Adversarial Attacks on Deep Models for Financial Transaction Records

Fursov, Ivan; Morozov, Matvey; Kaploukhaya, Nina; Kovtun, Elizaveta; Rivera-Castro, Rodrigo; Gusev, Gleb; Babaev, Dmitry; Kireev, Ivan; Zaytsev, Alexey; Burnaev, Evgeny

doi:10.1145/3447548.3467145

Cited by 18 publications

(9 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Apart from text data, recent research showed that only a couple of generated, false transaction prices in trading data can alter the response of deep learning models. 21 Using blackbox attack methods, meaning the attacker does not have access to the original model, Fursov et al (2021) finds that these attacks degrade model accuracy and result in significant financial losses. However, the authors also note that detecting and repelling most of these attacks is relatively straightforward.…”

Section: Potential Costmentioning

confidence: 99%

Technological and Economic Threats to the U.S. Financial System: An Initial Assessment of Growing Risks

2024

View full text Add to dashboard Cite

The resilience and stability of the U.S. financial system is critical to economic prosperity. However, the rapid pace of technological and geopolitical change introduces new potential threats that must be monitored and assessed. This report explores emerging and understudied threats to the financial system, focusing on risks from social media, advances in artificial intelligence, and from the changing role of economic statecraft in geopolitics.Drawing on historical examples, the economic literature, and discussions with subject-matter experts, we assess the potential costs and likelihood of four threats: attacks on financial trading models, bond dumping by foreign holders of U.S. debt, using deepfakes to spread misinformation, and memetic engineering to manipulate beliefs and behaviors. Our analysis suggests these threats pose a limited near-term risk of significant economic damage because of the interconnectivity of global finance and existing safeguards. However, the gradual erosion of financial resilience and institutional trust over time could make attacks more impactful.

show abstract

Section: Potential Costmentioning

confidence: 99%

Technological and Economic Threats to the U.S. Financial System: An Initial Assessment of Growing Risks

2024

View full text Add to dashboard Cite

show abstract

“…Nonetheless, in contrast to the actively researched adversarial attacks on static GNNs, the vulnerabilities of TGNNs to adversarial attacks remain underexplored, yet the significance of conducting such research is undeniable. For instance, in a financial attack (Fursov et al 2021;Zeager et al 2017) scenario, an adversary may inject adversarial transactions into the transaction graph, perturbing the timing and content of transactions to mislead the model running on the graph. This manipulation could lead to the model falsely predicting fraudulent transactions as legitimate, resulting in inaccurate risk predictions and potential financial losses.…”

Section: Introductionmentioning

confidence: 99%

Spear and Shield: Adversarial Attacks and Defense Methods for Model-Based Link Prediction on Continuous-Time Dynamic Graphs

Lee,

Shin

2024

AAAI

View full text Add to dashboard Cite

Real-world graphs are dynamic, constantly evolving with new interactions, such as financial transactions in financial networks. Temporal Graph Neural Networks (TGNNs) have been developed to effectively capture the evolving patterns in dynamic graphs. While these models have demonstrated their superiority, being widely adopted in various important fields, their vulnerabilities against adversarial attacks remain largely unexplored. In this paper, we propose T-SPEAR, a simple and effective adversarial attack method for link prediction on continuous-time dynamic graphs, focusing on investigating the vulnerabilities of TGNNs. Specifically, before the training procedure of a victim model, which is a TGNN for link prediction, we inject edge perturbations to the data that are unnoticeable in terms of the four constraints we propose, and yet effective enough to cause malfunction of the victim model. Moreover, we propose a robust training approach T-SHIELD to mitigate the impact of adversarial attacks. By using edge filtering and enforcing temporal smoothness to node embeddings, we enhance the robustness of the victim model. Our experimental study shows that T-SPEAR significantly degrades the victim model's performance on link prediction tasks, and even more, our attacks are transferable to other TGNNs, which differ from the victim model assumed by the attacker. Moreover, we demonstrate that T-SHIELD effectively filters out adversarial edges and exhibits robustness against adversarial attacks, surpassing the link prediction performance of the naive TGNN by up to 11.2% under T-SPEAR. The code and datasets are available at https://github.com/wooner49/T-spear-shield

show abstract

“…Similarly, despite advanced progress in face recognition and speech recognition that led to their deployment in real-world applications, such as retail, social networks, and intelligent homes, Vakhshiteh et al [24] and Schonherr et al [25] have demonstrated their vulnerabilities against numerous attacks to illustrate potential research directions in different areas. Even in the area of finance and health, which traditionally requires a high level of robustness in the system, adversarial attacks are capable of manipulating the system, for  ISSN: 2252-8938 example, by deceiving fraud detection engines to register fraudulent transactions [26], manipulating the health status of individuals [27], and fooling text classifiers [28]- [31].…”

Section: Introductionmentioning

confidence: 99%

Defense against adversarial attacks on deep convolutional neural networks through nonlocal denoising

Aneja

Abas

et al. 2022

IJ-AI

View full text Add to dashboard Cite

<p><span lang="EN-US">Despite substantial advances in network architecture performance, the susceptibility of adversarial attacks makes deep learning challenging to implement in safety-critical applications. This paper proposes a data-centric approach to addressing this problem. A nonlocal denoising method with different luminance values has been used to generate adversarial examples from the Modified National Institute of Standards and Technology database (MNIST) and Canadian Institute for Advanced Research (CIFAR-10) data sets. Under perturbation, the method provided absolute accuracy improvements of up to 9.3% in the MNIST data set and 13% in the CIFAR-10 data set. Training using transformed images with higher luminance values increases the robustness of the classifier. We have shown that transfer learning is disadvantageous for adversarial machine learning. The results indicate that simple adversarial examples can improve resilience and make deep learning easier to apply in various applications.</span></p>

show abstract

Adversarial Attacks on Deep Models for Financial Transaction Records

Cited by 18 publications

References 6 publications

Technological and Economic Threats to the U.S. Financial System: An Initial Assessment of Growing Risks

Technological and Economic Threats to the U.S. Financial System: An Initial Assessment of Growing Risks

Spear and Shield: Adversarial Attacks and Defense Methods for Model-Based Link Prediction on Continuous-Time Dynamic Graphs

Defense against adversarial attacks on deep convolutional neural networks through nonlocal denoising

Contact Info

Product

Resources

About