Loading [MathJax]/extensions/MathZoom.js

Yulin Zhu - IEEE Xplore Author Profile

IEEE.org
IEEE Xplore
IEEE SA
IEEE Spectrum
More Sites

- Donate
- Personal Sign In

Institutional Sign In

Institutional Sign In

ADVANCED SEARCH

Author details

Yulin Zhu

Publications

11

Citations

21

Publications by Year

20212024

Co-Authors:

Xing AiYu BuWenqi FanLongling GengMichał Tomasz Godziszewski

Show All Co-Authors (23)

Yulin Zhu

Affiliation

Department of Computing

The Hong Kong Polytechnic University

Hong Kong, China

Publication Topics

Anomaly Detection,
Graph Neural Networks,
Attack Methods,
Bilevel Optimization,
Bilevel Optimization Problem,
Link Prediction,
Anomaly Score,
Graph Structure,
Objective Function,
Optimization Problem,
Attack Performance,
Graph Convolutional Network

Biography

Yulin Zhu received the BS degree from Wuhan University, Wuhan, China, in 2012 and the PhD degree from The Chinese University of Hong Kong, HKSAR, 2020, where he is currently a postdoctoral research fellow with the Department of Computing, The Hong Kong Polytechnic University, HKSAR. His research focuses on AI Security and adversarial Graph Learning. He has published several papers such as IEEE ICDE, ACM CCS and etc.(Based on document published on 13 October 2023).

Publications

11

Citations

21

Publications by Year

20212024

Co-Authors:

Xing Ai
Yu Bu
Wenqi Fan
Longling Geng
Michał Tomasz Godziszewski

Show All Co-Authors (23)

Author's Published Works

Search History

Showing 1-11 of 11 results

Conferences (6)

Journals (4)

Early Access Articles (1)

Sort

Filter Results

Show

Open Access Only

Range
Single Year
Kai Zhou(11)
Yulin Zhu(11)
Yuni Lai(6)
Xiapu Luo(5)
Tomasz P. Michalak(3)
Dept. of Computing, The Hong Kong Polytechnic University, HKSAR(2)
Department of Computing, The Hong Kong Polytechnic University, Hung Hom, Hong Kong(2)
Sam's Club Innovation Center, Dallas, TX, USA(1)
Department of Computing, The Hong Kong Polytechnic University, Hong Kong, Hong Kong(1)
University of Warsaw & IDEAS NCBR, Poland(1)
IEEE Transactions on Information Forensics and Security(3)
ICASSP 2024 - 2024 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)(2)
2021 IEEE International Conference on Data Mining (ICDM)(1)
2022 IEEE 38th International Conference on Data Engineering (ICDE)(1)
2024 IEEE 40th International Conference on Data Engineering (ICDE)(1)
IEEE(11)
Seoul, Korea, Republic of(2)
Auckland, New Zealand(1)
Kuala Lumpur, Malaysia(1)
San Francisco, CA, USA(1)
Utrecht, Netherlands(1)
Anomaly Detection(7)
Graph Neural Networks(7)
Attack Methods(5)
Bilevel Optimization(5)
Bilevel Optimization Problem(5)

Select All on Page

Sort By

Results

Coupled-Space Attacks Against Random-Walk-Based Anomaly Detection

Yuni Lai;Marcin Waniek;Liying Li;Jingwen Wu;Yulin Zhu;Tomasz P. Michalak;Talal Rahwan;Kai Zhou

IEEE Transactions on Information Forensics and Security

Year: 2024 | Volume: 19 | Journal Article |

HTML

Random Walks-based Anomaly Detection (RWAD) is commonly used to identify anomalous patterns in various applications. An intriguing characteristic of RWAD is that the input graph can either be pre-existing graphs or feature-derived graphs constructed from raw features. Consequently, there are two potential attack surfaces against RWAD: graph-space attacks and feature-space attacks. In this paper, w...Show More

Coupled-Space Attacks Against Random-Walk-Based Anomaly Detection

Yuni Lai;Marcin Waniek;Liying Li;Jingwen Wu;Yulin Zhu;Tomasz P. Michalak;Talal Rahwan;Kai Zhou

IEEE Transactions on Information Forensics and Security

Year: 2024 | Volume: 19 | Journal Article |

Node-aware Bi-smoothing: Certified Robustness against Graph Injection Attacks

Yuni Lai;Yulin Zhu;Bailin Pan;Kai Zhou

2024 IEEE Symposium on Security and Privacy (SP)

Year: 2024 | Conference Paper |

HTML

Deep Graph Learning (DGL) has emerged as a crucial technique across various domains. However, recent studies have exposed vulnerabilities in DGL models, such as susceptibility to evasion and poisoning attacks. While empirical and provable robustness techniques have been developed to defend against graph modification attacks (GMAs), the problem of certified robustness against graph injection attack...Show More

Node-aware Bi-smoothing: Certified Robustness against Graph Injection Attacks

Yuni Lai;Yulin Zhu;Bailin Pan;Kai Zhou

2024 IEEE Symposium on Security and Privacy (SP)

Year: 2024 | Conference Paper |

Graph Anomaly Detection at Group Level: A Topology Pattern Enhanced Unsupervised Approach

Xing Ai;Jialong Zhou;Yulin Zhu;Gaolei Li;Tomasz P. Michalak;Xiapu Luo;Kai Zhou

2024 IEEE 40th International Conference on Data Engineering (ICDE)

Year: 2024 | Conference Paper |

HTML

Graph anomaly detection (GAD) has achieved success and has been widely applied in various domains, such as fraud detection, cybersecurity, finance security, and biochemistry. However, existing graph anomaly detection algorithms focus on distinguishing individual entities (nodes or graphs) and overlook the possibility of anomalous groups within the graph. To address this limitation, this paper intr...Show More

Graph Anomaly Detection at Group Level: A Topology Pattern Enhanced Unsupervised Approach

Xing Ai;Jialong Zhou;Yulin Zhu;Gaolei Li;Tomasz P. Michalak;Xiapu Luo;Kai Zhou

2024 IEEE 40th International Conference on Data Engineering (ICDE)

Year: 2024 | Conference Paper |

From Bi-Level to One-Level: A Framework for Structural Attacks to Graph Anomaly Detection

Yulin Zhu;Yuni Lai;Kaifa Zhao;Xiapu Luo;Mingquan Yuan;Jun Wu;Jian Ren;Kai Zhou

IEEE Transactions on Neural Networks and Learning Systems

Year: 2024 | Early Access Article |

The success of graph neural networks stimulates the prosperity of graph mining and the corresponding downstream tasks including graph anomaly detection (GAD). However, it has been explored that those graph mining methods are vulnerable to structural manipulations on relational data. That is, the attacker can maliciously perturb the graph structures to assist the target nodes in evading anomaly det...Show More

From Bi-Level to One-Level: A Framework for Structural Attacks to Graph Anomaly Detection

Yulin Zhu;Yuni Lai;Kaifa Zhao;Xiapu Luo;Mingquan Yuan;Jun Wu;Jian Ren;Kai Zhou

IEEE Transactions on Neural Networks and Learning Systems

Year: 2024 | Early Access Article |

Uncovering Strong Ties: A Study of Indirect Sybil Attack on Signed Social Network

Yu Bu;Yulin Zhu;Longling Geng;Kai Zhou

ICASSP 2024 - 2024 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)

Year: 2024 | Conference Paper |

HTML

The Fairness and Goodness Algorithm (FGA) is a widely used trust system in signed directed networks. However, attackers can manipulate trust scores on FGA by launching indirect Sybil attacks and exploiting strong ties. In this work, we propose a novel attack method vicinage-attack that formulates the problem as a combination optimization problem for mining candidate attacking edges. Our method con...Show More

Uncovering Strong Ties: A Study of Indirect Sybil Attack on Signed Social Network

Yu Bu;Yulin Zhu;Longling Geng;Kai Zhou

ICASSP 2024 - 2024 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)

Year: 2024 | Conference Paper |

Cost Aware Untargeted Poisoning Attack Against Graph Neural Networks

Yuwei Han;Yuni Lai;Yulin Zhu;Kai Zhou

ICASSP 2024 - 2024 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)

Year: 2024 | Conference Paper |

HTML

Graph Neural Networks (GNNs) have become widely used in the field of graph mining. However, these networks are vulnerable to structural perturbations. While many research efforts have focused on analyzing vulnerability through poisoning attacks, we have identified an inefficiency in current attack losses. These losses steer the attack strategy towards modifying edges targeting misclassified nodes ...Show More

Cost Aware Untargeted Poisoning Attack Against Graph Neural Networks

Yuwei Han;Yuni Lai;Yulin Zhu;Kai Zhou

ICASSP 2024 - 2024 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)

Year: 2024 | Conference Paper |

Toward Secrecy-Aware Attacks Against Trust Prediction in Signed Social Networks

Yulin Zhu;Tomasz Michalak;Xiapu Luo;Xiaoge Zhang;Kai Zhou

IEEE Transactions on Information Forensics and Security

Year: 2024 | Volume: 19 | Journal Article |

Cited by: Papers (1)

HTML

Signed social networks are widely used to model the trust relationships among online users in security-sensitive systems such as cryptocurrency trading platforms, where trust prediction plays a critical role. In this paper, we investigate how attackers could mislead trust prediction by secretly manipulating signed networks. To this end, we first design effective poisoning attacks against represent...Show More

Toward Secrecy-Aware Attacks Against Trust Prediction in Signed Social Networks

Yulin Zhu;Tomasz Michalak;Xiapu Luo;Xiaoge Zhang;Kai Zhou

IEEE Transactions on Information Forensics and Security

Year: 2024 | Volume: 19 | Journal Article |

Toward Adversarially Robust Recommendation From Adaptive Fraudster Detection

Yuni Lai;Yulin Zhu;Wenqi Fan;Xiaoge Zhang;Kai Zhou

IEEE Transactions on Information Forensics and Security

Year: 2024 | Volume: 19 | Journal Article |

Cited by: Papers (2)

HTML

The robustness of recommender systems under node injection attacks has garnered significant attention. Recently, GraphRfi, a Graph-Neural-Network-based (GNN-based) recommender system, was proposed and shown to effectively mitigate the impact of injected fake users. However, we demonstrate that GraphRfi remains vulnerable to attacks due to the supervised nature of its fraudster detection component,...Show More

Toward Adversarially Robust Recommendation From Adaptive Fraudster Detection

Yuni Lai;Yulin Zhu;Wenqi Fan;Xiaoge Zhang;Kai Zhou

IEEE Transactions on Information Forensics and Security

Year: 2024 | Volume: 19 | Journal Article |

FocusedCleaner: Sanitizing Poisoned Graphs for Robust GNN-Based Node Classification

Yulin Zhu;Liang Tong;Gaolei Li;Xiapu Luo;Kai Zhou

IEEE Transactions on Knowledge and Data Engineering

Year: 2024 | Volume: 36, Issue: 6 | Journal Article |

HTML

Graph Neural Networks (GNNs) are vulnerable to data poisoning attacks, which will generate a poisoned graph as the input to the GNN models. We present FocusedCleaner as a poisoned graph sanitizer to effectively identify the poison injected by attackers. Specifically, FocusedCleaner provides a sanitation framework consisting of two modules: bi-level structural learning and victim node detection. In...Show More

FocusedCleaner: Sanitizing Poisoned Graphs for Robust GNN-Based Node Classification

Yulin Zhu;Liang Tong;Gaolei Li;Xiapu Luo;Kai Zhou

IEEE Transactions on Knowledge and Data Engineering

Year: 2024 | Volume: 36, Issue: 6 | Journal Article |

BinarizedAttack: Structural Poisoning Attacks to Graph-based Anomaly Detection

Yulin Zhu;Yuni Lai;Kaifa Zhao;Xiapu Luo;Mingquan Yuan;Jian Ren;Kai Zhou

2022 IEEE 38th International Conference on Data Engineering (ICDE)

Year: 2022 | Conference Paper |

Cited by: Papers (11)

HTML

Graph-based Anomaly Detection (GAD) is becoming prevalent due to the powerful representation abilities of graphs as well as recent advances in graph mining techniques. These GAD tools, however, expose a new attacking surface, ironically due to their unique advantage of being able to exploit the relations among data. That is, attackers now can manipulate those relations (i.e., the structure of the ...Show More

BinarizedAttack: Structural Poisoning Attacks to Graph-based Anomaly Detection

Yulin Zhu;Yuni Lai;Kaifa Zhao;Xiapu Luo;Mingquan Yuan;Jian Ren;Kai Zhou

2022 IEEE 38th International Conference on Data Engineering (ICDE)

Year: 2022 | Conference Paper |

Attacking Similarity-Based Sign Prediction

Michał Tomasz Godziszewski;Tomasz P. Michalak;Marcin Waniek;Talal Rahwan;Kai Zhou;Yulin Zhu

2021 IEEE International Conference on Data Mining (ICDM)

Year: 2021 | Conference Paper |

Cited by: Papers (7)

HTML

In this paper, we present a computational analysis of the problem of attacking sign prediction, whereby the aim of the attacker (a network member) is to hide from the defender (an analyst) the signs of a target set of links by removing the signs of some other, non-target, links. The problem turns out to be NP-hard if either local or global similarity measures are used for sign prediction. We propo...Show More

Attacking Similarity-Based Sign Prediction

Michał Tomasz Godziszewski;Tomasz P. Michalak;Marcin Waniek;Talal Rahwan;Kai Zhou;Yulin Zhu

2021 IEEE International Conference on Data Mining (ICDM)

Year: 2021 | Conference Paper |

IEEE Personal Account

Change username/password

Purchase Details

Payment Options
View Purchased Documents

Profile Information

Communications Preferences
Profession and Education
Technical interests

Need Help?

US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
Contact & Support

Follow

About IEEE Xplore | Contact Us | Help | Accessibility | Terms of Use | Nondiscrimination Policy | IEEE Ethics Reporting | Sitemap | IEEE Privacy Policy

A public charity, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.

© Copyright 2025 IEEE - All rights reserved, including rights for text and data mining and training of artificial intelligence and similar technologies.

IEEE Account

Change Username/Password
Update Address

Purchase Details

Payment Options
Order History
View Purchased Documents

Profile Information

Communications Preferences
Profession and Education
Technical Interests

Need Help?

US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
Contact & Support

About IEEE Xplore
Contact Us
Help
Accessibility
Terms of Use
Nondiscrimination Policy
Sitemap
Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.