面向云环境的对抗样本攻防仿真验证平台  被引量：2

作　　者：郎大鹏 李子豫 陈德运[1] 陈庆钰 LANG Dapeng;LI Ziyu;CHEN Deyun;CHEN Qingyu(College of Computer Science and Technology,Harbin University of Science and Technology,Harbin 150001,China)

机构地区：[1]哈尔滨理工大学计算机科学与技术学院,黑龙江哈尔滨150001

出　　处：《无线电工程》2022年第8期1338-1346,共9页Radio Engineering

基　　金：国家重点基础研究发展计划(JCKY2020210B019)。

摘　　要：随着云计算技术在计算、存储和负载等方面的日趋完善,近年来大量智能化应用实施“上云”部署。这些系统在提升智能化水平的同时,也带来了一系列新的安全问题。研究表明,攻击者在攻击基于深度学习的智能应用时,可以绕过传统的防火墙杀毒软件,直接利用修改的数据诱导深度模型产生误判,这种以攻击为目的的输入称为对抗样本。为了对这种攻击手段开展更深入的研究,基于云计算环境搭建了一套对抗样本攻防仿真验证平台。该平台集成了攻击模块、防御模块、主干网络模块和测试评估模块,安全人员可以通过选择不同的模块,对自研的攻击方法、防御方法以及骨干网络进行对抗测试,通过评估模块验证对抗样本攻击的有效性。选取公共数据集ImageNet对各个模块进行了测试,获得了稳定的测试性能,可以作为安全测评基线。With the increasing improvement of cloud computing technology in computing,storage,and workload,a large number of intelligent applications have been deployed in cloud in recent years.While these systems improve the intelligence level,they introduce a series of new security problems.Research shows that when attacking intelligent applications based on deep learning,the attackers can bypass the traditional firewall anti-virus software and directly use modified data to produce misjudgment by inducing the depth model.Such attack is called adversarial examples.To carry out more in-depth research on this attack means,a set of attack and defense simulation verification platforms against adversarial examples are built based on cloud computing environment.In this platform,attack modules,defense modules,backbone network modules,and test and evaluation modules are integrated.By selecting different modules,security personnel can test self-developed attack methods,defense methods,and backbone networks,and verify the effectiveness of adversarial example attacks through the evaluation module.ImageNet,a typical public data set,is selected to test each module and obtain stable test performance,which can be used as the baseline of security evaluation.

关 键 词：对抗样本 对抗样本防御 云计算 深度学习 鲁棒性 

分 类 号：TP391[自动化与计算机技术—计算机应用技术]