This Is AuburnElectronic Theses and Dissertations

Show simple item record

On the Adversarial Robustness of Machine Learning Models on Multi-Graph Scenarios


Metadata FieldValueLanguage
dc.contributor.advisorZhou, Yang
dc.contributor.authorZhang, Zijie
dc.date.accessioned2023-07-27T20:33:41Z
dc.date.available2023-07-27T20:33:41Z
dc.date.issued2023-07-27
dc.identifier.urihttps://etd.auburn.edu//handle/10415/8823
dc.description.abstractIn this work, we study the the task of graph matching under several scenarios in an adversarial context. Despite achieving remarkable performance, deep learning based graph matching still suffers from harassment caused by small adversarial perturbations. This perturbation, usually delivered in the form of small yet elaborately designed alternations of the topology of the target graphs, i.e., addition and deletion of very few portion of the edges, can result in serious degradation of the performance of the graph matching process. To begin our investigation with, we designed a density based and meta-learning enhanced attack specifically for graph matching and observed high mismatching rate in empirical analysis. In addition, we also showed that graph models adversarial trained on the attacking perturbation generated using the above approach also gained extra robustness. The weakness of this method as a defense against the adversarial attacks is that it does not provide any kind of guarantee in the sense of unaffected behavior under attacks with limited perturbation budget. Thus, we went further with Lipschitz networks equipped with specially designed Kl-Lipschitz Weibull activation combined with weights constrained calculated target norms with polar decomposition techniques to provide provable robustness while persevering the expressiveness of the network to mitigate the inevitable loss of matching rate. We also investigated the potential threats when performing graph matching in a Federated Learning scheme. An algorithm is proposed to deals with the dilemma in this specific problem which being the data privacy constraint requiring graphs not being shared with each other on one side and the nature of the graph matching problem demanding the possession of the knowledge of at least two graph simultaneously.en_US
dc.subjectComputer Science and Software Engineeringen_US
dc.titleOn the Adversarial Robustness of Machine Learning Models on Multi-Graph Scenariosen_US
dc.typePhD Dissertationen_US
dc.embargo.statusNOT_EMBARGOEDen_US
dc.embargo.enddate2023-07-27en_US
dc.contributor.committeeHan, Maggie
dc.contributor.committeeSantu, Shubhra
dc.contributor.committeeSeals, Cheryl
dc.creator.orcid0000-0003-1254-098Xen_US

Files in this item

Show simple item record