Abstract
This chapter summarizes the game theoretical strategies for generating adversarial manipulations. The adversarial learning objective for our adversaries is assumed to be to inject small changes into the data distributions, defined over positive and negative class labels, to the extent that deep learning subsequently misclassifies the data distribution. Thus, the theoretical goal of our adversarial deep learning process becomes one of determining whether a manipulation of the input data has reached a learner decision boundary, i.e., where too many positive labels have become negative labels. The adversarial data is generated by solving for optimal attack policies in Stackelberg games where adversaries target the misclassification performance of deep learning. Sequential game theoretical formulations can model the interaction between an intelligent adversary and a deep learning model to generate adversarial manipulations by solving a two-player sequential non-cooperative Stackelberg game where each player’s payoff function increases with interactions to a local optimum. With a stochastic game theoretical formulation, we can then extend the two-player Stackelberg game into a multiplayer Stackelberg game with stochastic payoff functions for the adversaries. Both versions of the game are resolved through the Nash equilibrium, which refers to a pair of strategies in which there is no incentive for either the learner or the adversary to deviate from their optimal strategy. We can then explore adversaries who optimize variational payoff functions via data randomization strategies on deep learning designed for multi-label classification tasks. Similarly, the outcome of these investigations is an algorithm design that solves a variable-sum two-player sequential Stackelberg game with new Nash equilibria. The adversary manipulates variational parameters in the input data to mislead the learning process of the deep learning, so it misclassifies the original class labels as the targeted class labels. The ideal variational adversarial manipulation is the minimum change needed to the adversarial cost function of encoded data that will result in the deep learning incorrectly labeling the decoded data. The optimal manipulations are due to stochastic optima in non-convex best response strategies. The adversarial data generated by this variant of the Stackelberg games simulates continuous interactions with the classifier’s learning processes as opposed to one-time interactions. The learning process of the CNNs can be manipulated by an adversary at the input data level as well as the generated data level. We can then retrain the original deep learning model on the manipulated data to give rise to a secure adversarial deep learning model that is robust to subsequent performance vulnerabilities from game theoretical adversaries. Alternative hypotheses for such adversarial data mining in the game theoretical adversarial deep learning strategies are provided in cybersecurity applications with machine learning that is designed for security requirements. The game theoretical solution concepts lead to a deep neural network that is robust to subsequent data manipulation by a game theoretical adversary. This promising result suggests that learning algorithms based on game theoretical modeling and mathematical optimization are a significantly better approach to building more secure deep learning models.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
J. V. Alain Bensoussan, Jens Frehse, Nash and stackelberg differential games, Chinese Annals of Mathematics, Series B, 33 (2012), pp. 317–332.
T. Alpcan, B. I. P. Rubinstein, and C. Leckie, Large-scale strategic games and adversarial machine learning, in 2016 IEEE 55th Conference on Decision and Control, CDC, IEEE, Dec 2016, pp. 4420–4426.
T. Alpcan, B. I. P. Rubinstein, and C. Leckie, Large-scale strategic games and adversarial machine learning, in 2016 IEEE 55th Conference on Decision and Control (CDC), 2016.
K. Asif, W. **ng, S. Behpour, and B. D. Ziebart, Adversarial cost-sensitive classification, in Proceedings of the Thirty-First Conference on Uncertainty in Artificial Intelligence, UAI’15, Arlington, Virginia, USA, 2015, AUAI Press, pp. 92–101.
D. Balduzzi, Grammars for games: A gradient-based, game-theoretic framework for optimization in deep learning, Frontiers Robotics AI, 2 (2016), p. 39.
T. Basar and J. Moon, Riccati equations in nash and stackelberg differential and dynamic games, IFAC-PapersOnLine, 50 (2017), pp. 9547–9554. 20th IFAC World Congress.
A. Bear and F. Cushman, Loss functions modulate the optimal bias-variance trade-off, in CogSci, cognitivesciencesociety.org, 2020.
C. Bector and S. Chandra, Fuzzy Mathematical Programming and Fuzzy Matrix Games, vol. 169, 01 2005.
E. Begoli and J. Horey, Design principles for effective knowledge discovery from big data, in 2012 Joint Working IEEE/IFIP Conference on Software Architecture and European Conference on Software Architecture, 2012, pp. 215–218.
M. Belkin, D. J. Hsu, S. Ma, and S. Mandal, Reconciling modern machine learning practice and the classical bias-variance trade-off, Proceedings of the National Academy of Sciences, 116 (2019), pp. 15849–15854.
L. Bianchi, M. Dorigo, L. M. Gambardella, and W. J. Gutjahr, A survey on metaheuristics for stochastic combinatorial optimization, Natural Computing: An International Journal, 8 (2009).
B. Biggio, G. Fumera, and F. Roli, Adversarial pattern classification using multiple classifiers and randomisation, in Structural, Syntactic, and Statistical Pattern Recognition, N. da Vitoria Lobo, T. Kasparis, F. Roli, J. T. Kwok, M. Georgiopoulos, G. C. Anagnostopoulos, and M. Loog, eds., Berlin, Heidelberg, 2008, Springer Berlin Heidelberg, pp. 500–509.
——, Poisoning attacks against support vector machines, in Proceedings of the 29th International Coference on International Conference on Machine Learning, ICML’12, USA, 2012, Omnipress, pp. 1467–1474.
A. Blum, J. Morgenstern, A. Sharma, and A. Smith, Privacy-preserving public information for sequential games, in Proceedings of the 2015 Conference on Innovations in Theoretical Computer Science, ITCS ’15, New York, NY, USA, 2015, Association for Computing Machinery.
B. Bohrer and A. Platzer, Structured proofs for adversarial cyber-physical systems, ACM Trans. Embed. Comput. Syst., 20 (2021).
G. Bonanno, Epistemic foundations of game theory, Working Papers 106, University of California, Davis, Department of Economics, June 2014.
M. Bowling and M. Veloso, An analysis of stochastic game theory for multiagent reinforcement learning, Technical report CMU-CS-00-165, Computer Science Department, Carnegie Mellon University, 2000.
M. Bowling and M. Veloso, Rational and convergent learning in stochastic games, in Proceedings of the 17th International Joint Conference on Artificial Intelligence - Volume 2, IJCAI’01, San Francisco, CA, USA, 2001, Morgan Kaufmann Publishers Inc.
M. Brand and D. L. Dowe, The imp game: Learnability, approximability and adversarial learning beyond\(\sigma ^0_1\), J. Log. Comput., 27 (2017), pp. 2171–2192.
A. Bressan, Noncooperative differential games, Milan Journal of Mathematics, 79 (2011), pp. 357–427.
M. Brückner, Prediction games: machine learning in the presence of an adversary, PhD thesis, University of Potsdam, 2012.
M. Brückner, C. Kanzow, and T. Scheffer, Static prediction games for adversarial learning problems, J. Mach. Learn. Res., (2012).
M. Bruckner and T. Scheffer, Stackelberg games for adversarial prediction problems, in Proceedings of the 17th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD ’11, New York, NY, USA, 2011, Association for Computing Machinery, p. 547–555.
S. Bulo and M. Pelillo, A game-theoretic approach to hypergraph clustering, in Advances in Neural Information Processing Systems, Y. Bengio, D. Schuurmans, J. Lafferty, C. Williams, and A. Culotta, eds., vol. 22, Curran Associates, Inc., 2009.
Y. Cai, O. Candogan, C. Daskalakis, and C. Papadimitriou, Zero-sum polymatrix games: A generalization of minmax, Mathematics of Operations Research, 41 (2016), pp. 648–655.
Z. Cai, Z. **ong, H. Xu, P. Wang, W. Li, and Y. Pan, Generative adversarial networks: A survey toward private and secure applications, ACM Comput. Surv., 54 (2021).
C. F. Camerer, T.-H. Ho, and J. K. Chong, Behavioural Game Theory: Thinking, Learning and Teaching, in Advances in Understanding Strategic Behaviour, S. Huck, ed., Palgrave Macmillan Books, Palgrave Macmillan, 2004, ch. 8, pp. 120–180.
N. Cesa-Bianchi and G. Lugosi, Prediction and Playing Games, Cambridge University Press, 2006.
——, Prediction, Learning, and Games, Cambridge University Press, USA, 2006.
G. Chalkiadakis, E. Elkind, and M. Wooldridge, Computational aspects of cooperative game theory, vol. 5, 10 2011.
A. Chivukula and W. Liu, Adversarial deep learning models with multiple adversaries, IEEE Transactions on Knowledge and Data Engineering, 31 (2019), pp. 1066–1079.
A. S. Chivukula, X. Yang, W. Liu, T. Zhu, and W. Zhou, Game theoretical adversarial deep learning with variational adversaries, IEEE Transactions on Knowledge and Data Engineering, 33 (2021), pp. 3568–3581.
S. Cohen, G. Dror, and E. Ruppin, Feature selection via coalitional game theory, Neural Comput., 19 (2007), p. 1939–1961.
A. Cotter, H. Jiang, and K. Sridharan, Two-player games for efficient non-convex constrained optimization, in ALT, vol. 98 of Proceedings of Machine Learning Research, PMLR, 2019, pp. 300–332.
G. Cybenko, S. Jajodia, M. P. Wellman, and P. Liu, Adversarial and uncertain reasoning for adaptive cyber defense: Building the scientific foundation, in ICISS, vol. 8880 of Lecture Notes in Computer Science, Springer, 2014, pp. 1–8.
N. Dalvi, P. Domingos, Mausam, S. Sanghai, and D. Verma, Adversarial classification, in Proceedings of the Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD ’04, New York, NY, USA, 2004, ACM, pp. 99–108.
P. Dasgupta and J. B. Collins, A survey of game theoretic approaches for adversarial machine learning in cybersecurity tasks, AI Mag., 40 (2019), pp. 31–43.
S. De Silva, J. Kim, and R. Raich, Cost aware adversarial learning, in ICASSP 2020 - 2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), 2020, pp. 3587–3591.
K. Deb and D. Saxena, On finding pareto-optimal solutions through dimensionality reduction for certain large-dimensional multi-objective optimization problems, IEEE Congress on Evolutionary Computation, (2005).
J. Dianetti and G. Ferrari, Nonzero-sum submodular monotone-follower games: Existence and approximation of nash equilibria, SIAM J. Control. Optim., 58 (2020), pp. 1257–1288.
P. Domingos, A unified bias-variance decomposition and its applications, in In Proc. 17th International Conf. on Machine Learning, Morgan Kaufmann, 2000, pp. 231–238.
L. Dritsoula, P. Loiseau, and J. Musacchio, A game-theoretical approach for finding optimal strategies in an intruder classification game, in CDC, IEEE, 2012, pp. 7744–7751.
A. Fawzi, O. Fawzi, and P. Frossard, Analysis of classifiers’ robustness to adversarial perturbations, Mach. Learn., 107 (2018), pp. 481–508.
——, Knowledge discovery and data mining: Towards a unifying framework, in Proceedings of the Second International Conference on Knowledge Discovery and Data Mining, KDD’96, AAAI Press, 1996, p. 82–88.
K. Ferguson-Walter, S. Fugate, J. Mauger, and M. Major, Game theory for adaptive defensive cyber deception, in Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security, HotSoS ’19, New York, NY, USA, 2019, Association for Computing Machinery.
S. Ficici, O. Melnik, and J. Pollack, A game-theoretic and dynamical-systems analysis of selection methods in coevolution, IEEE Transactions on Evolutionary Computation, 9 (2005), pp. 580–602.
S. G. Ficici, A game-theoretic investigation of selection methods in two-population coevolution, in Proceedings of the 8th Annual Conference on Genetic and Evolutionary Computation, GECCO ’06, New York, NY, USA, 2006, Association for Computing Machinery.
S. G. Ficici and J. B. Pollack, A game-theoretic approach to the simple coevolutionary algorithm, in PPSN, vol. 1917 of Lecture Notes in Computer Science, Springer, 2000, pp. 467–476.
D. Fogel, An introduction to simulated evolutionary optimization, IEEE Transactions on Neural Networks, 5 (1994), pp. 3–14.
B. Franci and S. Grammatico, A game-theoretic approach for generative adversarial networks, in CDC, IEEE, 2020, pp. 1646–1651.
G. Freiling, G. Jank, and S. R. Lee, Existence and uniqueness of open-loop stackelberg equilibria in linear-quadratic differential games, J. Optim. Theory Appl., 110 (2001), p. 515–544.
A. A. Freitas, A review of evolutionary algorithms for data mining, in Data Mining and Knowledge Discovery Handbook, Springer, 2010, pp. 371–400.
Y. Freund and R. E. Schapire, Game theory, on-line prediction and boosting, in Proceedings of the Ninth Annual Conference on Computational Learning Theory, COLT ’96, New York, NY, USA, 1996, Association for Computing Machinery, p. 325–332.
S. R. L. G. Freiling, G. Jank, Existence and uniqueness of open-loop stackelberg equilibria in linear-quadratic differential games, Journal of Optimization Theory and Applications, 110 (2001), pp. 515–544.
D. Garg, S. Sellamanickam, and S. Shevade, A game theoretic approach for feature clustering and its application to feature selection, 05 2011, pp. 13–25.
X. Ge, H. Ding, H. Rabitz, and R.-B. Wu, Robust quantum control in games: An adversarial learning approach, Phys. Rev. A, 101 (2020), p. 052317.
A. Globerson and S. Roweis, Nightmare at test time: Robust learning by feature deletion, in Proceedings of the 23rd International Conference on Machine Learning, ICML ’06, New York, NY, USA, 2006, ACM, pp. 353–360.
S. Gore and V. Govindaraju, Feature selection using cooperative game theory and relief algorithm, in Knowledge, Information and Creativity Support Systems: Recent Trends, Advances and Solutions - Selected Papers from KICSS’2013 - 8th International Conference on Knowledge, Information, and Creativity Support Systems, November 7-9, 2013, Kraków, Poland, A. M. J. Skulimowski and J. Kacprzyk, eds., vol. 364 of Advances in Intelligent Systems and Computing, Springer, 2013, pp. 401–412.
P. D. Grunwald and A. P. Dawid, Game theory, maximum entropy, minimum discrepancy and robust Bayesian decision theory, The Annals of Statistics, 32 (2004), pp. 1367–1433.
J. Halpern, Computer science and game theory: A brief survey, Palgrave Dictionary of Economics, (2007).
S. N. Hamilton and W. L. Miller, The role of game theory in information warfare, 2002.
S. Hart and A. Mas-Colell, A general class of adaptive strategies., J. Econ. Theory, 98 (2001), pp. 26–54.
E. Hazan, K. Singh, and C. Zhang, Efficient regret minimization in non-convex games, in Proceedings of the 34th International Conference on Machine Learning - Volume 70, ICML’17, JMLR.org, 2017.
D. He, W. Chen, L. Wang, and T.-Y. Liu, A game- heoretic machine learning approach for revenue maximization in sponsored search, in Proceedings of the Twenty-Third International Joint Conference on Artificial Intelligence, IJCAI ’13, AAAI Press, 2013.
D. Henderson, S. Jacobson, and A. Johnson, The Theory and Practice of Simulated Annealing, 04 2006, pp. 287–319.
J. Herbert and J. Yao, A game-theoretic approach to competitive learning in self-organizing maps, vol. 3610, 08 2005, pp. 129–138.
T. Hinrichs and K. D. Forbus, Transfer learning through analogy in games, AI Magazine, 32 (2011), p. 70.
L. Huang and Q. Zhu, A dynamic games approach to proactive defense strategies against advanced persistent threats in cyber-physical systems, Computers & Security, 89 (2019), p. 101660.
Y. Huang, J. Chen, L. Huang, and Q. Zhu, Dynamic games for secure and resilient control system design, National Science Review, 7 (2020), pp. 1125–1141.
R. Jia, I. C. Konstantakopoulos, B. Li, and C. Spanos, Poisoning attacks on data-driven utility learning in games, in 2018 Annual American Control Conference (ACC), 2018, pp. 5774–5780.
N. D. Johnson and A. A. Mislin, Trust games: A meta-analysis, Journal of Economic Psychology, 32 (2011), pp. 865–889.
P. R. Jordan, L. J. Schvartzman, and M. P. Wellman, Strategy exploration in empirical games, in AAMAS, IFAAMAS, 2010, pp. 1131–1138.
M. Kantarcioglu, B. **, and C. Clifton, A game theoretic framework for adversarial learning, in Proceedings of the 9th Annual Information Security Symposium, CERIAS ’08, West Lafayette, IN, 2008, CERIAS - Purdue University.
M. Kantarcıoğlu, B. **, and C. Clifton, Classifier evaluation and attribute selection against active adversaries, Data Mining and Knowledge Discovery, 22 (2011), pp. 291–335.
M. Kantarcioglu, B. **, and C. Clifton, Classifier evaluation and attribute selection against active adversaries, Data Min. Knowl. Discov., 22 (2011), pp. 291–335.
J. Kleinberg, C. Papadimitriou, and P. Raghavan, A microeconomic view of data mining, 1998.
A. Kulkarni, S. Srivastava, and S. Kambhampati, A unified framework for planning in adversarial and cooperative environments, in AAAI, AAAI Press, 2019, pp. 2479–2487.
G. R. Lanckriet, L. E. Ghaoui, C. Bhattacharyya, and M. I. Jordan, A robust minimax approach to classification, J. Mach. Learn. Res., 3 (2003).
K. Leyton-Brown and Y. Shoham, vol. 2, 2008.
G. L’Huillier, R. Weber, and N. Figueroa, Online phishing classification using adversarial data mining and signaling games, in Proceedings of the ACM SIGKDD Workshop on CyberSecurity and Intelligence Informatics, CSI-KDD ’09, New York, NY, USA, 2009, Association for Computing Machinery.
B. Li and Y. Vorobeychik, Feature cross-substitution in adversarial classification, in Advances in Neural Information Processing Systems 27, Z. Ghahramani, M. Welling, C. Cortes, N. D. Lawrence, and K. Q. Weinberger, eds., Curran Associates, Inc., 2014, pp. 2087–2095.
——, Scalable Optimization of Randomized Operational Decisions in Adversarial Classification Settings, in Proceedings of the Eighteenth International Conference on Artificial Intelligence and Statistics, G. Lebanon and S. V. N. Vishwanathan, eds., vol. 38 of Proceedings of Machine Learning Research, San Diego, California, USA, 09–12 May 2015, PMLR, pp. 599–607.
C. Li, H. Farkhoor, R. Liu, and J. Yosinski, Measuring the intrinsic dimension of objective landscapes, in International Conference on Learning Representations, 2018.
H. Liaghati, T. Mazzuchi, and S. Sarkani, Utilizing a maximin optimization approach to maximize system resiliency, Systems Engineering, 24 (2021).
X. Liang and Y. **ao, Game theory for network security, IEEE Communications Surveys Tutorials, 15 (2013), pp. 472–486.
M. Lippi, Statistical relational learning for game theory, IEEE Transactions on Computational Intelligence and AI in Games, 8 (2015), pp. 1–1.
Q. Liu, P. Li, W. Zhao, W. Cai, S. Yu, and V. C. M. Leung, A survey on security threats and defensive techniques of machine learning: A data driven view, IEEE Access, 6 (2018), pp. 12103–12117.
W. Liu and S. Chawla, A game theoretical model for adversarial learning, in 2009 IEEE International Conference on Data Mining Workshops, 2009, pp. 25–30.
——, Mining adversarial patterns via regularized loss minimization, Machine Learning, 81 (2010), pp. 69–83.
——, Mining adversarial patterns via regularized loss minimization, Mach. Learn., 81 (2010), pp. 69–83.
W. Liu, S. Chawla, J. Bailey, C. Leckie, and K. Ramamohanarao, AI 2012: Advances in Artificial Intelligence: 25th Australasian Joint Conference, Sydney, Australia, December 4-7, 2012. Proceedings, Springer Berlin Heidelberg, Berlin, Heidelberg, 2012, ch. An Efficient Adversarial Learning Strategy for Constructing Robust Classification Boundaries, pp. 649–660.
S. Lloyd and C. Weedbrook, Quantum generative adversarial learning, Phys. Rev. Lett., 121 (2018), p. 040502.
D. Lowd and C. Meek, Adversarial learning, in Proceedings of the Eleventh ACM SIGKDD International Conference on Knowledge Discovery in Data Mining, KDD ’05, New York, NY, USA, 2005, ACM, pp. 641–647.
O. Maimon and L. Rokach, Decomposition Methodology for Knowledge Discovery and Data Mining - Theory and Applications, vol. 61 of Series in Machine Perception and Artificial Intelligence, WorldScientific, 2005.
M. H. Manshaei, Q. Zhu, T. Alpcan, T. BacÅŸar, and J.-P. Hubaux, Game theory meets network security and privacy, ACM Comput. Surv., 45 (2013).
O. Martin and S. Otto, Combining simulated annealing with local search heuristics, Annals of Operations Research, 63 (1999).
J. V. Medanic and D. G. Radojevic, Multilevel stackelberg strategies in linear-quadratic systems, Journal of Optimization Theory and Applications, 24 (1978), pp. 485–497.
B. Miller, A. Kantchelian, S. Afroz, R. Bachwani, E. Dauber, L. Huang, M. C. Tschantz, A. D. Joseph, and J. Tygar, Adversarial active learning, in Proceedings of the 2014 Workshop on Artificial Intelligent and Security Workshop, AISec ’14, New York, NY, USA, 2014, Association for Computing Machinery.
D. J. Miller, X. Hu, Z. Qiu, and G. Kesidis, Adversarial learning: A critical review and active learning study, in MLSP, IEEE, 2017, pp. 1–6.
R. Motwani and P. Raghavan, Randomized Algorithms, Cambridge University Press, Cambridge; NY, 1995.
A. Nagurney, P. Daniele, and S. Shukla, A supply chain network game theory model of cybersecurity investments with nonlinear budget constraints, Ann. Oper. Res., 248 (2017), pp. 405–427.
Y. Narahari, Game Theory and Mechanism Design, WORLD SCIENTIFIC / INDIAN INST OF SCIENCE, INDIA, 2014.
Y. Narahari, D. Garg, R. Narayanam, and H. Prakash, Game Theoretic Problems in Network Economics and Mechanism Design Solutions, Springer Publishing Company, Incorporated, 1 ed., 2009.
R. Narayanam and Y. Narahari, A shapley value-based approach to discover influential nodes in social networks, IEEE Transactions on Automation Science and Engineering, 8 (2011), pp. 130–147.
R. Narayanam and Y. Narahari, A game theory inspired, decentralized, local information based algorithm for community detection in social graphs, in ICPR, IEEE Computer Society, 2012, pp. 1072–1075.
J. Nash, Non-cooperative games, Annals of Mathematics, 54 (1951), pp. 286–295.
J. F. Nash, Equilibrium points in n-person games., Proceedings of the National Academy of Sciences of the United States of America, 36 1 (1950), pp. 48–9.
B. Nelson, B. Rubinstein, L. Huang, A. Joseph, S. Lau, S. Lee, S. Rao, A. Tran, and D. Tygar, Near-optimal evasion of convex-inducing classifiers, in Proceedings of the Thirteenth International Conference on Artificial Intelligence and Statistics, Y. W. Teh and M. Titterington, eds., vol. 9 of Proceedings of Machine Learning Research, Chia Laguna Resort, Sardinia, Italy, 13–15 May 2010, PMLR, pp. 549–556.
T. Nguyen, M. P. Wellman, and S. P. Singh, A stackelberg game model for botnet data exfiltration, in GameSec, vol. 10575 of Lecture Notes in Computer Science, Springer, 2017, pp. 151–170.
T. H. Nguyen, Y. Wang, A. Sinha, and M. P. Wellman, Deception in finitely repeated security games, in AAAI, AAAI Press, 2019, pp. 2133–2140.
T. H. Nguyen, M. Wright, M. P. Wellman, and S. P. Singh, Multistage attack graph security games: Heuristic strategies, with empirical game-theoretic analysis, Secur. Commun. Networks, 2018 (2018), pp. 2864873:1–2864873:28.
A. Nisioti, G. Loukas, A. Laszka, and E. Panaousis, Data-driven decision support for optimizing cyber forensic investigations, IEEE Trans. Inf. Forensics Secur., 16 (2021), pp. 2397–2412.
G. M. D. Nunzio, M. Maistro, and D. C. Zilio, Gamification for machine learning: The classification game, in GamifIR@SIGIR, 2016.
F. A. Oliehoek, E. D. de Jong, and N. Vlassis, The parallel nash memory for asymmetric games, in Proceedings of the 8th Annual Conference on Genetic and Evolutionary Computation, GECCO ’06, New York, NY, USA, 2006, Association for Computing Machinery.
F. A. Oliehoek, R. Savani, J. Gallego-Posada, E. van der Pol, E. D. de Jong, and R. Gross, Gangs: Generative adversarial network games, CoRR, abs/1712.00679 (2017).
U. O’Reilly and E. Hemberg, An artificial coevolutionary framework for adversarial ai, in AAAI Fall Symposium: ALEC, vol. 2269 of CEUR Workshop Proceedings, CEUR-WS.org, 2018, pp. 50–55.
M. J. Osborne and A. Rubinstein, A Course in Game Theory, vol. 1 of MIT Press Books, The MIT Press, 1994.
H. Otrok, B. Zhu, H. Yahyaoui, and P. Bhattacharya, An intrusion detection game theoretical model, Information Security Journal: A Global Perspective, 18 (2009), pp. 199–212.
N. Papernot, P. McDaniel, A. Sinha, and M. P. Wellman, Sok: Security and privacy in machine learning, in 2018 IEEE European Symposium on Security and Privacy (EuroS P), April 2018, pp. 399–414.
J. Pawlick, E. Colbert, and Q. Zhu, A game-theoretic taxonomy and survey of defensive deception for cybersecurity and privacy, ACM Comput. Surv., 52 (2019).
A. Prakash and M. P. Wellman, Empirical game-theoretic analysis for moving target defense, in MTD@CCS, ACM, 2015, pp. 57–65.
S. Rajasekaran, On simulated annealing and nested annealing, Journal of Global Optimization, 16 (2000), pp. 43–56.
A. Rakhlin and K. Sridharan, Optimization, learning, and games with predictable sequences, in NIPS, 2013, pp. 3066–3074.
D. Ram, T. Sreenivas, and K. Subramaniam, Parallel simulated annealing algorithms, J. Parallel Distrib. Comput., 37 (1996), p. 207–212.
S. Rass, S. Konig, and S. Schauer, Defending against advanced persistent threats using game-theory, PLOS ONE, 12 (2017), pp. 1–43.
L. Ratliff, S. Burden, and S. Sastry, Characterization and computation of local nash equilibria in continuous games, 10 2013, pp. 917–924.
I. Rezek, D. S. Leslie, S. Reece, S. J. Roberts, A. Rogers, R. K. Dash, and N. R. Jennings, On similarities between inference in game theory and machine learning, J. Artif. Int. Res., 33 (2008), p. 259–283.
D. Rios Insua, R. Naveiro, and V. Gallego, Perspectives on adversarial classification, Mathematics, 8 (2020).
T. Roeder and F. B. Schneider, Proactive obfuscation, ACM Trans. Comput. Syst., 28 (2010), pp. 4:1–4:54.
J. Romero and A. Aspuru-Guzik, Variational quantum generators: Generative adversarial quantum machine learning for continuous distributions, Advanced Quantum Technologies, 4 (2020), p. 2000003.
S. Roy, C. Ellis, S. Shiva, D. Dasgupta, V. Shandilya, and Q. Wu, A survey of game theory as applied to network security, in 2010 43rd Hawaii International Conference on System Sciences, 2010, pp. 1–10.
A. Schlenker, O. Thakoor, H. Xu, F. Fang, M. Tambe, L. Tran-Thanh, P. Vayanos, and Y. Vorobeychik, Deceiving cyber adversaries: A game theoretic approach, in Proceedings of the 17th International Conference on Autonomous Agents and MultiAgent Systems, AAMAS ’18, Richland, SC, 2018, International Foundation for Autonomous Agents and Multiagent Systems, p. 892–900.
L. Schmidt, S. Santurkar, D. Tsipras, K. Talwar, and A. Madry, Adversarially robust generalization requires more data, in Proceedings of the 32nd International Conference on Neural Information Processing Systems, NIPS’18, Red Hook, NY, USA, 2018, Curran Associates Inc., p. 5019–5031.
D. Schuurmans and M. A. Zinkevich, Deep learning games, in Advances in Neural Information Processing Systems, D. Lee, M. Sugiyama, U. Luxburg, I. Guyon, and R. Garnett, eds., vol. 29, Curran Associates, Inc., 2016.
G. Scutari, D. P. Palomar, F. Facchinei, and J.-s. Pang, Convex optimization, game theory, and variational inequality theory, IEEE Signal Processing Magazine, 27 (2010), pp. 35–49.
H. Shah, V. Kakkad, R. Patel, and N. Doshi, A survey on game theoretic approaches for privacy preservation in data mining and network security, Procedia Computer Science, 155 (2019), pp. 686–691. The 16th International Conference on Mobile Systems and Pervasive Computing (MobiSPC 2019),The 14th International Conference on Future Networks and Communications (FNC-2019),The 9th International Conference on Sustainable Energy Information Technology.
M. Simaan and J. B. Cruz, Jr., On the stackelberg strategy in nonzero-sum games, J. Optim. Theory Appl., 11 (1973), pp. 533–555.
——, An efficient explanation of individual classifications using game theory, J. Mach. Learn. Res., 11 (2010).
B. Suman and P. Kumar, A survey of simulated annealing as a tool for single and multiobjective optimization, Journal of the Operational Research Society, 57 (2006), pp. 1143–1160.
X. Sun, Y. Liu, J. Li, J. Zhu, H. Chen, and X. Liu, Feature evaluation and selection with cooperative game theory, Pattern Recogn., 45 (2012), p. 2992–3002.
X. Sun, Y. Liu, J. Li, J. Zhu, X. Liu, and H. Chen, Using cooperative game theory to optimize the feature selection problem, Neurocomput., 97 (2012).
V. Syrgkanis, A. Agarwal, H. Luo, and R. E. Schapire, Fast convergence of regularized learning in games, in Advances in Neural Information Processing Systems, C. Cortes, N. Lawrence, D. Lee, M. Sugiyama, and R. Garnett, eds., vol. 28, Curran Associates, Inc., 2015.
L. Tong, S. Yu, S. Alfeld, and yevgeniy vorobeychik, Adversarial regression with multiple learners, in Proceedings of the 35th International Conference on Machine Learning, J. Dy and A. Krause, eds., vol. 80 of Proceedings of Machine Learning Research, PMLR, 10–15 Jul 2018, pp. 4946–4954.
E. Triantaphyllou, Data Mining and Knowledge Discovery via Logic-Based Methods, no. 978-1-4419-1630-3 in Springer Optimization and Its Applications, Springer, September 2010.
D. Tsipras, S. Santurkar, L. Engstrom, A. Turner, and A. Madry, Robustness may be at odds with accuracy, in ICLR (Poster), OpenReview.net, 2019.
M. Ummels, Stochastic multiplayer games: theory and algorithms, PhD thesis, RWTH Aachen University, 2011.
Y. Vorobeychik, M. P. Wellman, and S. P. Singh, Learning payoff functions in infinite games, in IJCAI, Professional Book Center, 2005, pp. 977–982.
F. Wang, W. Liu, and S. Chawla, On sparse feature attacks in adversarial learning, in 2014 IEEE International Conference on Data Mining, Dec 2014, pp. 1013–1018.
X. Wang, C. Hoang, Y. Vorobeychik, and M. P. Wellman, Spoofing the limit order book: A strategic agent-based analysis, Games, 12 (2021), p. 46.
Y. Wang, Integration of data mining with game theory, in Knowledge Enterprise: Intelligent Strategies in Product Design, Manufacturing, and Management, K. Wang, G. L. Kovacs, M. Wozny, and M. Fang, eds., Boston, MA, 2006, Springer US, pp. 275–280.
J. Webb, Game Theory: Decisions, Interaction and Evolution, 01 2007.
M. P. Wellman, Methods for empirical game-theoretic analysis, in AAAI, AAAI Press, 2006, pp. 1552–1556.
M. P. Wellman, L. Hong, and S. E. Page, The structure of signals: Causal interdependence models for games of incomplete information, in UAI, AUAI Press, 2011, pp. 727–735.
Q. Xu, K. Bello, and J. Honorio, A le cam type bound for adversarial learning and applications, in 2021 IEEE International Symposium on Information Theory (ISIT), 2021, pp. 1164–1169.
M. Xue, C. Yuan, H. Wu, Y. Zhang, and W. Liu, Machine learning security: Threats, countermeasures, and evaluations, IEEE Access, 8 (2020), pp. 74720–74742.
O. Yair and T. Michaeli, Contrastive divergence learning is a time reversal adversarial game, in ICLR, OpenReview.net, 2021.
L. Yang, P. Li, Y. Zhang, X. Yang, Y. **ang, and W. Zhou, Effective repair strategy against advanced persistent threat: A differential game approach, IEEE Transactions on Information Forensics and Security, 14 (2019), pp. 1713–1728.
D. Ye, T. Zhu, S. Shen, and W. Zhou, A differentially private game theoretic approach for deceiving cyber adversaries, IEEE Trans. Inf. Forensics Secur., 16 (2021), pp. 569–584.
S. Ye, X. Lin, K. Xu, S. Liu, H. Cheng, J.-H. Lambrechts, H. Zhang, A. Zhou, K. Ma, and Y. Wang, Adversarial robustness vs. model compression, or both?, 2019 IEEE/CVF International Conference on Computer Vision (ICCV), (2019), pp. 111–120.
Z. Yin, F. Wang, W. Liu, and S. Chawla, Sparse feature attacks in adversarial learning, IEEE Transactions on Knowledge and Data Engineering, PP (2018).
——, Sparse feature attacks in adversarial learning, IEEE Transactions on Knowledge and Data Engineering, 30 (2018), pp. 1164–1177.
J. Zhang, Z. Zhan, Y. Lin, N. Chen, Y. Gong, J. Zhong, H. S. H. Chung, Y. Li, and Y. Shi, Evolutionary computation meets machine learning: A survey, IEEE Computational Intelligence Magazine, 6 (2011), pp. 68–75.
L. Zhang, T. Zhu, P. **ong, W. Zhou, and P. S. Yu, More than privacy: Adopting differential privacy in game-theoretic mechanism design, ACM Comput. Surv., 54 (2021).
Y. Zhou and M. Kantarcioglu, Modeling adversarial learning as nested stackelberg games, in Advances in Knowledge Discovery and Data Mining, J. Bailey, L. Khan, T. Washio, G. Dobbie, J. Z. Huang, and R. Wang, eds., Cham, 2016, Springer International Publishing, pp. 350–362.
——, Modeling adversarial learning as nested stackelberg games, in Proceedings, Part II, of the 20th Pacific-Asia Conference on Advances in Knowledge Discovery and Data Mining - Volume 9652, PAKDD 2016, Berlin, Heidelberg, 2016, Springer-Verlag, p. 350–362.
Y. Zhou, M. Kantarcioglu, and B. **, A survey of game theoretic approach for adversarial machine learning, WIREs Data Mining and Knowledge Discovery, 9 (2019), p. e1259.
——, A survey of game theoretic approach for adversarial machine learning, Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, (2019).
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Sreevallabh Chivukula, A., Yang, X., Liu, B., Liu, W., Zhou, W. (2023). Game Theoretical Adversarial Deep Learning. In: Adversarial Machine Learning. Springer, Cham. https://doi.org/10.1007/978-3-030-99772-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-99772-4_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-99771-7
Online ISBN: 978-3-030-99772-4
eBook Packages: Computer ScienceComputer Science (R0)