Adversarial Label-Flipping Attack and Defense for Anomaly Detection in Spatial Crowdsourcing UAV Services

Abstract

The rapid expansion of Graph Neural Networks (GNNs) in consumer electronics and Vehicular Edge Computing (VEC) enhanced Internet of Drone Things (IoDT) services highlights the need for strong defenses against cyber attacks. One significant but overlooked threat is adversarial label-flipping, where attackers slightly change training labels to disrupt the system. This issue is critical in spatial crowdsourcing UAV networks that use potentially insecure labels. Our study investigates these attacks on GNNs, emphasizing a serious security problem. We introduce UAVGuard, an innovative attack model that uses continuous approximations for complex objectives and a simplified GNN structure for effective gradient-based attacks. Our analysis shows that GNNs’ vulnerability mainly comes from overfitting to these manipulated labels. To counter this, we offer a defensive framework that uses a community-preserving self-supervised task as a regularization method. Tests on three real-world datasets, including various IBRL modalities, demonstrate UAVGuard’s effectiveness and our defense architecture’s resilience to label-flipping attacks. This research enhances our understanding of these threats to GNNs and provides practical defenses, improving the security of UAV services in spatial crowdsourcing within VEC-enhanced IoDT systems.