Abstract
Knowledge graph embedding (KGE) is a technique
for learning continuous embeddings for entities and
relations in the knowledge graph. Due to its benefit
to a variety of downstream tasks such as knowledge
graph completion, question answering and recommendation, KGE has gained significant attention
recently. Despite its effectiveness in a benign environment, KGE’s robustness to adversarial attacks is
not well-studied. Existing attack methods on graph
data cannot be directly applied to attack the embeddings of knowledge graph due to its heterogeneity.
To fill this gap, we propose a collection of data poisoning attack strategies, which can effectively manipulate the plausibility of arbitrary targeted facts
in a knowledge graph by adding or deleting facts
on the graph. The effectiveness and efficiency of
the proposed attack strategies are verified by extensive evaluations on two widely-used benchmarks