Since the Internet of Things (IoT) is widely adopted using Android applications, detecting malicious Android apps is essential. In recent years, Android graph based deep learning research has proposed many approaches to extract relationships from the application as a graph to generate graph embeddings. First, we demonstrate the effectiveness of graph-based classification using Graph Neural Networks (GNN) based classifier to generate API graph embedding. The graph embedding is used with ‘Permission’ and ‘Intent’ to train multiple machine learning and deep learning algorithms to detect Android malware. The classification achieved an accuracy of 98.33% in CICMaldroid and 98.68% in Drebin dataset. However, the graph-based deep learning is vulnerable as an attacker can add fake relationships to avoid detection by the classifier. Second, we propose a Generative Adversarial Network (GAN) based algorithm named VGAEMalGAN to attack the graph-based GNN Android malware classifier. The VGAE-MalGAN generator generates adversarial malware API graphs, and the VGAE-MalGAN substitute detector (SD) tries to fit the detector. Experimental analysis shows that VGAE-MalGAN can effectively reduce the detection rate of GNN malware classifiers. Although the model fails to detect adversarial malware, experimental analysis shows that retraining the model with generated adversarial samples helps to combat adversarial attacks.