Towards Secrecy-Aware Attacks Against Trust Prediction in Signed Graphs

Signed graphs are widely used to model the trust relationships among users in security-sensitive systems such as cryptocurrency trading platforms, where trust prediction plays a critical role. In this paper, we investigate how attackers could mislead trust prediction via manipulating signed graphs while remaining secret. To this end, we first design effective poisoning attacks against representative trust prediction tools. The attacks are formulated as hard bi-level optimization problems, for which we propose several efficient approximation solutions. The resulting basic attacks would severely change the structural semantics (in particular, both local and global balance properties) of a signed graph, which makes the attacks prone to be detected by the powerful attack detectors we designed. To address this issue, we further refine the basic attacks by integrating some conflicting metrics as penalty terms into the objective function. The refined attacks become secrecy-aware: they can successfully evade attack detectors with high probability while sacrificing little attack performance. We conduct comprehensive experiments to demonstrate that the basic attacks can severely disrupt trust prediction, the basic attacks could be easily detected, and the refined attacks can preserve attack performance while evading detection. Overall, our results significantly advance the knowledge in designing more practical attacks, reflecting more realistic threats to current trust prediction systems.