检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:韦健杰 吕东辉[1] 陆小锋[1] 孙广玲[1] WEI Jianjie;Lü Donghui;LU Xiaofeng;SUN Guangling(School of Communication and Information Engineering,Shanghai University,Shanghai 200444,China)
机构地区:[1]上海大学通信与信息工程学院,上海200444
出 处:《应用科学学报》2020年第6期986-994,共9页Journal of Applied Sciences
基 金:国家自然科学基金(No.U1636206)资助。
摘 要:近年来,基于深度神经网络的应用日益广泛,然而深度神经网络容易受到由输入数据设计的微小扰动而带来的对抗性攻击,导致网络的错误输出,给智能系统的部署带来安全隐患.为了提高智能系统的抗风险能力,有必要对存在风险的扰动生成方法展开研究.快速特征欺骗(fast feature fool,FFF)是面向视觉任务的一种有效的通用扰动生成方法.考虑了输入图像在网络中的实际激活状态,以最大化原始图像和对抗样本之间的特征差异作为生成扰动的目标函数;同时考虑不同卷积层对于生成扰动的不同影响,在生成扰动的目标函数中,对不同卷积层对应的项加以不同权重.实验结果表明,改进的FFF方法攻击成功率更高,同时也具备更强的跨模型攻击能力.Although deep neural networks have been widely applied in recent years,they are readily fooled by adversarial input perturbations which are imperceptible to humans.Such vulnerability to adversarial attacks has imposed threats for system deployment in security-crucial setting,thus it is necessary to study the risky generation method of perturbations to boost the anti-risk capability.As a universal perturbation,fast feature fool(FFF)is an effective attacking method for visual tasks.Beyond solely mixing the convolutional layer’s output irrespective of the input activation status,this paper improves the FFF method by maximizing the feature difference between the input image and corresponding adversarial image during which the contributions of multiple convolutional layers are weighted differently.Experimental results demonstrate that the improved FFF actually has obtained higher success attacking rate and stronger cross-model transfer ability than the original one.
分 类 号:TP183[自动化与计算机技术—控制理论与控制工程]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28