Abstract:Rank aggregation with pairwise comparisons is widely encountered in sociology, politics, economics, psychology, sports, etc . Given the enormous social impact and the consequent incentives, the potential adversary has a strong motivation to manipulate the ranking list. However, the ideal attack opportunity and the excessive adversarial capability cause the existing methods to be impractical. To fully explore the potential risks, we leverage an online attack on the vulnerable data collection process. Since it is independent of rank aggregation and lacks effective protection mechanisms, we disrupt the data collection process by fabricating pairwise comparisons without knowledge of the future data or the true distribution. From the game-theoretic perspective, the confrontation scenario between the online manipulator and the ranker who takes control of the original data source is formulated as a distributionally robust game that deals with the uncertainty of knowledge. Then we demonstrate that the equilibrium in the above game is potentially favorable to the adversary by analyzing the vulnerability of the sampling algorithms such as Bernoulli and reservoir methods. According to the above theoretical analysis, different sequential manipulation policies are proposed under a Bayesian decision framework and a large class of parametric pairwise comparison models. For attackers with complete knowledge, we establish the asymptotic optimality of the proposed policies. To increase the success rate of the sequential manipulation with incomplete knowledge, a distributionally robust estimator, which replaces the maximum likelihood estimation in a saddle point problem, provides a conservative data generation solution. Finally, the corroborating empirical evidence shows that the proposed method manipulates the results of rank aggregation methods in a sequential manner.

What problem does this paper attempt to address?

The problem that this paper attempts to solve is in the ranking aggregation algorithm, how to influence the final ranking result through online manipulation (i.e., inserting malicious pairwise comparisons during the data collection process). Specifically, the paper focuses on how adversarial attackers can exploit the vulnerabilities in the data collection process to manipulate the ranking list by forging pairwise comparisons without fully understanding future data or the true distribution. This manipulation behavior aims to specify a particular ranking result rather than simply interfering with the ranking list. The paper points out that the existing security research on ranking aggregation mainly focuses on offline attacks, which assume that attackers can modify the existing data after the data collection is completed. However, such an assumption is often not feasible in practical applications because the completed data usually cannot be changed. Therefore, the paper proposes a new online attack framework to simulate the attacker's operations in a more realistic way and explores the effectiveness and potential risks of this attack method. The paper describes the adversarial situation between online manipulators and ranking aggregators by constructing a distribution - robust game model, analyzes the equilibrium state of this game under uncertainty, and proves the possibility of online manipulation. In addition, the paper also proposes a series of sequential manipulation strategies based on the Bayesian decision - making framework and the parameterized pairwise comparison model, and demonstrates the effectiveness of these strategies through theoretical analysis and experimental evidence.

Sequential Manipulation Against Rank Aggregation: Theory and Algorithm

A Tale of HodgeRank and Spectral Method: Target Attack Against Rank Aggregation is the Fixed Point of Adversarial Game

Poisoning Attack Against Estimating From Pairwise Comparisons

Robustness of rank aggregation methods for malicious disturbance

A Robust Rank Aggregation Method for Malicious Disturbance Based on Objective Credit

Asymptotically Optimal Sequential Design for Rank Aggregation

Are Rank Aggregation Methods Robust to Collusive Disturbance?

Rate-Optimal Rank Aggregation with Private Pairwise Rankings

Manipulation of individual judgments in the quantitative pairwise comparisons method

Adversarial Attacks on Online Learning to Rank with Stochastic Click Models

Stochastic iterative methods for online rank aggregation from pairwise comparisons

Practical Order Attack in Deep Ranking

Practical Relative Order Attack in Deep Ranking

Toward Detecting Collusive Ranking Manipulation Attackers in Mobile App Markets.

Preference Poisoning Attacks on Reward Model Learning

Towards Model-Agnostic Post-Hoc Adjustment for Balancing Ranking Fairness and Algorithm Utility

Xorder: A Model Agnostic Post-Processing Framework for Achieving Ranking Fairness While Maintaining Algorithm Utility.

Election Manipulation in Social Networks with Single-Peaked Agents

The Art of Manipulation: Threat of Multi-Step Manipulative Attacks in Security Games

TopRank: A Practical Algorithm for Online Stochastic Ranking