An Adversarial Attack Method for Multivariate Time Series Classification Based on AdvGAN

Yubo Wang; Hui He; Peng Zhang; Yuanchi Ma; Zhongxiang Lei; Zhendong Niu

doi:10.1007/978-981-96-2409-6_19

An Adversarial Attack Method for Multivariate Time Series Classification Based on AdvGAN

Yubo Wang, Hui He, Peng Zhang, Yuanchi Ma, Zhongxiang Lei, Zhendong Niu^*

^*Corresponding author for this work

School of Computer Science and Technology

Beijing Institute of Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Considering the complexity of time series data and real-world applications, multivariate time series classification models are vulnerable to adversarial attacks. Although existing white-box attack strategies have made progress in generating adversarial samples, they rely on access to the target model’s parameters, training data, and gradients. Therefore, we apply AdvGAN framework for multivariate time series classification. AdvGAN is designed as a framework based on Generative Adversarial Networks (GANs), encompassing a generator, discriminator. The generator creates multivariate perturbations, and the perturbations combine with original data to form adversarial samples. The discriminator assesses the authenticity of these samples. These samples are then used to evaluate the security of the target model. We conducts experiments across three University of East Anglia (UEA) and University of California Riverside (UCR) datasets, employing the Multivariate Long Short Term Memory Fully Convolutional Network (MLSTM_FCN) as the target model for adversarial attack testing. The results indicate that our designed attack method effectively enhances the success rate of adversarial attacks while maintaining a similar level of Mean Squared Error (MSE) between the generated adversarial samples and the original samples.

Original language	English
Title of host publication	Proceedings of the 2023 International Conference on Wireless Communications, Networking and Applications
Editors	Patrick Siarry, M.A. Jabbar, Simon King Sing Cheung, Xiaolong Li
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	194-202
Number of pages	9
ISBN (Print)	9789819624089
DOIs	https://doi.org/10.1007/978-981-96-2409-6_19
Publication status	Published - 2025
Event	7th International Conference on Wireless Communications, Networking and Applications, WCNA 2023 - Shenzhen, China Duration: 29 Dec 2023 → 31 Dec 2023

Publication series

Name	Lecture Notes in Electrical Engineering
Volume	1361 LNEE
ISSN (Print)	1876-1100
ISSN (Electronic)	1876-1119

Conference

Conference	7th International Conference on Wireless Communications, Networking and Applications, WCNA 2023
Country/Territory	China
City	Shenzhen
Period	29/12/23 → 31/12/23

Keywords

Adversarial Attack
Generative Adversarial Network
Multivariate Time Series Classification

Access to Document

10.1007/978-981-96-2409-6_19

Cite this

Wang, Y., He, H., Zhang, P., Ma, Y., Lei, Z., & Niu, Z. (2025). An Adversarial Attack Method for Multivariate Time Series Classification Based on AdvGAN. In P. Siarry, M. A. Jabbar, S. K. S. Cheung, & X. Li (Eds.), Proceedings of the 2023 International Conference on Wireless Communications, Networking and Applications (pp. 194-202). (Lecture Notes in Electrical Engineering; Vol. 1361 LNEE). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-96-2409-6_19

Wang, Yubo ; He, Hui ; Zhang, Peng et al. / An Adversarial Attack Method for Multivariate Time Series Classification Based on AdvGAN. Proceedings of the 2023 International Conference on Wireless Communications, Networking and Applications. editor / Patrick Siarry ; M.A. Jabbar ; Simon King Sing Cheung ; Xiaolong Li. Springer Science and Business Media Deutschland GmbH, 2025. pp. 194-202 (Lecture Notes in Electrical Engineering).

@inproceedings{0649f120d5844a03abaee541af5bd0bf,

title = "An Adversarial Attack Method for Multivariate Time Series Classification Based on AdvGAN",

abstract = "Considering the complexity of time series data and real-world applications, multivariate time series classification models are vulnerable to adversarial attacks. Although existing white-box attack strategies have made progress in generating adversarial samples, they rely on access to the target model{\textquoteright}s parameters, training data, and gradients. Therefore, we apply AdvGAN framework for multivariate time series classification. AdvGAN is designed as a framework based on Generative Adversarial Networks (GANs), encompassing a generator, discriminator. The generator creates multivariate perturbations, and the perturbations combine with original data to form adversarial samples. The discriminator assesses the authenticity of these samples. These samples are then used to evaluate the security of the target model. We conducts experiments across three University of East Anglia (UEA) and University of California Riverside (UCR) datasets, employing the Multivariate Long Short Term Memory Fully Convolutional Network (MLSTM_FCN) as the target model for adversarial attack testing. The results indicate that our designed attack method effectively enhances the success rate of adversarial attacks while maintaining a similar level of Mean Squared Error (MSE) between the generated adversarial samples and the original samples.",

keywords = "Adversarial Attack, Generative Adversarial Network, Multivariate Time Series Classification",

author = "Yubo Wang and Hui He and Peng Zhang and Yuanchi Ma and Zhongxiang Lei and Zhendong Niu",

note = "Publisher Copyright: {\textcopyright} The Author(s) 2025.; 7th International Conference on Wireless Communications, Networking and Applications, WCNA 2023 ; Conference date: 29-12-2023 Through 31-12-2023",

year = "2025",

doi = "10.1007/978-981-96-2409-6_19",

language = "English",

isbn = "9789819624089",

series = "Lecture Notes in Electrical Engineering",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "194--202",

editor = "Patrick Siarry and M.A. Jabbar and Cheung, {Simon King Sing} and Xiaolong Li",

booktitle = "Proceedings of the 2023 International Conference on Wireless Communications, Networking and Applications",

address = "Germany",

}

Wang, Y, He, H, Zhang, P, Ma, Y, Lei, Z & Niu, Z 2025, An Adversarial Attack Method for Multivariate Time Series Classification Based on AdvGAN. in P Siarry, MA Jabbar, SKS Cheung & X Li (eds), Proceedings of the 2023 International Conference on Wireless Communications, Networking and Applications. Lecture Notes in Electrical Engineering, vol. 1361 LNEE, Springer Science and Business Media Deutschland GmbH, pp. 194-202, 7th International Conference on Wireless Communications, Networking and Applications, WCNA 2023, Shenzhen, China, 29/12/23. https://doi.org/10.1007/978-981-96-2409-6_19

An Adversarial Attack Method for Multivariate Time Series Classification Based on AdvGAN. / Wang, Yubo; He, Hui; Zhang, Peng et al.
Proceedings of the 2023 International Conference on Wireless Communications, Networking and Applications. ed. / Patrick Siarry; M.A. Jabbar; Simon King Sing Cheung; Xiaolong Li. Springer Science and Business Media Deutschland GmbH, 2025. p. 194-202 (Lecture Notes in Electrical Engineering; Vol. 1361 LNEE).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - An Adversarial Attack Method for Multivariate Time Series Classification Based on AdvGAN

AU - Wang, Yubo

AU - He, Hui

AU - Zhang, Peng

AU - Ma, Yuanchi

AU - Lei, Zhongxiang

AU - Niu, Zhendong

N1 - Publisher Copyright: © The Author(s) 2025.

PY - 2025

Y1 - 2025

N2 - Considering the complexity of time series data and real-world applications, multivariate time series classification models are vulnerable to adversarial attacks. Although existing white-box attack strategies have made progress in generating adversarial samples, they rely on access to the target model’s parameters, training data, and gradients. Therefore, we apply AdvGAN framework for multivariate time series classification. AdvGAN is designed as a framework based on Generative Adversarial Networks (GANs), encompassing a generator, discriminator. The generator creates multivariate perturbations, and the perturbations combine with original data to form adversarial samples. The discriminator assesses the authenticity of these samples. These samples are then used to evaluate the security of the target model. We conducts experiments across three University of East Anglia (UEA) and University of California Riverside (UCR) datasets, employing the Multivariate Long Short Term Memory Fully Convolutional Network (MLSTM_FCN) as the target model for adversarial attack testing. The results indicate that our designed attack method effectively enhances the success rate of adversarial attacks while maintaining a similar level of Mean Squared Error (MSE) between the generated adversarial samples and the original samples.

AB - Considering the complexity of time series data and real-world applications, multivariate time series classification models are vulnerable to adversarial attacks. Although existing white-box attack strategies have made progress in generating adversarial samples, they rely on access to the target model’s parameters, training data, and gradients. Therefore, we apply AdvGAN framework for multivariate time series classification. AdvGAN is designed as a framework based on Generative Adversarial Networks (GANs), encompassing a generator, discriminator. The generator creates multivariate perturbations, and the perturbations combine with original data to form adversarial samples. The discriminator assesses the authenticity of these samples. These samples are then used to evaluate the security of the target model. We conducts experiments across three University of East Anglia (UEA) and University of California Riverside (UCR) datasets, employing the Multivariate Long Short Term Memory Fully Convolutional Network (MLSTM_FCN) as the target model for adversarial attack testing. The results indicate that our designed attack method effectively enhances the success rate of adversarial attacks while maintaining a similar level of Mean Squared Error (MSE) between the generated adversarial samples and the original samples.

KW - Adversarial Attack

KW - Generative Adversarial Network

KW - Multivariate Time Series Classification

UR - http://www.scopus.com/inward/record.url?scp=86000713282&partnerID=8YFLogxK

U2 - 10.1007/978-981-96-2409-6_19

DO - 10.1007/978-981-96-2409-6_19

M3 - Conference contribution

AN - SCOPUS:86000713282

SN - 9789819624089

T3 - Lecture Notes in Electrical Engineering

SP - 194

EP - 202

BT - Proceedings of the 2023 International Conference on Wireless Communications, Networking and Applications

A2 - Siarry, Patrick

A2 - Jabbar, M.A.

A2 - Cheung, Simon King Sing

A2 - Li, Xiaolong

PB - Springer Science and Business Media Deutschland GmbH

T2 - 7th International Conference on Wireless Communications, Networking and Applications, WCNA 2023

Y2 - 29 December 2023 through 31 December 2023

ER -

Wang Y, He H, Zhang P, Ma Y, Lei Z, Niu Z. An Adversarial Attack Method for Multivariate Time Series Classification Based on AdvGAN. In Siarry P, Jabbar MA, Cheung SKS, Li X, editors, Proceedings of the 2023 International Conference on Wireless Communications, Networking and Applications. Springer Science and Business Media Deutschland GmbH. 2025. p. 194-202. (Lecture Notes in Electrical Engineering). doi: 10.1007/978-981-96-2409-6_19

An Adversarial Attack Method for Multivariate Time Series Classification Based on AdvGAN

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Cite this