Introduction
This is the source code for our paper "Spotting Deep Neural Network Vulnerabilities in Mobile Traffic Forecasting with an Explainable AI Lens" submitted to Infocom23 and is under review.
Abstract
The ability to forecast mobile traffic patterns at large is key to resource management for mobile network operators and local authorities. Several Deep Neural Networks ( DNN) have been designed to capture the complex spatio-temporal characteristics of mobile traffic patterns at scale. These models are complex black boxes whose decisions are inherently hard to explain. Even worse, they have been proven vulnerable to adversarial attacks which undermine their applicability in production networks. In this paper, we conduct a first in-depth study of the vulnerabilities of DNNs for large-scale mobile traffic forecasting. We propose DEEXP, a new tool that leverages EXplainable Artificial Intelligence ( XAI ) to understand which Base Stations (BS s) are more influential for forecasting from a spatio-temporal perspective. This is challenging as existing XAI techniques are usually applied to computer vision or natural language processing and need to be adapted to the mobile network context. Upon identifying the more influential BS s, we run state- of-the art Adversarial Machine Learning (AML ) techniques on those BSs and measure the accuracy degradation of the predictors. Extensive evaluations with real-world mobile traffic traces pinpoint that attacking BS s relevant to the predictor significantly degrades its accuracy across all the scenarios.
Dependencies
This repository uses Anaconda. All the scripts are written in python and in order to run the scripts, you need to have jupyterlab or jupyternotebook installed on your machine.
After installing Anaconda and Jupyter, the required libararies and their compatable versions can be extracted from xai.yml file or you can directly create a conda environment which will download and install all the required packages by running conda env create -f xai.yml
in the command line.
After creating the environment, make sure to activate it with:
conda activate xai
Then, you can run the notebooks with:
jupyter notebook
This command will generate a link and if you right click on it and open it, it will open a page on your browser and you can navigate and open the desired notebook.
NOTE: If you are running on a remote server, opening the link won't show anything. For this to work, after doing all the above, open a new terminal and type this command:
ssh -N -L yourremoteport:localhost:yourremoteport name@ip
Now if you open the link, you can see all the folders in the remote machine and navigate through it and open the notebooks.
Datasets
We use two datasets: Milan and Paris
Directory structure and running order
There are 4 folders in Notebooks directory. The Paris and Milan subfolders, each contain notebooks for training models with two different cost functions, namely MAE and α-OMC. After training the models, go to LRP folder, there you can find the different notebooks for different combinations of datasets, cost functions and global or local LRP mapping. These scripts produce numpy files which later is needed in for the scripts in the attack folder.
Attack Strategies
So far, we are using FGSM attack as the baseline attack for perturbing all the cells. But inorder to validate our explainability tool, we have inject some version of the FGSM attack only to the most or least relevant cells defined by the modified LRP tool. We introduce and implement three attack strategies: 1- Sum traffic injection (Denial of Service attack) 2- A subset of DoS attack - (Top 3 Max) 3- Max traffic injection
1- Sum traffic injection
In this strategy, at each time instance and at each history (T), the sum of all the injected traffic at all the 25 cells at history T added by FGSM algorithm is calculated. This value is added (injected) to the most or least relevant cell at each time instance and at each history (T).