TY - GEN
T1 - Data Poisoning Attack to X-armed Bandits
AU - Luo, Zhi
AU - Li, Youqi
AU - Chen, Lixing
AU - Xu, Zichuan
AU - Zhou, Pan
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - X-armed bandits have achieved the state-of-the-art performance in optimizing unknown stochastic continuous functions, which can model many machine learning tasks, specially in big data-driven personalized recommendation. However, bandit algorithms are vulnerable to adversarial attacks. Existing works mainly focus on attacking multi-armed bandits in discrete setting; nevertheless, the attacks against X-armed bandits in continuous setting have not been well explored. In this paper, we aim to bridge this gap and investigate the robustness problem for the X-armed bandits. Specifically, we consider data poisoning attack and propose an attack algorithm named Confidence Poisoning Attack algorithm, which could hijack the clean tree-based X-armed bandits algorithm, i.e., high confidence tree (HCT) and make it choose the nodes including the arm targeted by the attacker very frequently with a sub-linear attack cost, i.e., O(Tα)(0 <α< 1), where T is the total number of rounds. We evaluate the efficiency of our proposed attack algorithm through theoretical analysis and experiments.
AB - X-armed bandits have achieved the state-of-the-art performance in optimizing unknown stochastic continuous functions, which can model many machine learning tasks, specially in big data-driven personalized recommendation. However, bandit algorithms are vulnerable to adversarial attacks. Existing works mainly focus on attacking multi-armed bandits in discrete setting; nevertheless, the attacks against X-armed bandits in continuous setting have not been well explored. In this paper, we aim to bridge this gap and investigate the robustness problem for the X-armed bandits. Specifically, we consider data poisoning attack and propose an attack algorithm named Confidence Poisoning Attack algorithm, which could hijack the clean tree-based X-armed bandits algorithm, i.e., high confidence tree (HCT) and make it choose the nodes including the arm targeted by the attacker very frequently with a sub-linear attack cost, i.e., O(Tα)(0 <α< 1), where T is the total number of rounds. We evaluate the efficiency of our proposed attack algorithm through theoretical analysis and experiments.
KW - X-armed bandits
KW - data poisoning attack
KW - recommendation system
KW - robustness
UR - http://www.scopus.com/inward/record.url?scp=85151713058&partnerID=8YFLogxK
U2 - 10.1109/TrustCom56396.2022.00055
DO - 10.1109/TrustCom56396.2022.00055
M3 - Conference contribution
AN - SCOPUS:85151713058
T3 - Proceedings - 2022 IEEE 21st International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022
SP - 345
EP - 351
BT - Proceedings - 2022 IEEE 21st International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 21st IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2022
Y2 - 9 December 2022 through 11 December 2022
ER -