Multivariate Time Series (MTS) forecasting is a fundamental task with numerous real-world applications, such as transportation, climate, and epidemiology. While a myriad of powerful deep learning models have been developed for this task, few works have explored the robustness of MTS forecasting models to malicious attacks, which is crucial for their trustworthy employment in high-stake scenarios. To address this gap, we dive deep into the backdoor attacks on MTS forecasting models and propose an effective attack method named BackTime.By subtly injecting a few stealthy triggers into the MTS data, BackTime can alter the predictions of the forecasting model according to the attacker's intent. Specifically, BackTime first identifies vulnerable timestamps in the data for poisoning, and then adaptively synthesizes stealthy and effective triggers by solving a bi-level optimization problem with a GNN-based trigger generator. Extensive experiments across multiple datasets and state-of-the-art MTS forecasting models demonstrate the effectiveness, versatility, and stealthiness of \method{} attacks. The code is available at \url{https://github.com/xiaolin-cs/BackTime}.

翻译：多元时间序列预测是一项基础任务，在交通、气候、流行病学等诸多现实应用中具有广泛用途。尽管已为此任务开发了大量强大的深度学习模型，但鲜有研究探讨多元时间序列预测模型对恶意攻击的鲁棒性，而这对其在高风险场景中的可信部署至关重要。为填补这一空白，本文深入研究了针对多元时间序列预测模型的后门攻击，并提出了一种名为BackTime的高效攻击方法。通过向多元时间序列数据中巧妙注入少量隐蔽触发器，BackTime能够根据攻击者意图改变预测模型的输出结果。具体而言，BackTime首先识别数据中易受攻击的时间戳进行投毒，随后通过求解基于图神经网络（GNN）的触发器生成器构建的双层优化问题，自适应地合成隐蔽且高效的触发器。在多个数据集及前沿多元时间序列预测模型上进行的大量实验，证明了\method{}攻击的有效性、普适性与隐蔽性。代码发布于\url{https://github.com/xiaolin-cs/BackTime}。