一种防御投影梯度下降攻击的图时空注意力网络方法

doi:10.12677/csa.2026.165200

期刊菜单

一种防御投影梯度下降攻击的图时空注意力网络方法
A Graph Spatial-Temporal Attention Network Method for Defending Against Projected Gradient Descent Attacks

DOI: 10.12677/csa.2026.165200, PDF, 科研立项经费支持
作者: 尹艺, 吴杨^*, 张权, 曾卓, 李娅洁：重庆电子科技职业大学人工智能与大数据学院，重庆
关键词: 图时空网络；投影梯度下降；时空自注意力；时空平滑；Graph Spatial-Temporal Network； Projected Gradient Descent； Spatial-Temporal Self-Attention； Spatial-Temporal Smoothing

摘要: 图时空网络在交通预测与疫情分析等领域广泛应用，然而其时空耦合结构也使其易受对抗攻击干扰。针对投影梯度下降PGD对抗攻击对模型性能的破坏，文章提出了一种鲁棒图时空自注意力网络RGSTAN，该方法引入交叉时空自注意力强化时空特征建模能力，并结合时空平滑策略在空间与时间维度上对动态节点特征表示进行平滑处理与对抗扰动，降低对抗噪声对关键特征的影响，从而提升模型鲁棒性。此外，还分析了图时空模型面临的安全威胁，揭示了投影梯度下降对抗攻击在时空信息传播过程中的干扰原理。最后，基于疫情与流量动态图数据的实验结果表明，在不同攻击约束的对抗环境下，时空平滑机制能强化时空自注意力网络层的鲁棒性，使RGSTAN能有效缓解投影梯度攻击的干扰。

Abstract: Graph spatial-temporal networks are widely used for traffic forecasting and epidemic analysis, but their spatial-temporal correlated structure makes them susceptible to perturbation from adversarial attacks. In order to limit the performance degradation caused by projected gradient descent attacks, this paper proposes a Robust Graph Spatial-Temporal Self-Attention Network model. The model integrates cross-spatial-temporal self-attentions to enhance the spatial-temporal representation dependencies, and utilizes a spatial-temporal smoothing strategy that smooths and perturbs dynamic node features from spatial and temporal dimensions, thus mitigating the impact of adversarial noise on crucial representations and improving the model’s robustness. Additionally, this paper explores the security threats of graph spatial-temporal models and analyzes the PGD attack mechanism, which interferes with spatial-temporal information flow. Finally, experimental results based on epidemic and traffic dynamic graph data show that the spatiotemporal smoothing mechanism can enhance the robustness of the spatiotemporal self-attention network layer under adversarial environments with different attack constraints, enabling RGSTAN to effectively mitigate the interference of projection gradient attacks.

文章引用：尹艺, 吴杨, 张权, 曾卓, 李娅洁. 一种防御投影梯度下降攻击的图时空注意力网络方法[J]. 计算机科学与应用, 2026, 16(5): 493-507. https://doi.org/10.12677/csa.2026.165200

参考文献

[1]	Leskovec, J. and Krevl, A. (2014) SNAP Datasets: Stanford Large Network Dataset Collection. http://snap.stanford.edu/data
[2]	乔少杰, 薛骐, 杨国平, 等. 基于动态自适应时空图的多元时序预测模型[J]. 计算机学报, 2024, 47(12): 2925-2937.
[3]	何玉林, 赖俊龙, 崔来中, 等. 基于时空注意力的多粒度链路预测算法[J]. 软件学报, 2025, 36(9): 4311-4326.
[4]	Rozemberczki, B., Scherer, P., He, Y., Panagopoulos, G., Riedel, A., Astefanoaei, M., et al. (2021) Pytorch Geometric Temporal: Spatiotemporal Signal Processing with Neural Machine Learning Models. Proceedings of the 30th ACM International Conference on Information & Knowledge Management, Virtual Event, 1-5 November 2021, 4564-4573. [Google Scholar] [CrossRef]
[5]	Madry, A., Makelov, A., Schmidt, L., Tsipras, D. and Vladu, A. (2018) Towards Deep Learning Models Resistant to Adversarial Attacks. arXiv:1706.06083.
[6]	先兴平, 吴涛, 乔少杰, 等. 图学习隐私与安全问题研究综述[J]. 计算机学报, 2023, 46(6): 1184-1212.
[7]	金柯君, 于洪涛, 吴翼腾, 等. 基于改进投影梯度下降算法的图卷积网络投毒攻击[J]. 计算机工程, 2022, 48(10): 176-183.
[8]	柏杨, 陈晋音, 郑海斌, 等. 面向图垂直联邦学习的对抗攻击方法[J]. 计算机科学, 2025, 52(S2): 841-850.
[9]	Li, Y., Jin, W., Xu, H. and Tang, J. (2020) Deeprobust: A Pytorch Library for Adversarial Attacks and Defenses. arXiv:2005.06149.
[10]	Zi, B., Zhao, S., Ma, X. and Jiang, Y. (2021) Revisiting Adversarial Robustness Distillation: Robust Soft Labels Make Student Better. 2021 IEEE/CVF International Conference on Computer Vision (ICCV), Montreal, 10-17 October 2021, 16443-16452. [Google Scholar] [CrossRef]
[11]	Lee, W. and Park, H. (2025) Self-Supervised Adversarial Purification for Graph Neural Networks. Proceedings of the 42nd International Conference on Machine Learning, Vancouver, 13-19 July 2025, 33715-33735.
[12]	王煜恒, 刘强, 伍晓洁. RCGNN: 图注入攻击下的图神经网络鲁棒性认证方法[J]. 计算机工程与科学, 2025, 47(3): 434-447.
[13]	王新哲, 孙望舒, 罗晨, 等. 基于动态时空图网络的数据安全态势预警技术[J/OL]. 计算机与现代化, 1-15. https://link.cnki.net/urlid/36.1137.tp.20251110.1806.007, 2026-03-15.
[14]	Bai, L., Yao, L., Li, C., et al. (2020) Adaptive Graph Convolutional Recurrent Network for Traffic Forecasting. Advances in Neural Information Processing Systems, 33, 17804-17815.
[15]	Chen, J., Wang, X. and Xu, X. (2022) GC-LSTM: Graph Convolution Embedded LSTM for Dynamic Network Link Prediction. Applied Intelligence, 52, 7513-7528. [Google Scholar] [CrossRef]
[16]	Seo, Y., Defferrard, M., Vandergheynst, P. and Bresson, X. (2018) Structured Sequence Modeling with Graph Convolutional Recurrent Networks. In: Cheng, L., Leung, A. and Ozawa, S., Eds., Lecture Notes in Computer Science, Springer International Publishing, 362-373. [Google Scholar] [CrossRef]
[17]	Zhao, L., Song, Y., Zhang, C., Liu, Y., Wang, P., Lin, T., et al. (2020) T-GCN: A Temporal Graph Convolutional Network for Traffic Prediction. IEEE Transactions on Intelligent Transportation Systems, 21, 3848-3858. [Google Scholar] [CrossRef]

为你推荐

友情链接