Fortifying Time Series: DTW-Certified Robust Anomaly Detection

TL;DR

This paper introduces the first certifiable robustness method for time-series anomaly detection using Dynamic Time Warping (DTW), enhancing safety against adversarial attacks by adapting randomized smoothing.

Contribution

It develops a novel DTW-certified robust defense by bridging $ $-norm and DTW through a lower-bound transformation, filling a key gap in robustness guarantees for time-series data.

Findings

Achieves up to 18.7% F1-score improvement under DTW-based attacks.

Validates effectiveness across multiple datasets and models.

Provides the first certifiable robustness guarantee for DTW in time-series anomaly detection.

Abstract

Time-series anomaly detection is critical for ensuring safety in high-stakes applications, where robustness is a fundamental requirement rather than a mere performance metric. Addressing the vulnerability of these systems to adversarial manipulation is therefore essential. Existing defenses are largely heuristic or provide certified robustness only under $\ell_p$-norm constraints, which are incompatible with time-series data. In particular, $\ell_p$-norm fails to capture the intrinsic temporal structure in time series, causing small temporal distortions to significantly alter the $\ell_p$-norm measures. Instead, the similarity metric \emph{Dynamic Time Warping} (DTW) is more suitable and widely adopted in the time-series domain, as DTW accounts for temporal alignment and remains robust to temporal variations. To date, however, there has been no certifiable robustness result in this metric that provides guarantees. In this work, we introduce the first \emph{DTW-certified robust defense} in time-series anomaly detection by adapting the randomized smoothing paradigm. We develop this certificate by bridging the $\ell_p$-norm to DTW distance through a lower-bound transformation. Extensive experiments across various datasets and models validate the effectiveness and practicality of our theoretical approach. Results demonstrate significantly improved performance, e.g., up to 18.7\% in F1-score under DTW-based adversarial attacks compared to traditional certified models.