Attack based on data: a novel perspective to attack sensitive points directly-Reference-Cited by-同舟云学术

Attack based on data: a novel perspective to attack sensitive points directly

Published:2023-11-05 Issue:1 Volume:6 Page:
ISSN:2523-3246
Container-title:Cybersecurity
language:en
Short-container-title:Cybersecurity

Author:

Ge Yuyao,Yang Zhongguo^ORCID,Chen Lizhe,Wang Yiming,Li Chengyang

Abstract

AbstractAdversarial attack for time-series classification model is widely explored and many attack methods are proposed. But there is not a method of attack based on the data itself. In this paper, we innovatively proposed a black-box sparse attack method based on data location. Our method directly attack the sensitive points in the time-series data according to statistical features extract from the dataset. At first, we have validated the transferability of sensitive points among DNNs with different structures. Secondly, we use the statistical features extract from the dataset and the sensitive rate of each point as the training set to train the predictive model. Then, predicting the sensitive rate of test set by predictive model. Finally, perturbing according to the sensitive rate. The attack is limited by constraining the L0 norm to achieve one-point attack. We conduct experiments on several datasets to validate the effectiveness of this method.

Funder

International Cooperation and Exchange Program of National Natural Science Foundation of China

Publisher

Springer Science and Business Media LLC

Subject

Artificial Intelligence,Computer Networks and Communications,Information Systems,Software

Link

https://link.springer.com/content/pdf/10.1186/s42400-023-00179-4.pdf

Reference30 articles.

1. Abdelfattah SM, Abdelrahman GM, Wang M (2018) Augmenting the size of eeg datasets using generative adversarial networks. In: 2018 International joint conference on neural networks (IJCNN), pp 1–6. https://doi.org/10.1109/IJCNN.2018.8489727

2. Brendel W, Rauber J, Bethge M (2017) Decision-based adversarial attacks: Reliable attacks against black-box machine learning models. arXiv preprint arXiv:1712.04248

3. Carlini N, Wagner D (2017) Towards evaluating the robustness of neural networks. In: 2017 IEEE symposium on security and privacy (SP), pp 39–57. IEEE

4. Chen Y, Keogh E, Hu B, Begum N, Bagnall A, Mueen A, Batista G (2015) The UCR time series classification archive. www.cs.ucr.edu/eamonn/time_series_data/

5. Fawaz HI, Forestier G, Weber J, Idoumghar L, Muller P-A (2018) Evaluating surgical skills from kinematic data using convolutional neural networks. CoRR, abs/1806.02750 arxiv:1806.02750