TY - JOUR
T1 - Investigating Machine Learning Attacks on Financial Time Series Models
AU - Gallagher, Michael
AU - Pitropakis, Nikolaos
AU - Chrysoulas, Christos
AU - Papadopoulos, Pavlos
AU - Mylonas, Alexios
AU - Katsikas, Sokratis
N1 - © 2022 The Author(s). Published by Elsevier Ltd. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/)
PY - 2022/12/31
Y1 - 2022/12/31
N2 - Machine learning and Artificial Intelligence (AI) already support human decision-making and complement professional roles, and are expected in the future to be sufficiently trusted to make autonomous decisions. To trust AI systems with such tasks, a high degree of confidence in their behaviour is needed. However, such systems can make drastically different decisions if the input data is modified, in a way that would be imperceptible to humans. The field of Adversarial Machine Learning studies how this feature could be exploited by an attacker and the countermeasures to defend against them. This work examines the Fast Gradient Signed Method (FGSM) attack, a novel Single Value attack and the Label Flip attack on a trending architecture, namely a 1-Dimensional Convolutional Neural Network model used for time series classification. The results show that the architecture was susceptible to these attacks and that, in their face, the classifier accuracy was significantly impacted.
AB - Machine learning and Artificial Intelligence (AI) already support human decision-making and complement professional roles, and are expected in the future to be sufficiently trusted to make autonomous decisions. To trust AI systems with such tasks, a high degree of confidence in their behaviour is needed. However, such systems can make drastically different decisions if the input data is modified, in a way that would be imperceptible to humans. The field of Adversarial Machine Learning studies how this feature could be exploited by an attacker and the countermeasures to defend against them. This work examines the Fast Gradient Signed Method (FGSM) attack, a novel Single Value attack and the Label Flip attack on a trending architecture, namely a 1-Dimensional Convolutional Neural Network model used for time series classification. The results show that the architecture was susceptible to these attacks and that, in their face, the classifier accuracy was significantly impacted.
KW - Adversarial machine learning
KW - financial time-series models
KW - neural networks
UR - http://www.scopus.com/inward/record.url?scp=85140731123&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2022.102933
DO - 10.1016/j.cose.2022.102933
M3 - Article
SN - 0167-4048
VL - 123
JO - Computers and Security
JF - Computers and Security
M1 - 102933
ER -