cs.LGcs.AI
GJDNet: Robust Graph Neural Networks via Joint Disentangled Learning Against Adversarial Attacks
Jun 1, 2026
GJDNet proposes a joint disentanglement framework to enhance the robustness of Graph Neural Networks against adversarial attacks by simultaneously stabilizing node representations and decision boundaries across diverse graph connectivity types.
Graph Neural Networks (GNNs) are vulnerable to adversarial attacks, which inherently invert connectivity patterns by introducing disassortative edges in assortative graphs and assortative edges in disassortative graphs. This structural inversion creates structure-feature mismatches that disrupt neighborhood aggregation across different graph types. However, we find that existing defenses are limited, as they either treat neighborhoods as monolithic under fixed assortativity assumptions or rely on standard softmax classifiers that fail to account for perturbation-induced representation shifts. To further exploit this observation, we adopt a robustness perspective that jointly disentangles node representations and decision spaces, isolating perturbation effects while enforcing well-separated decision regions. Based on this principle, we propose Graph Joint Disentanglement Network (GJDNet), a unified framework for robust node classification across diverse graph assortativity regimes. GJDNet enhances robustness at both representation and decision levels: it employs feature-driven soft structural disentanglement with skewness-aware neighbor filtering to suppress perturbation-induced structure-feature mismatches, and introduces a Spherical Decision Boundary (SDB) to promote intra-class compactness and inter-class separation in the embedding space, thereby stabilizing decision boundaries under perturbations. Theoretical analysis provides insights into the effectiveness of the proposed disentangled representation and decision mechanisms, while extensive experiments demonstrate that GJDNet consistently achieves strong robustness across graphs with different connectivity regimes.
SORA: Free Second-Order Attacks in Fast Adversarial Training
The paper introduces SORA, an adaptive adversarial training method that dynamica…
Evolutionary Refinement of Generative Graph Topologies: A Hybrid WGAN-GA Approach
The paper introduces a hybrid WGAN-GA framework that uses a Genetic Algorithm (G…
A combination of noise and bilateral filters achieve supralinear and scalable adversarial robustness…
The paper proposes combining Gaussian noise and bilateral filtering into a simpl…
Disentangling Adversarial Prompts: A Semantic-Graph Defense for Robust LLM Security
The paper proposes the Adversarial Prompt Disentanglement (APD) framework, a nov…
Construction of Historical Knowledge Graphs Based on BERT and Graph Neural Networks
This paper proposes a joint BERT-GNN architecture to systematically extract enti…
Graph-Conditioned Mixture of Graph Neural Network Experts for Traffic Forecasting
The paper proposes GC-MoE, a graph-conditioned Mixture of Experts framework, to…
On Efficient Scaling of GNNs via IO-Aware Layers Implementations
This paper develops specialized, I/O-aware GPU kernels for common GNN layer type…
Digital-to-Physical Transfer of Adversarial Patches for Aerial Vehicle Detection
This paper evaluates the physical transfer of adversarial patches against aerial…