Fre-CW: Targeted Attack on Time Series Forecasting using Frequency Domain Loss

TL;DR

This paper introduces a novel adversarial attack method on time series forecasting models that leverages frequency domain loss, revealing their vulnerability and improving attack effectiveness.

Contribution

It is the first to utilize frequency domain information for adversarial attacks on time series prediction models, adapting classification attack methods to forecasting.

Findings

Forecasting models are vulnerable to frequency-based adversarial attacks.

The proposed method outperforms existing attack techniques.

Frequency domain loss enhances attack success rates.

Abstract

Transformer-based models have made significant progress in time series forecasting. However, a key limitation of deep learning models is their susceptibility to adversarial attacks, which has not been studied enough in the context of time series prediction. In contrast to areas such as computer vision, where adversarial robustness has been extensively studied, frequency domain features of time series data play an important role in the prediction task but have not been sufficiently explored in terms of adversarial attacks. This paper proposes a time series prediction attack algorithm based on frequency domain loss. Specifically, we adapt an attack method originally designed for classification tasks to the prediction field and optimize the adversarial samples using both time-domain and frequency-domain losses. To the best of our knowledge, there is no relevant research on using frequency information for time-series adversarial attacks. Our experimental results show that these current time series prediction models are vulnerable to adversarial attacks, and our approach achieves excellent performance on major time series forecasting datasets.