TY - GEN
T1 - On Poisoning Attacks and Defenses for LSTM Time Series Prediction Models
T2 - 20th IEEE International Wireless Communications and Mobile Computing Conference, IWCMC 2024
AU - Chen, Yi Yu
AU - Hung, Hui Nien
AU - Yang, Shun Ren
AU - Yen, Chia Cheng
AU - Lin, Phone
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - The Long Short-Term Memory (LSTM) model has significantly improved time series prediction accuracy, but also brought forth concerns regarding reliability and security with its widespread adoption, particularly in the context of poisoning attacks. While there is substantial research on attacks and defenses for LSTM models, there's limited focus on LSTM time series prediction models. In this paper, we propose an arithmetic-based poisoning attack methodology for a demonstrative LSTM time series speed prediction model. Furthermore, we employ the 'red team/blue team exercises' commonly used in network security to develop defense strategies using support vector machine and linear regression analysis methods. Through the system-level simulation experiments, we verify the effectiveness of our proposed methodology. Our experiment results indicate that, regarding attacks, our methodology can identify the optimal attacks for the representative road segments. As for defenses, we demonstrate that the defended model's performance is close to the real model's performance.
AB - The Long Short-Term Memory (LSTM) model has significantly improved time series prediction accuracy, but also brought forth concerns regarding reliability and security with its widespread adoption, particularly in the context of poisoning attacks. While there is substantial research on attacks and defenses for LSTM models, there's limited focus on LSTM time series prediction models. In this paper, we propose an arithmetic-based poisoning attack methodology for a demonstrative LSTM time series speed prediction model. Furthermore, we employ the 'red team/blue team exercises' commonly used in network security to develop defense strategies using support vector machine and linear regression analysis methods. Through the system-level simulation experiments, we verify the effectiveness of our proposed methodology. Our experiment results indicate that, regarding attacks, our methodology can identify the optimal attacks for the representative road segments. As for defenses, we demonstrate that the defended model's performance is close to the real model's performance.
KW - Long Short-Term Memory (LSTM) network
KW - poisoning attack and defense
KW - Red Team/Blue Team exercises
KW - speed prediction
UR - http://www.scopus.com/inward/record.url?scp=85199973866&partnerID=8YFLogxK
U2 - 10.1109/IWCMC61514.2024.10592413
DO - 10.1109/IWCMC61514.2024.10592413
M3 - Conference contribution
AN - SCOPUS:85199973866
T3 - 20th International Wireless Communications and Mobile Computing Conference, IWCMC 2024
SP - 610
EP - 615
BT - 20th International Wireless Communications and Mobile Computing Conference, IWCMC 2024
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 27 May 2024 through 31 May 2024
ER -