Real-world deep learning models developed for Time Series Forecasting are used in several critical applications ranging from medical devices to the security domain. Many previous works have shown how deep learning models are prone to adversarial attacks and studied their vulnerabilities. However, the vulnerabilities of time series models for forecasting due to adversarial inputs are not extensively explored. While the attack on a forecasting model might aim to deteriorate the performance of the model, it is more effective, if the attack is focused on a specific impact on the model's output. In this paper, we propose a novel formulation of Directional, Amplitudinal, and Temporal targeted adversarial attacks on time series forecasting models. These targeted attacks create a specific impact on the amplitude and direction of the output prediction. We use the existing adversarial attack techniques from the computer vision domain and adapt them for time series. Additionally, we propose a modified version of the Auto Projected Gradient Descent attack for targeted attacks. We examine the impact of the proposed targeted attacks versus untargeted attacks. We use KS-Tests to statistically demonstrate the impact of the attack. Our experimental results show how targeted attacks on time series models are viable and are more powerful in terms of statistical similarity. It is, hence difficult to detect through statistical methods. We believe that this work opens a new paradigm in the time series forecasting domain and represents an important consideration for developing better defenses.

翻译：为时间序列预测开发的现实世界深度学习模型被用于从医疗设备到安全领域的多项关键应用。先前许多研究已表明深度学习模型易受对抗攻击影响，并探讨了其脆弱性。然而，因对抗性输入导致的时间序列预测模型漏洞尚未得到广泛探索。尽管针对预测模型的攻击可能旨在降低模型性能，但若攻击聚焦于对模型输出的特定影响，则更具实效性。本文提出了一种针对时间序列预测模型的定向、振幅与时域定向攻击的新颖形式化方法。这些定向攻击对输出预测的振幅与方向产生特定影响。我们借鉴计算机视觉领域的现有对抗攻击技术，并将其适配于时间序列场景。此外，我们针对定向攻击提出了一种改进的自动投影梯度下降攻击版本。我们考察了所提议的定向攻击与非定向攻击的差异，并采用KS检验从统计角度证实攻击效果。实验结果表明，对时间序列模型的定向攻击具有可行性，且在统计相似性方面更具威力，因此难以通过统计方法检测。我们相信，该工作为时间序列预测领域开辟了新的研究范式，并对开发更优防御策略具有重要意义。