Quickest Detection of Adversarial Attacks Against Correlated Equilibria
Authors: Kiarash Kazari, Aris Kanellopoulos, György Dán
AAAI 2025 | Venue PDF | Archive PDF | Plain Text | LLM Run Details
| Reproducibility Variable | Result | LLM Response |
|---|---|---|
| Research Type | Experimental | Our numerical results on the Sioux-Falls benchmark traffic routing game show that the proposed detection scheme can effectively limit the utility loss by a potential adversary. ... In this section we evaluate the proposed detection scheme against several adversarial strategies in two games. ... Figure 1a shows the mean detection delay vs. MTBFA for the considered attacks, obtained by varying the detector threshold µα. ... Figure 1b shows the attack impact during the attack as a function of the average MTBFA. |
| Researcher Affiliation | Academia | Kiarash Kazari, Aris Kanellopoulos, Gy orgy D an Division of Network and Systems Engineering, School of Electrical Engineering and Computer Science KTH Royal Institute of Technology, Stockholm, Sweden EMAIL, EMAIL, EMAIL |
| Pseudocode | Yes | Algorithm 1: Detection Strategy |
| Open Source Code | Yes | Code https://github.com/kiarashkaz/Detection-of-Adversarial-Attacks-against-CE |
| Open Datasets | Yes | Our numerical results on the Sioux-Falls benchmark traffic routing game show... Second, we consider a traffic routing game based on the model described in (Sessa et al. 2020) using the Sioux Falls traffic network (Le Blanc, Morlok, and Pierskalla 1975). |
| Dataset Splits | No | The paper does not provide specific training/test/validation dataset splits. It describes using a traffic routing game and running 'episodes' for evaluation, which implies simulation rather than fixed dataset splits typical for machine learning models. For the evaluation we ran episodes with a length of 104 time steps, and used ϵ = 0.1. For each scenario we ran 1000 episodes. |
| Hardware Specification | No | The computations were enabled by resources provided by the National Academic Infrastructure for Supercomputing in Sweden (NAISS) at Link oping University partially funded by the Swedish Research Council through grant agreement no. 2022-06725. This statement refers to general computing resources but does not provide specific hardware details such as GPU/CPU models or memory. |
| Software Dependencies | No | The paper mentions using the 'noregret learning algorithm GP-MW (Sessa et al. 2019)' for computing an approximate CCE, but does not specify any software names with version numbers for its implementation or other dependencies. |
| Experiment Setup | Yes | For the evaluation, we consider a minimum per step attack impact of ϵ = 0.5 and episodes with a maximum length of 105 time steps. ... In each episode of each scenario, the public signal is generated according to the corresponding adversarial strategy after the attack starts or π if there is no attack. ... The considered adversarial strategies correspond to θmin = 0.18, θ1 = 0.48, θ2 = 0.88, and a distribution chosen randomly from probability space Dϵ. ... We selected one of the agents as the victim and quantized its utility in 1000 bins, i.e., action profiles leading to utilities within the same quantization level were considered the same. Moreover, due to the large scale of utility values, we divided all the utilities by 1000. |