Adversarial Attacks on Probabilistic Autoregressive Forecasting Models
Authors: Raphaël Dang-Nhu, Gagandeep Singh, Pavol Bielik, Martin Vechev
ICML 2020 | Conference PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | We demonstrate that our approach can successfully generate attacks with small input perturbations in two challenging tasks where robust decision making is crucial stock market trading and prediction of electricity consumption. |
| Researcher Affiliation | Academia | 1Department of Computer Science, ETH Z urich, Switzerland. Correspondence to: Rapha el Dang-Nhu <dangnhur@student.ethz.ch>. |
| Pseudocode | No | No explicit pseudocode or algorithm blocks were found in the paper. |
| Open Source Code | Yes | We make our code, datasets and scripts to reproduce our experiments available online1. 1https://github.com/eth-sri/ probabilistic-forecasts-attacks |
| Open Datasets | Yes | S&P 500 dataset, which contains historical prices of S&P 500 constituents from 1990/01 to 2000/12. (...) UCI electricity dataset4, which contains the electricity consumption of 370 households from 2011 to 2014, downsampled to hourly frequency for the measurements. 4https://archive.ics.uci.edu/ml/datasets/ Electricity Load Diagrams20112014 |
| Dataset Splits | Yes | We ensure that output sequences from the training and test sets do not overlap and reserve 15% of training samples as a validation set. |
| Hardware Specification | Yes | We performed all experiments on a machine running Ubuntu 18.04, with 2.00GHz Intel Xeon E5-2650 CPU and using a single Ge Force RTX 2080 Ti GPU. |
| Software Dependencies | No | The paper mentions the operating system (Ubuntu 18.04) and general tools (Amazon Sage Maker toolkit) but does not specify versions for key software dependencies like programming languages (e.g., Python), deep learning frameworks (e.g., TensorFlow, PyTorch), or specific libraries. |
| Experiment Setup | Yes | We set τ to be the average over all stocks of the ground truth cumulated return, which leads to roughly balanced decisions to buy and sell. We attack the statistic χ twice. First, we perturb all samples initially classified as buy or uncertain, in order to make it classify as sell. Similarly, we perturb all samples initially classified as sell or uncertain, in order to make it classify as buy. The target of the attack is set as τ + λ for the buy attack and τ λ for the sell attack. We fix λ = 0.03 in our experiments. |