Skip to main content
SpringerLink
Log in

Targeted Attacks on Time Series Forecasting

  • Conference paper
  • First Online:
Advances in Knowledge Discovery and Data Mining (PAKDD 2023)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 13938))

Included in the following conference series:

  • 748 Accesses

Abstract

Time Series Forecasting (TSF) is well established in domains dealing with temporal data to predict future events yielding the basis for strategic decision-making. Previous research indicated that forecasting models are vulnerable to adversarial attacks, that is, maliciously crafted perturbations of the original data with the goal of altering the model’s predictions. However, attackers targeting specific outcomes pose a substantially more severe threat as they could manipulate the model and bend it to their needs. Regardless, there is no systematic approach for targeted adversarial learning in the TSF domain yet. In this paper, we introduce targeted attacks on TSF in a systematic manner. We establish a new experimental design standard regarding attack goals and perturbation control for targeted adversarial learning on TSF. For this purpose, we present a novel indirect sparse black-box evasion attack on TSF, n Vita. Additionally, we adapt the popular white-box attacks Fast Gradient Sign Method (FGSM) and Basic Iterative Method (BIM). Our experiments confirm not only that all three methods are effective but also that current state-of-the-art TSF models are indeed susceptible to attacks. These results motivate future research in this area to achieve higher reliability of forecasting models.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 49.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    All materials, including Python implementation, supplementary materials, and additional results, are available at https://github.com/ProfiterolePuff/nvita.

  2. 2.

    Source: https://open-power-system-data.org/.

  3. 3.

    Source: https://finance.yahoo.com/.

References

  1. Biggio, B., Fumera, G., Roli, F.: Multiple classifier systems for robust classifier design in adversarial environments. J. Mach. Learn. Cybern. 1, 27–41 (2010)

    Article  Google Scholar 

  2. Blundell, C., Cornebise, J., Kavukcuoglu, K., Wierstra, D.: Weight uncertainty in neural network. In: ICML, pp. 1613–1622. PMLR (2015)

    Google Scholar 

  3. Breiman, L.: Random forests. Mach. Learn. 45, 5–32 (2001)

    Article  MATH  Google Scholar 

  4. Cho, K., et al.: Learning phrase representations using RNN encoder-decoder for statistical machine translation. In: EMNLP (2014)

    Google Scholar 

  5. Cowtan, K.: The climate data guide: Global surface temperatures: berkeley earth surface temperatures (2019). https://bit.ly/3fAqtVg Accessed 18 Feb 2022

  6. Dalvi, N., Domingos, P., Sanghai, S., Verma, D.: Adversarial classification. In: The tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 99–108 (2004)

    Google Scholar 

  7. Dang-Nhu, R., Singh, G., Bielik, P., Vechev, M.: Adversarial attacks on probabilistic autoregressive forecasting models. In: III, H.D., Singh, A. (eds.) The 37th ICML. vol. 119, pp. 2356–2365. PMLR, 13–18 Jul 2020

    Google Scholar 

  8. Deb, C., Zhang, F., Yang, J., Lee, S.E., Shah, K.W.: A review on time series forecasting techniques for building energy consumption. Renew. Sustain. Energy Rev. 74, 902–924 (2017)

    Article  Google Scholar 

  9. Demontis, A., et al.: Yes, machine learning can be more secure! A case study on android malware detection. IEEE Trans. Dependable Secure Comput. 16(4), 711–724 (2017)

    Article  Google Scholar 

  10. Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9(8), 1735–1780 (1997)

    Article  Google Scholar 

  11. Van Houdt, G., Mosquera, C., Nápoles, G.: A review on the long short-term memory model. Artif. Intell. Rev. 53(8), 5929–5955 (2020). https://doi.org/10.1007/s10462-020-09838-1

    Article  Google Scholar 

  12. Kołcz, A., Teo, C.H.: Feature weighting for improved classifier robustness. In: CEAS ’09, Mountain View, CA, USA (2009)

    Google Scholar 

  13. Lecun, Y., Bottou, L., Bengio, Y., Haffner, P.: Gradient-based learning applied to document recognition. IEEE 86(11), 2278–2324 (1998)

    Article  Google Scholar 

  14. Liu, L., Park, Y., Hoang, T.N., Hasson, H., Huan, J.: Towards robust multivariate time-series forecasting: adversarial attacks and defense mechanisms. In: KDD 2022 Workshop on Mining and Learning from Time Series - Deep Forecasting: Models, Interpretability, and Applications (2022)

    Google Scholar 

  15. Mathieu, E., et al.: Coronavirus pandemic (covid-19). Our World in Data (2020). https://ourworldindata.org/coronavirus

  16. Mode, G.R., Hoque, K.A.: Adversarial examples in deep learning for multivariate time series regression. In: 2020 IEEE Applied Imagery Pattern Recognition Workshop (AIPR), pp. 1–10. IEEE (2020)

    Google Scholar 

  17. Mondal, P., Shit, L., Goswami, S.: Study of effectiveness of time series modeling (arima) in forecasting stock prices. IJCSEA 4(2), 13 (2014)

    Article  Google Scholar 

  18. Razvan-Gabriel Cirstea, Chenjuan Guo, B.Y.: Graph attention recurrent neural networks for correlated time series forecasting. In: KDD MiLeTS19 (2019)

    Google Scholar 

  19. Rumelhart, D.E., Hinton, G.E., Williams, R.J.: Learning representations by back-propagating errors. Nature 323, 533–536 (1986)

    Article  MATH  Google Scholar 

  20. Storn, R., Price, K.: Differential evolution: A simple and efficient adaptive scheme for global optimization over continuous spaces. J. Global Optim. 23 (1995)

    Google Scholar 

  21. Su, J., Vargas, D.V., Sakurai, K.: One pixel attack for fooling deep neural networks. IEEE Trans. Evol. Comput. 23(5), 828–841 (2019)

    Article  Google Scholar 

  22. Wu, T., Wang, X., Qiao, S., Xian, X., Liu, Y., Zhang, L.: Small perturbations are enough: Adversarial attacks on time series prediction. Inf. Sci. 587, 794–812 (2022)

    Article  Google Scholar 

  23. Xu, A., Wang, X., Zhang, Y., Wu, T., Xian, X.: Adversarial attacks on deep neural networks for time series prediction. In: 2021 10th ICICSE, pp. 8–14 (2021)

    Google Scholar 

  24. Yoon, Y., Swales, G.: Predicting stock price performance: a neural network approach. In: The Twenty-Fourth Annual Hawaii International Conference on System Sciences, vol. 4, pp. 156–162 (1991)

    Google Scholar 

  25. Zhang, G., Patuwo, B.E., Hu, M.Y.: Forecasting with artificial neural networks: the state of the art. Int. J. Forecast. 14(1), 35–62 (1998)

    Article  Google Scholar 

  26. Zhang, X., et al.: Traffic flow forecasting with spatial-temporal graph diffusion network. In: The AAAI Conference on Artificial Intelligence, vol. 35, pp. 15008–15015 (2021)

    Google Scholar 

  27. Zhang, Z.: Multivariate Time Series Analysis in Climate and Environmental Research. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-67340-0

Download references

Acknowledgements

The authors wish to acknowledge the use of New Zealand eScience Infrastructure (NeSI) national facilities - https://www.nesi.org.nz.

Author information

Authors and Affiliations

  1. The University of Auckland, Auckland, New Zealand

    Zeyu Chen, Katharina Dost, Xuan Zhu, Xinglong Chang, Gillian Dobbie & Jörg Wicker

Authors
  1. Zeyu Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Katharina Dost
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xuan Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xinglong Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Gillian Dobbie
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Jörg Wicker
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zeyu Chen .

Editor information

Editors and Affiliations

  1. Kyoto University, Kyoto, Japan

    Hisashi Kashima

  2. IBM Research, Thomas J. Watson Research Center, Yorktown Heights, NY, USA

    Tsuyoshi Ide

  3. National Chiao Tung University, Hsinchu, Taiwan

    Wen-Chih Peng

1 Electronic supplementary material

Below is the link to the electronic supplementary material.

Supplementary material 1 (pdf 314 KB)

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chen, Z., Dost, K., Zhu, X., Chang, X., Dobbie, G., Wicker, J. (2023). Targeted Attacks on Time Series Forecasting. In: Kashima, H., Ide, T., Peng, WC. (eds) Advances in Knowledge Discovery and Data Mining. PAKDD 2023. Lecture Notes in Computer Science(), vol 13938. Springer, Cham. https://doi.org/10.1007/978-3-031-33383-5_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-33383-5_25

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-33382-8

  • Online ISBN: 978-3-031-33383-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation