排序聚合算法是模式识别领域的重要研究内容之一，在选举、体育竞赛、推荐系统等领域都发挥着重要作用。但现有研究主要聚焦于聚合算法本身，忽视了排序过程中潜在的安全隐患。鉴于此，本课题从投毒攻击入手，研究排序聚合算法的安全性问题。本课题首先拟利用动态博弈建模攻击者和排序聚合算法之间的对抗，设计完全知识条件下的投毒攻击机制；在此基础上，拟对其中的双层优化问题进行求解，通过选择目标函数和分布相似度量函数化简原问题，以期获得动态投毒攻击的快速求解算法。其次，本课题拟利用静态博弈建模有限知识攻击者和排序聚合算法之间的对抗，构建有限知识条件下的投毒攻击机制；最终，针对静态博弈对应的分布鲁棒优化问题，拟利用数据分布相似度量函数的强对偶性质加速静态投毒攻击的求解过程。本项目研究成果将为排序聚合问题提供新的研究思路、为其安全性分析提供理论和技术支持、为强对抗条件下排序聚合算法的设计提供崭新尝试。

Rank Aggregation lies in the core topics in the pattern recognition community and plays an important role in a broad range of applications, e.g. election, sports competition and recommendation. If the adversary breaks the results of rank aggregation, it will cause great damage. Therefore, this research exploits the security of rank aggregation based on the data poisoning scheme. Particularly, the project first derives the interaction between the adversary and the victim with the full knowledge condition. Then the project makes a comprehensive analysis of the behaviors of the adversary and the victim, and designs the mechanism of complete knowledge data poisoning attack. To deal with the bi-level optimization corresponding to the dynamic game, a fast algorithm is proposed with special objective function and the similarity measurement of data distributions. Additionally, the project further attempts to establish the data poisoning attack with limited knowledge. A static game is proposed to model the interaction between the adversary and the victim. Based on this, the research adopts the strong duality of special similarity measurement of data distributions to solve the distributionally robust optimization.