Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Automatic feature extraction and node role assignment for transfer learning on graphs
Automatic feature extraction and node role assignment for transfer learning on graphs; based on the ReFeX/RolX algorithms [1, 2] of Henderson, et al.
A fundamental problem for learning on graphs is extracting meaningful features. GraphRole
provides the RecursiveFeatureExtractor
class to automate this process by extracting recursive features capturing local and neighborhood ("regional") structural properties of a given graph. The specific implementation follows that of the ReFeX algorithm [1]. Node features (e.g., degree) and ego-net features (e.g., neighbors, number of internal vs. external edges) are extracted and then recursively aggregated over each node's neighbors' features until no additional information is encoded. As is shown in [1], these recursive, "regional" features facilitate node classification and perform quite well in transfer learning tasks.
GraphRole
also provides the RoleExtractor
class for node role assignment (a form of classification). Different nodes play different structural roles in a graph, and using recursive regional features, these roles can be identified and assigned to collections of nodes. As they are structural in nature, node roles differ from and are often more intuitive than the commonly used communities of nodes. In particular, roles can generalize across graphs whereas the notion of communities cannot [2]. Identification and assignment of node roles has been shown to facilitate many graph learning tasks.
Please see [1, 2] for more technical details.
This package is hosted on PyPI and can be installed via pip
:
$ pip install graphrole
To instead install from source:
$ git clone https://github.com/dkaslovsky/GraphRole.git
$ cd GraphRole
$ python setup.py install
An example of GraphRole
usage is found in the examples
directory. The notebook
example.ipynb
(also available via nbviewer)
walks through feature extraction and role assignment for the well-known karate_club_graph
that is included with NetworkX
. Recursive features are extracted and used to learn role assignments for each node in the graph. The graph is shown above with each node colored corresponding to its role.
The extracted roles reflect structural properties of the graph at the node level. The nodes 0
and 33
(dark green) are central to the graph and are connected to many other nodes. Nodes 1
, 2
, 3
, and 32
are assigned to a similar role (red). In contrast, the roles colored as dark blue, light blue, and pink are found at the periphery of the graph. Notably, nodes need not be near one another to be assigned to the same role; instead nodes with similar properties are grouped together across the graph by their role assignments.
Although not reflected by this example, weighted and directed graphs are also supported and will yield weighted and directed variants of the extracted features.
For general usage, begin by importing the two feature and role extraction classes:
>>> from graphrole import RecursiveFeatureExtractor, RoleExtractor
Features are then extracted from a graph G
into a pandas.DataFrame
:
>>> feature_extractor = RecursiveFeatureExtractor(G)
>>> features = feature_extractor.extract_features()
Next, these features are used to learn roles. The number of roles is automatically determined by
a model selection procedure when n_roles=None
is passed to the RoleExtractor
class instance.
Alternatively, n_roles
can be set to a desired number of roles to be extracted.
>>> role_extractor = RoleExtractor(n_roles=None)
>>> role_extractor.extract_role_factors(features)
The role assignment for each node can be retrieved as a dictionary:
>>> role_extractor.roles
Alternatively, roles can be viewed as a soft assignment and a node's percent membership to each role
can be retrieved as a pandas.DataFrame
:
>>> role_extractor.role_percentage
GraphRole
uses predefined structural graph properties for constructing features. It is also possible, as of version 1.1.0, to optionally include numeric node attributes as features. Providing a graph annotated with node attributes to GraphRole
allows a user to seed the recursive feature extraction process with user-defined features for each node.
Node attributes are enabled by passing attributes=True
as a kwarg to the RecursiveFeatureExtractor
:
>>> feature_extractor = RecursiveFeatureExtractor(G, attributes=True)
Providing this kwarg will automatically include all numeric node attributes as features to be included in the recursive feature calculations. Attributes with non-numeric values are always skipped (set to zero). Note that the feature names associated with node attributes will be the provided attribute name prepended with a prefix of attribute_
.
A list of attributes to be included for feature calculation instead of defaulting to all numeric attributes can be provided as:
>>> feature_extractor = RecursiveFeatureExtractor(G, attributes=True, attributes_include=['attr1', 'attr3'])
which will specify the use of only node attributes attr1
and attr3
.
A list of attributes to be excluded for feature calculation from the default of all numeric attributes can be provided as:
>>> feature_extractor = RecursiveFeatureExtractor(G, attributes=True, attributes_exclude=['attr2'])
which will specify the use of all node attributes other than attr2
.
For safety, the attributes_exclude
list takes priority over the attributes_include
list when conflicting specifications are provided.
Note: igraph
uses the attribute name
to store an identifier for all nodes and therefore the corresponding attribute value is never used for feature calculations. The attribute name
, even if overwritten by the user, is always skipped for igraph
graph instances.
An interface for graph data structures is provided in the graphrole.graph.interface
module. Implementations for networkx
and igraph
are included.
The igraph
package is not included in requirements.txt
and thus will need to be manually installed
if desired. This is due to additional installation requirements beyond pip install python-igraph
; see
the igraph documentation for more details. Note that all tests
that require igraph
will be skipped if it is not installed.
To add an implementation of an additional graph library or data structure:
BaseGraphInterface
ABC in graphrole.graph.interface.base.py
and implement the required methodsINTERFACES
dict in graphrole.graph.interface.__init__.py
to make the new subclass discoverablesetUpClass()
classmethod of a subclass of BaseGraphInterfaceTest.BaseGraphInterfaceTestCases
in the tests.test_graph.test_interface.py
modulesetUpClass()
classmethod of a subclass of BaseRecursiveFeatureExtractorTest.TestCases
in the tests.test_features.test_extract.py
moduleModel explanation ("sense making") will be added to the RoleExtractor
class in a future release.
To run tests:
$ python -m unittest discover -v
As noted above, the tests for the igraph
interface are skipped when igraph
is not installed. Because this package is intentionally not required, the test coverage reported above is much lower than when igraph
is installed and its interface tests are not skipped (97% coverage to date).
[1] Henderson, et al. It’s Who You Know: Graph Mining Using Recursive Structural Features.
[2] Henderson, et al. RolX: Structural Role Extraction & Mining in Large Graphs.
FAQs
Automatic feature extraction and node role assignment for transfer learning on graphs
We found that graphrole demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.