Notice: The reproducibility variables underlying each score are classified using an automated LLM-based pipeline, validated against a manually labeled dataset. LLM-based classification introduces uncertainty and potential bias; scores should be interpreted as estimates. Full accuracy metrics and methodology are described in [1].
Query-Based and Unnoticeable Graph Injection Attack from Neighborhood Perspective
Authors: Chang Liu, Hai Huang, Xingquan Zuo
IJCAI 2025 | Venue PDF | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Extensive experiments on six real-world datasets with diverse characteristics demonstrate that QUGIA achieves unnoticeable attacks and outperforms state-of-the-art attackers. The code can be found at https://github.com/1234238/QUGIA |
| Researcher Affiliation | Academia | Chang Liu , Hai Huang , Xingquan Zuo Beijing University of Posts and Telecommunications EMAIL |
| Pseudocode | Yes | Algorithm 1 QUGIA Input: Graph G = (A, X), target node set Vt, injection node attack budget n, injection node edge budget e, maximum iterations T, Dirichlet parameters, structural selection score |p|, model-predicted label function f(), node labels Y . |
| Open Source Code | Yes | The code can be found at https://github.com/1234238/QUGIA |
| Open Datasets | Yes | We evaluate our approach on six datasets, covering both discrete and continuous features. The discrete datasets include Cora and Citeseer [Yang et al., 2016], while the continuous datasets comprise Pubmed [Sen et al., 2008], the GRBredefined versions of Cora and Citeseer [Zheng et al., 2021], and the ar Xiv dataset from OGB [Hu et al., 2020]. |
| Dataset Splits | Yes | In this paper, we focus on the semi-supervised node classification task. The nodes used during training are denoted as Vtrain. For each node u in Vtrain, there is a corresponding label yu YL, where YL Y and Y = {1, 2, . . . , C}. YL represents the set of labeled nodes. During the testing phase, the trained GNN model predicts the labels of the nodes in Vtest = V \ Vtrain based on the subgraph Gtest. ... We adopt a data-splitting strategy similar to those used in prior studies [Chen et al., 2022; Zheng et al., 2021]. |
| Hardware Specification | No | The paper does not provide specific hardware details (e.g., exact GPU/CPU models, processor types, or memory amounts) used for running its experiments. |
| Software Dependencies | No | The paper does not provide specific ancillary software details (e.g., library or solver names with version numbers) needed to replicate the experiment. |
| Experiment Setup | Yes | Here, γ represents the confidence score of Latk. A higher γ implies a stronger attack effect but results in a greater distance from the decision boundary. To ensure the attack remains as close to the decision boundary as possible, we set γ = 0.05. ... The number of inserted nodes is defined as |VI| = a|V |, where a represents the percentage of the total number of nodes in the clean graph. To evaluate the performance of various attack methods under different attack constraints, we set a to 1%, 3%, and 5%. ... All attack methods were executed using five different random seeds, and we report both the mean and variance of the results across these five runs. |