基于随机梯度上升和球面投影的通用对抗攻击方法  被引量:3

A General Adversarial Attack Method Based on Random Gradient Ascent and Spherical Projection

在线阅读下载全文

作  者:范纯龙 李彦达 夏秀峰 乔建忠 FAN Chun-long;LI Yan-da;XIA Xiu-feng;QIAO Jian-zhong(School of Computer Science&Engineering,Northeastern University,Shenyang 110169,China;School of Computer,Shenyang Aerospace University,Shenyang 110136,China)

机构地区:[1]东北大学计算机科学与工程学院,辽宁沈阳110169 [2]沈阳航空航天大学计算机学院,辽宁沈阳110136

出  处:《东北大学学报(自然科学版)》2022年第2期168-175,共8页Journal of Northeastern University(Natural Science)

基  金:国家自然科学基金青年基金资助项目(61902260);国家自然科学基金资助项目(61972266).

摘  要:在面向样本集的通用对抗攻击中,导致多数样本输出错误的通用扰动设计是研究关键.本文以典型卷积神经网络为研究对象,对现有通用扰动生成算法进行总结,提出采用批量随机梯度上升训练策略和球面投影搜索策略相结合的通用扰动生成算法.算法的每次迭代计算,首先从样本集中抽取小批量样本,采用随机梯度上升策略计算出使损失函数值下降的通用对抗扰动,然后将通用扰动投影到半径为ε的高维球面上,从而缩小通用扰动的搜索空间.算法还引入了正则化技术以改善通用扰动的生成质量.实验结果证明该算法与基线算法对比,攻击成功率显著提升,通用扰动的求解效率提高约30倍.In general adversarial attacks oriented to sample sets,the general perturbation design that causes most sample to output errors is the key to the research.This paper takes the typical convolutional neural networks as the research object,summarizes the existing general perturbation generation algorithms,and proposes a general perturbation generation algorithm that combines batch random gradient ascent and spherical projection search.In each iteration of the algorithm,a small batch of samples are extracted from the sample set,and the general perturbation is calculated by using the random gradient rising strategy which reduces the value of the loss function.The general perturbation is then projected to the high-dimensional spherical surface with a radius ofε,so as to reduce the search space of general disturbances.The algorithm also introduces a regularization technique to improve the generation quality of general disturbances.Experimental results show that compared with the baseline algorithm,the attack success rate is significantly increased,and the solution efficiency of general perturbation is improved by about 30 times.

关 键 词:卷积神经网络 通用扰动 球面投影 梯度上升 对抗攻击 

分 类 号:TP391[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象