz Intel Core i5 CPU. |
| Software Dependencies | Yes | The attack models in this paper are all implemented via Numpy and Python 3.7. |
| Experiment Setup | Yes | For the targeted KGE models, we use the standard implementation provided by THUNLPOpen KE [Han et al., 2018]. The embedding dimension d is fixed to 50. Other parameters of baseline methods are set according to their authors suggestions. For the proposed attack strategies, the parameter K for indirect attack is fixed to 1. During the experiment all the perturbations are injected into the dataset at the same time. |