[1]汤家军,王 忠.基于 FGSM 的对抗样本生成算法[J].计算机技术与发展,2023,33(03):105-109.[doi:10. 3969 / j. issn. 1673-629X. 2023. 03. 016]
 TANG Jia-jun,WANG Zhong.Adversarial Sample Generation Algorithm Based on FGSM[J].,2023,33(03):105-109.[doi:10. 3969 / j. issn. 1673-629X. 2023. 03. 016]
点击复制

基于 FGSM 的对抗样本生成算法()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
33
期数:
2023年03期
页码:
105-109
栏目:
网络空间安全
出版日期:
2023-03-10

文章信息/Info

Title:
Adversarial Sample Generation Algorithm Based on FGSM
文章编号:
1673-629X(2023)03-0105-05
作者:
汤家军王 忠
中国人民解放军火箭军工程大学 基础部,陕西 西安 710025
Author(s):
TANG Jia-junWANG Zhong
PLA Rocket Force University of Engineering,Xi'an 710025,China
关键词:
深度学习不稳定性白盒攻击对抗样本对抗攻击
Keywords:
deep learninginstabilitywhite-box attackadversarial examplesadversarial attack
分类号:
TP391
DOI:
10. 3969 / j. issn. 1673-629X. 2023. 03. 016
摘要:
近年来,深度学习算法在各个领域都取得了极大的成功,给人们的生活带来了极大便利。 然而深度神经网络由于其固有特性,用于分类任务时,存在不稳定性,很多因素都影响着分类的准确性,尤其是对抗样本的干扰,通过给图片加上肉眼不可见的扰动,影响分类器的准确性,给深度神经网络带来了极大的威胁。 通过对相关对抗样本的研究,该文提出一种基于白盒攻击的对抗样本生成算法 DCI-FGSM( Dynamic Change Iterative Fast Gradient Sign Method)。 通过动态更新梯度及噪声幅值,可以防止模型陷入局部最优,提高了生成对抗样本的效率,使得模型的准确性下降。 实验结果表明, 在MINIST 数据集分类的神经网络攻击上 DCI-FGSM 取得了显著的效果,与传统的对抗样本生成算法 FGSM 相比,将攻击成功率提高了 25% ,具有更高的攻击效率。
Abstract:
In recent years,deep learning algorithms have achieved great success in various fields and brought great convenience to people’slife. However,due to its inherent characteristics,deep neural networks are unstable when used for classification tasks. Many factors affectthe accuracy of classification, especially the interference against samples. By adding invisible disturbance to pictures, the accuracy ofclassifiers is affected,posing a great threat to deep neural networks. Based on the research of correlative adversarial samples,we propose anew adversarial sample generation algorithm DCI-FGSM based on white-box attacks. Through dynamic updating of gradient and noiseamplitude,the model can be prevented from falling into local optimal,which improves the efficiency of generating adversarial samples anddecreases the accuracy. Experimental results show that DCI-FGSM achieves a remarkable effect on the neural network attack of MINISTdataset classification. Compared with the traditional adversarial examples generation algorithm FGSM,DCI-FGSM improves the successrate of attack by 25% and has higher attack efficiency.

相似文献/References:

[1]陈强锐,谢世朋.基于深度学习的肺部肿瘤检测方法[J].计算机技术与发展,2018,28(04):201.[doi:10.3969/ j. issn.1673-629X.2018.04.043]
 CHEN Qiang-rui,XIE Shi-peng.Lung Cancer Detection Method Based on Deep Learning[J].,2018,28(03):201.[doi:10.3969/ j. issn.1673-629X.2018.04.043]
[2]施泽浩,赵启军.基于全卷积网络的目标检测算法[J].计算机技术与发展,2018,28(05):55.[doi:10.3969/j.issn.1673-629X.2018.05.013]
 SHI Ze-hao,ZHAO Qi-jun.Object Detection Algorithm Based on Fully Convolutional Neural Network[J].,2018,28(03):55.[doi:10.3969/j.issn.1673-629X.2018.05.013]
[3]黄法秀,张世杰,吴志红,等.数据增广下的人脸识别研究[J].计算机技术与发展,2020,30(03):67.[doi:10. 3969 / j. issn. 1673-629X. 2020. 03. 013]
 HUANG Fa-xiu,ZHANG Shi-jie,WU Zhi-hong,et al.Research on Face Recognition Based on Data Augmentation[J].,2020,30(03):67.[doi:10. 3969 / j. issn. 1673-629X. 2020. 03. 013]
[4]陈浩翔,蔡建明,刘铿然,等. 手写数字深度特征学习与识别[J].计算机技术与发展,2016,26(07):19.
 CHEN Hao-xiang,CAI Jian-ming,LIU Keng-ran,et al. Deep Learning and Recognition of Handwritten Numeral Features[J].,2016,26(03):19.
[5]高翔,陈志,岳文静,等.基于视频场景深度学习的人物语义识别模型[J].计算机技术与发展,2018,28(06):53.[doi:10.3969/ j. issn.1673-629X.2018.06.012]
 GAO Xiang,CHEN Zhi,YUE Wen-jing,et al.Human Semantic Recognition Model Based on Video Scene Deep Learning[J].,2018,28(03):53.[doi:10.3969/ j. issn.1673-629X.2018.06.012]
[6]贺飞翔,赵启军. 基于深度学习的头部姿态估计[J].计算机技术与发展,2016,26(11):1.
 HE Fei-xiang,ZHAO Qi-jun. Head Pose Estimation Based on Deep Learning[J].,2016,26(03):1.
[7]徐 融,邱晓晖.一种改进的 YOLO V3 目标检测方法[J].计算机技术与发展,2020,30(07):30.[doi:10. 3969 / j. issn. 1673-629X. 2020. 07. 007]
 XU Rong,QIU Xiao-hui.An Improved YOLO V3 Object Detection[J].,2020,30(03):30.[doi:10. 3969 / j. issn. 1673-629X. 2020. 07. 007]
[8]曾志平[] [],萧海东[],张新鹏[]. 基于DBN的金融时序数据建模与决策[J].计算机技术与发展,2017,27(04):1.
 ZENG Zhi-ping[] [],XIAO Hai-dong[],ZHANG Xin-peng[]. Modeling and Decision-making of Financial Time Series Data with DBN[J].,2017,27(03):1.
[9]李全兵,文 钊*,田艳梅*,等.基于 WGAN 的音频关键词识别研究[J].计算机技术与发展,2021,31(08):26.[doi:10. 3969 / j. issn. 1673-629X. 2021. 08. 005]
 LI Quan-bing,WEN Zhao *,TIAN Yan-mei *,et al.Research on Audio Keywords Recognition Based on WassersteinGenerative Adversarial Network[J].,2021,31(03):26.[doi:10. 3969 / j. issn. 1673-629X. 2021. 08. 005]
[10]李宏林. 分析式纹理合成技术及其在深度学习的应用[J].计算机技术与发展,2017,27(11):7.
 LI Hong-lin. Analyzed Texture-synthesis Techniques and Their Applications in Deep Learning[J].,2017,27(03):7.

更新日期/Last Update: 2023-03-10