🤖 AI Summary
This work addresses the challenge of efficiently identifying corrupted nodes in graph structures following adversarial tampering. The authors propose a novel active learning–based recovery algorithm that approximately localizes hidden corrupted nodes by querying only a small number of node labels within the perturbed graph. A key contribution is the first theoretical characterization of how vertex expansion properties of the original graph fundamentally influence the query complexity of active learning under adversarial perturbations. Leveraging this insight, the algorithm efficiently computes a minimum vertex expansion set subject to cardinality constraints via an adapted Sum-of-Squares framework. Theoretical analysis demonstrates that the query complexity depends polynomially on both the attack strength and the graph’s intrinsic expansion, yielding significantly improved recovery efficiency and scalability.
📝 Abstract
Motivated by real-world scenarios where malicious entities tamper with existing networks, we define a model where an adversary seeks to hide a set of \emph{corrupted vertices} inside a graph $G^*$. To this end, the adversary can add edges between the corrupted vertices, as well as edges between the corrupted vertices and $G^*$, and its power is then measured by the size of the \emph{neighborhood} of the corrupted vertices in $G^*$. Our goal is to design an active learning algorithm that efficiently finds the subset of corrupted vertices using a small number of label queries. We devise an efficient algorithm that approximately recovers the corrupted vertices with a query complexity that depends polynomially on both the power of the adversary and the \emph{vertex expansion} of $G^*$, a fundamental measure of graph connectivity. At the heart of this result is a polynomial-time algorithm, obtained by carefully adapting sum-of-squares algorithms for approximating minimum expansion, that finds a set with small vertex expansion subject to cardinality constraints. To the best of our knowledge, this is the first time that the vertex expansion is shown to play a key role in determining the query complexity of active learning algorithms robust to structural adversarial attacks.