Alistair Barros

Zhipeng He, Chun Ouyang, Laith Alzubaidi et al.

Adversarial attacks are a potential threat to machine learning models by causing incorrect predictions through imperceptible perturbations to the input data. While these attacks have been extensively studied in unstructured data like images, applying them to tabular data, poses new challenges. These challenges arise from the inherent heterogeneity and complex feature interdependencies in tabular data, which differ from the image data. To account for this distinction, it is necessary to establish tailored imperceptibility criteria specific to tabular data. However, there is currently a lack of standardised metrics for assessing the imperceptibility of adversarial attacks on tabular data. To address this gap, we propose a set of key properties and corresponding metrics designed to comprehensively characterise imperceptible adversarial attacks on tabular data. These are: proximity to the original input, sparsity of altered features, deviation from the original data distribution, sensitivity in perturbing features with narrow distribution, immutability of certain features that should remain unchanged, feasibility of specific feature values that should not go beyond valid practical ranges, and feature interdependencies capturing complex relationships between data attributes. We evaluate the imperceptibility of five adversarial attacks, including both bounded attacks and unbounded attacks, on tabular data using the proposed imperceptibility metrics. The results reveal a trade-off between the imperceptibility and effectiveness of these attacks. The study also identifies limitations in current attack algorithms, offering insights that can guide future research in the area. The findings gained from this empirical analysis provide valuable direction for enhancing the design of adversarial attack algorithms, thereby advancing adversarial machine learning on tabular data.

Md Mahfujur Rahmana, Alistair Barros, Raja Jurdak et al.

Peer-to-peer energy trading among electric vehicles (EVs) has been increasingly studied as a promising solution for improving supply-side resilience under growing charging demand and constrained charging infrastructure. While prior studies on EV-EV energy trading and related EV research have largely focused on transaction management or isolated mobility prediction tasks, the problem of identifying which charging nodes are more suitable for EV-EV trading in journey contexts remains open. We address this gap by formulating next charging nodes recommendation as a learning-to-rank problem, where each EV decision event is associated with a set of candidate charging locations. We propose a supervised ranking framework applied to a large-scale urban EV mobility dataset comprising millions of journey records and multidimensional EV trading-related features, including EV energy level, trading role, distance to charging locations, charging speed, and temporal station popularity. To account for uncertainty arising from the mobility of both energy providers and consumers, as well as the presence of multiple viable charging nodes at a decision point, we employ probabilistic relevance refinement to generate graded labels for ranking. We evaluate gradient-boosted learning-to-rank models, including LightGBM, XGBoost, and CatBoost, on EV journey records enriched with candidate charging nodes. Experimental results show that LightGBM consistently achieves the strongest ranking performance across standard metrics, including NDCG@k, Recall@k, and MRR, with particularly strong early-ranking quality, reflected in the highest NDCG@1 (0.9795) and MRR (0.9990). These results highlight the effectiveness of uncertainty-aware learning-to-rank for charging node recommendation and support improved coordination and matching in decentralized EV-EV energy trading systems.

Zhipeng He, Alexander Stevens, Chun Ouyang et al.

Adversarial attacks on tabular data present unique challenges due to the heterogeneous nature of mixed categorical and numerical features. Unlike images where pixel perturbations maintain visual similarity, tabular data lacks intuitive similarity metrics, making it difficult to define imperceptible modifications. Additionally, traditional gradient-based methods prioritise $\ell_p$-norm constraints, often producing adversarial examples that deviate from the original data distributions. To address this, we propose a latent-space perturbation framework using a mixed-input Variational Autoencoder (VAE) to generate statistically consistent adversarial examples. The proposed VAE integrates categorical embeddings and numerical features into a unified latent manifold, enabling perturbations that preserve statistical consistency. We introduce In-Distribution Success Rate (IDSR) to jointly evaluate attack effectiveness and distributional alignment. Evaluation across six publicly available datasets and three model architectures demonstrates that our method achieves substantially lower outlier rates and more consistent performance compared to traditional input-space attacks and other VAE-based methods adapted from image domain approaches, achieving substantially lower outlier rates and higher IDSR across six datasets and three model architectures. Our comprehensive analyses of hyperparameter sensitivity, sparsity control, and generative architecture demonstrate that the effectiveness of VAE-based attacks depends strongly on reconstruction quality and the availability of sufficient training data. When these conditions are met, the proposed framework achieves superior practical utility and stability compared with input-space methods. This work underscores the importance of maintaining on-manifold perturbations for generating realistic and robust adversarial examples in tabular domains.

Md Whaiduzzaman, Md. Razon Hossain, Ahmedur Rahman Shovon et al.

To slow down the spread of COVID-19, governments around the world are trying to identify infected people and to contain the virus by enforcing isolation and quarantine. However, it is difficult to trace people who came into contact with an infected person, which causes widespread community transmission and mass infection. To address this problem, we develop an e-government Privacy Preserving Mobile and Fog computing framework entitled PPMF that can trace infected and suspected cases nationwide. We use personal mobile devices with contact tracing app and two types of stationary fog nodes, named Automatic Risk Checkers (ARC) and Suspected User Data Uploader Node (SUDUN), to trace community transmission alongside maintaining user data privacy. Each user's mobile device receives a Unique Encrypted Reference Code (UERC) when registering on the central application. The mobile device and the central application both generate Rotational Unique Encrypted Reference Code (RUERC), which broadcasted using the Bluetooth Low Energy (BLE) technology. The ARCs are placed at the entry points of buildings, which can immediately detect if there are positive or suspected cases nearby. If any confirmed case is found, the ARCs broadcast pre-cautionary messages to nearby people without revealing the identity of the infected person. The SUDUNs are placed at the health centers that report test results to the central cloud application. The reported data is later used to map between infected and suspected cases. Therefore, using our proposed PPMF framework, governments can let organizations continue their economic activities without complete lockdown.