Attack based on data: a novel perspective to attack sensitive points directly

• Published in: Cybersecurity (Singapore) Vol. 6; no. 1; pp. 43 - 13
• Main Authors: Ge, Yuyao, Yang, Zhongguo, Chen, Lizhe, Wang, Yiming, Li, Chengyang
• Format: Journal Article
• Language: English
• Published: Singapore Springer Nature Singapore 01.12.2023; Springer Nature B.V; SpringerOpen
• Subjects: Black-box adversarial attack; Classification; Computer Applications; Computer Science; Cybercrime; Cybersecurity; Data mining; Datasets; Deep learning; Genetic algorithms; Methods; Optimization; Prediction models; Time series; Time series classification; Data mining; Time series classification; Black-box adversarial attack
• ISSN: 2523-3246; 2523-3246
• DOI: 10.1186/s42400-023-00179-4

Adversarial attack for time-series classification model is widely explored and many attack methods are proposed. But there is not a method of attack based on the data itself. In this paper, we innovatively proposed a black-box sparse attack method based on data location. Our method directly attack the sensitive points in the time-series data according to statistical features extract from the dataset. At first, we have validated the transferability of sensitive points among DNNs with different structures. Secondly, we use the statistical features extract from the dataset and the sensitive rate of each point as the training set to train the predictive model. Then, predicting the sensitive rate of test set by predictive model. Finally, perturbing according to the sensitive rate. The attack is limited by constraining the L0 norm to achieve one-point attack. We conduct experiments on several datasets to validate the effectiveness of this method.