GJDNet: Robust Graph Neural Networks via Joint Disentangled Learning Against Adversarial Attacks

2026-06-01 · Source: Takara TLDR - Daily AI Papers · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy · Depth: Expert, medium

Summary

GJDNet, a novel Graph Joint Disentanglement Network, is proposed to enhance the robustness of Graph Neural Networks (GNNs) against adversarial attacks. GNNs are vulnerable to attacks that invert connectivity patterns, leading to structure-feature mismatches across different graph types. Existing defense mechanisms often fall short by treating neighborhoods monolithically or failing to account for perturbation-induced representation shifts. GJDNet addresses these limitations by jointly disentangling node representations and decision spaces. It implements feature-driven soft structural disentanglement with skewness-aware neighbor filtering to suppress structure-feature mismatches. Additionally, GJDNet introduces a Spherical Decision Boundary (SDB) to promote intra-class compactness and inter-class separation in the embedding space, thereby stabilizing decision boundaries under perturbations. Theoretical analysis and extensive experiments confirm GJDNet's consistent strong robustness across diverse graph assortativity regimes.

Key takeaway

For AI Security Engineers developing robust Graph Neural Networks, GJDNet offers a principled approach to mitigate adversarial attacks. You should consider implementing joint disentangled learning, specifically incorporating feature-driven structural disentanglement and Spherical Decision Boundaries. This method stabilizes decision boundaries and suppresses perturbation-induced mismatches. It is crucial for deploying GNNs in security-critical applications where prediction reliability is paramount.

Key insights

GJDNet enhances GNN robustness by jointly disentangling node representations and decision spaces against adversarial attacks.

Principles

Adversarial attacks invert graph connectivity.
Disentangling representations and decisions improves robustness.
Stabilize decision boundaries via class separation.

Method

GJDNet employs feature-driven soft structural disentanglement with skewness-aware neighbor filtering and introduces a Spherical Decision Boundary (SDB) for robust node classification.

In practice

Apply GJDNet for robust GNN node classification.
Use SDB to improve embedding space separation.
Filter neighbors based on skewness for attack suppression.

Topics

Graph Neural Networks
Adversarial Attacks
Node Classification
Disentangled Learning
Robustness
Spherical Decision Boundary

Code references

DSE-MSU/DeepRobust

Best for: Research Scientist, AI Scientist, AI Security Engineer

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Takara TLDR - Daily AI Papers.