行人再识别系统中无感噪声攻击的防御方法  被引量：1

作　　者：王进 张荣[2] Wang Jin;Zhang Rong(School of Computer&Information Engineering,Nantong Institute of Technology,Nantong Jiangsu 226000,China;School of Information Science&Technology,Nantong University,Nantong Jiangsu 226000,China)

机构地区：[1]南通理工学院计算机与信息工程学院,江苏南通226000 [2]南通大学信息科学技术学院,江苏南通226000

出　　处：《计算机应用研究》2022年第7期2172-2177,共6页Application Research of Computers

基　　金：国家自然科学基金资助项目(62002179)。

摘　　要：深度学习在行人再识别任务上的应用已经取得了较大进步。然而,由于深度神经网络的鲁棒性容易受到对抗样本的攻击,深度学习在行人再识别模型应用中暴露出来一些安全问题。针对该问题,提出一种无感噪声攻击的防御方法DSN。首先,利用RGB图像的灰度补丁图像,使其在训练过程中增强数据,从而提升行人再识别模型的识别能力。其次,采用模型内外结合的防御结构,并采用一种新的降噪网络,对输入的噪声图像进行降噪处理,从而使得行人再识别模型有更高的识别精度和防御无感噪声攻击的能力。在market1501数据集上模拟无感噪声攻击与防御,实验结果显示,该方法将mAP识别精度从2.6%提高到82.6%,rank-1精度从0.8%提高到83.5%。另外,通过消融实验表明了该方法中每个模块防御无感噪声攻击的有效性。The application of deep learning to the task of pedestrian re-identification has made great progress.However,deep learning has exposed some security issues in pedestrian re-identification model applications due to the robustness of deep neural networks that are vulnerable to attacks by adversarial samples.To address this problem,this paper proposed a defense method DSN for senseless noise attacks.First,it used grayscale patch images of RGB images to enhance the data during the training process,so as to improve the recognition ability of the pedestrian re-identification model.Secondly,it adopted a defense structure combining the inside and outside of the model and used a new noise reduction network to de-noise the input noisy images,so that the pedestrian re-identification model had higher recognition accuracy and defense against senseless noise attacks.Simulating the senseless noise attack and defense on the market1501 dataset,the experimental results show that the method improves the mAP identification accuracy from 2.6%to 82.6%and rank-1 accuracy from 0.8%to 83.5%.In addition,the effectiveness of each module in the method to defend against the senseless noise attack is demonstrated by ablation experiments.

关 键 词：行人再识别 无感噪声 对抗样本 对抗防御 对抗攻击 

分 类 号：TP391[自动化与计算机技术—计算机应用技术]