Poisoning Attack Against Estimating From Pairwise Comparisons

doi:10.1109/TPAMI.2021.3087514

	Poisoning Attack Against Estimating From Pairwise Comparisons
	Ma, Ke 1,2; Xu, Qianqian 3; Zeng, Jinshan 4; Cao, Xiaochun 5,6; Huang, Qingming 1,2,3,7
	2022-10-01
发表期刊	IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE
ISSN	0162-8828
卷号	44 期号:10 页码:6393-6408
摘要	As pairwise ranking becomes broadly employed for elections, sports competitions, recommendation, information retrieval and so on, attackers have strong motivation and incentives to manipulate or disrupt the ranking list. They could inject malicious comparisons into the training data to fool the target ranking algorithm. Such a technique is called "poisoning attack" in regression and classification tasks. In this paper, to the best of our knowledge, we initiate the first systematic investigation of data poisoning attack on the pairwise ranking algorithms, which can be generally formalized as the dynamic and static games between the ranker and the attacker, and can be modeled as certain kinds of integer programming problems mathematically. To break the computational hurdle of the underlying integer programming problems, we reformulate them into the distributionally robust optimization (DRO) problems, which are computational tractable. Based on such DRO formulations, we propose two efficient poisoning attack algorithms and establish the associated theoretical guarantees including the existence of Nash equilibrium and the generalization ability bounds. The effectiveness of the suggested poisoning attack strategies is demonstrated by a series of toy simulations and several real data experiments. These experimental results show that the proposed methods can significantly reduce the performance of the ranker in the sense that the correlation between the true ranking list and the aggregated results with toxic data can be decreased dramatically.
关键词	Optimization Heuristic algorithms Sports Voting Uncertainty Games Data models Adversarial learning poisoning attack pairwise comparison rank aggregation robust game distributionally robust optimization
DOI	10.1109/TPAMI.2021.3087514
收录类别	SCI
语种	英语
资助项目	National Key R&D Program of China[2018AAA0102003] ; National Natural Science Foundation of China[61931008] ; National Natural Science Foundation of China[62025604] ; National Natural Science Foundation of China[U1936208] ; National Natural Science Foundation of China[61620106009] ; National Natural Science Foundation of China[61836002] ; National Natural Science Foundation of China[61977038] ; National Natural Science Foundation of China[61976202] ; National Natural Science Foundation of China[62006217] ; Thousand Talents Plan of Jiangxi Province[jxsq2019201124] ; Youth Innovation Promotion Association CAS ; Strategic Priority Research Program of Chinese Academy of Sciences[XDB28000000] ; China Postdoctoral Science Foundation[2021T140653] ; China Postdoctoral Science Foundation[2020M680651] ; Fundamental Research Funds for Central Universities
WOS研究方向	Computer Science ; Engineering
WOS类目	Computer Science, Artificial Intelligence ; Engineering, Electrical & Electronic
WOS记录号	WOS:000853875300040
出版者	IEEE COMPUTER SOC
引用统计	被引频次：10[WOS] [WOS记录] [WOS相关记录]
文献类型	期刊论文
条目标识符	http://119.78.100.204/handle/2XEOYT63/19417
专题	中国科学院计算技术研究所期刊论文_英文
通讯作者	Xu, Qianqian; Huang, Qingming
作者单位	1.Univ Chinese Acad Sci, Sch Comp Sci & Technol, Beijing 100049, Peoples R China 2.Peng Cheng Lab, Artificial Intelligence Res Ctr, Shenzhen 518055, Guangdong, Peoples R China 3.Chinese Acad Sci, Inst Comp Technol, Key Lab Intelligent Informat Proc, Beijing 100190, Peoples R China 4.Jiangxi Normal Univ, Sch Comp & Informat Engn, Nanchang 330022, Jiangxi, Peoples R China 5.Chinese Acad Sci, Inst Informat Engn, State Key Lab Informat Secur SKLOIS, Beijing 100093, Peoples R China 6.Univ Chinese Acad Sci, Sch Cyber Secur, Beijing 100049, Peoples R China 7.Univ Chinese Acad Sci, Sch Econ & Management, Key Lab Big Data Min & Knowledge Management, Beijing 100049, Peoples R China
推荐引用方式 GB/T 7714	Ma, Ke,Xu, Qianqian,Zeng, Jinshan,et al. Poisoning Attack Against Estimating From Pairwise Comparisons[J]. IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE,2022,44(10):6393-6408.
APA	Ma, Ke,Xu, Qianqian,Zeng, Jinshan,Cao, Xiaochun,&Huang, Qingming.(2022).Poisoning Attack Against Estimating From Pairwise Comparisons.IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE,44(10),6393-6408.
MLA	Ma, Ke,et al."Poisoning Attack Against Estimating From Pairwise Comparisons".IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE 44.10(2022):6393-6408.