In this paper we explore the challenges and strategies for enhancing the robustness of $k$-means clustering algorithms against adversarial manipulations. We evaluate the vulnerability of clustering algorithms to adversarial attacks, emphasising the associated security risks. Our study investigates the impact of incremental attack strength on training, introduces the concept of transferability between supervised and unsupervised models, and highlights the sensitivity of unsupervised models to sample distributions. We additionally introduce and evaluate an adversarial training method that improves testing performance in adversarial scenarios, and we highlight the importance of various parameters in the proposed training method, such as continuous learning, centroid initialisation, and adversarial step-count.

翻译：本文探讨了提升 $k$-均值聚类算法对抗对抗性操控鲁棒性的挑战与策略。我们评估了聚类算法面对对抗攻击的脆弱性，强调了相关的安全风险。本研究考察了增量攻击强度对训练的影响，引入了监督模型与无监督模型间可迁移性的概念，并揭示了无监督模型对样本分布的敏感性。此外，我们提出并评估了一种对抗训练方法，该方法在对抗场景下提升了测试性能，同时强调了所提训练方法中各项参数的重要性，例如持续学习、质心初始化以及对抗步数。