On the Security Risks of Knowledge Graph Reasoning. (arXiv:2305.02383v2 [cs.CR] UPDATED)

On the Security Risks of Knowledge Graph Reasoning. (arXiv:2305.02383v2 [cs.CR] UPDATED)
By: <a href="http://arxiv.org/find/cs/1/au:+Xi_Z/0/1/0/all/0/1">Zhaohan Xi</a>, <a href="http://arxiv.org/find/cs/1/au:+Du_T/0/1/0/all/0/1">Tianyu Du</a>, <a href="http://arxiv.org/find/cs/1/au:+Li_C/0/1/0/all/0/1">Changjiang Li</a>, <a href="http://arxiv.org/find/cs/1/au:+Pang_R/0/1/0/all/0/1">Ren Pang</a>, <a href="http://arxiv.org/find/cs/1/au:+Ji_S/0/1/0/all/0/1">Shouling Ji</a>, <a href="http://arxiv.org/find/cs/1/au:+Luo_X/0/1/0/all/0/1">Xiapu Luo</a>, <a href="http://arxiv.org/find/cs/1/au:+Xiao_X/0/1/0/all/0/1">Xusheng Xiao</a>, <a href="http://arxiv.org/find/cs/1/au:+Ma_F/0/1/0/all/0/1">Fenglong Ma</a>, <a href="http://arxiv.org/find/cs/1/au:+Wang_T/0/1/0/all/0/1">Ting Wang</a> Posted: June 23, 2023

Knowledge graph reasoning (KGR) — answering complex logical queries over
large knowledge graphs — represents an important artificial intelligence task,
entailing a range of applications (e.g., cyber threat hunting). However,
despite its surging popularity, the potential security risks of KGR are largely
unexplored, which is concerning, given the increasing use of such capability in
security-critical domains.

This work represents a solid initial step towards bridging the striking gap.
We systematize the security threats to KGR according to the adversary’s
objectives, knowledge, and attack vectors. Further, we present ROAR, a new
class of attacks that instantiate a variety of such threats. Through empirical
evaluation in representative use cases (e.g., medical decision support, cyber
threat hunting, and commonsense reasoning), we demonstrate that ROAR is highly
effective to mislead KGR to suggest pre-defined answers for target queries, yet
with negligible impact on non-target ones. Finally, we explore potential
countermeasures against ROAR, including filtering of potentially poisoning
knowledge and training with adversarially augmented queries, which leads to
several promising research directions.

Provided by:



Moderator and Editor