TL;DR
This paper investigates data poisoning attacks on pairwise ranking algorithms, proposing new attack methods reformulated as distributionally robust optimization problems, and demonstrates their effectiveness through simulations and real data experiments.
Contribution
It is the first systematic study of poisoning attacks on pairwise ranking, introducing DRO-based attack algorithms with theoretical guarantees.
Findings
Poisoning attacks can significantly degrade ranking accuracy.
Proposed methods outperform baseline attack strategies.
Experimental results confirm attack effectiveness on real datasets.
Abstract
As pairwise ranking becomes broadly employed for elections, sports competitions, recommendations, and so on, attackers have strong motivation and incentives to manipulate the ranking list. They could inject malicious comparisons into the training data to fool the victim. Such a technique is called poisoning attack in regression and classification tasks. In this paper, to the best of our knowledge, we initiate the first systematic investigation of data poisoning attacks on pairwise ranking algorithms, which can be formalized as the dynamic and static games between the ranker and the attacker and can be modeled as certain kinds of integer programming problems. To break the computational hurdle of the underlying integer programming problems, we reformulate them into the distributionally robust optimization (DRO) problems, which are computationally tractable. Based on such DRO formulations,…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
