Saved in:
Bibliographic Details
Main Authors: Krishan, Pooja, Mohapatra, Rohan, Das, Sanchari, Sengupta, Saptarshi
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2408.14875
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866914016529481728
author Krishan, Pooja
Mohapatra, Rohan
Das, Sanchari
Sengupta, Saptarshi
author_facet Krishan, Pooja
Mohapatra, Rohan
Das, Sanchari
Sengupta, Saptarshi
contents The emergence of deep learning models has revolutionized various industries over the last decade, leading to a surge in connected devices and infrastructures. However, these models can be tricked into making incorrect predictions with high confidence, leading to disastrous failures and security concerns. To this end, we explore the impact of adversarial attacks on multivariate time-series forecasting and investigate methods to counter them. Specifically, we employ untargeted white-box attacks, namely the Fast Gradient Sign Method (FGSM) and the Basic Iterative Method (BIM), to poison the inputs to the training process, effectively misleading the model. We also illustrate the subtle modifications to the inputs after the attack, which makes detecting the attack using the naked eye quite difficult. Having demonstrated the feasibility of these attacks, we develop robust models through adversarial training and model hardening. We are among the first to showcase the transferability of these attacks and defenses by extrapolating our work from the benchmark electricity data to a larger, 10-year real-world data used for predicting the time-to-failure of hard disks. Our experimental results confirm that the attacks and defenses achieve the desired security thresholds, leading to a 72.41% and 94.81% decrease in RMSE for the electricity and hard disk datasets respectively after implementing the adversarial defenses.
format Preprint
id arxiv_https___arxiv_org_abs_2408_14875
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Adversarial Attacks and Defenses in Multivariate Time-Series Forecasting for Smart and Connected Infrastructures
Krishan, Pooja
Mohapatra, Rohan
Das, Sanchari
Sengupta, Saptarshi
Machine Learning
Artificial Intelligence
Cryptography and Security
Performance
B.1.3; I.2.4
The emergence of deep learning models has revolutionized various industries over the last decade, leading to a surge in connected devices and infrastructures. However, these models can be tricked into making incorrect predictions with high confidence, leading to disastrous failures and security concerns. To this end, we explore the impact of adversarial attacks on multivariate time-series forecasting and investigate methods to counter them. Specifically, we employ untargeted white-box attacks, namely the Fast Gradient Sign Method (FGSM) and the Basic Iterative Method (BIM), to poison the inputs to the training process, effectively misleading the model. We also illustrate the subtle modifications to the inputs after the attack, which makes detecting the attack using the naked eye quite difficult. Having demonstrated the feasibility of these attacks, we develop robust models through adversarial training and model hardening. We are among the first to showcase the transferability of these attacks and defenses by extrapolating our work from the benchmark electricity data to a larger, 10-year real-world data used for predicting the time-to-failure of hard disks. Our experimental results confirm that the attacks and defenses achieve the desired security thresholds, leading to a 72.41% and 94.81% decrease in RMSE for the electricity and hard disk datasets respectively after implementing the adversarial defenses.
title Adversarial Attacks and Defenses in Multivariate Time-Series Forecasting for Smart and Connected Infrastructures
topic Machine Learning
Artificial Intelligence
Cryptography and Security
Performance
B.1.3; I.2.4
url https://arxiv.org/abs/2408.14875