检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:刘斯杰 张志祥[1] 张乔嘉 LIU Si-jie;ZHANG Zhi-xiang;ZHANG Qiao-jia(College of Electronic Engineering,Navy University of Engineering,Wuhan 430033,China;Department of Information Security,Navy University of Engineering,Wuhan 430033,China)
机构地区:[1]海军工程大学电子工程学院,湖北武汉430033 [2]海军工程大学信息安全系,湖北武汉430033
出 处:《计算机工程与设计》2022年第11期3093-3100,共8页Computer Engineering and Design
基 金:国家自然科学基金项目(41876222);国防十三五预研基金项目(30201)。
摘 要:为提高对抗训练后目标检测模型对未知攻击的鲁棒性,优化目标检测模型的防御能力,在对抗训练的基础上,提出基于对抗训练和非局部均值去噪的对抗样本防御算法。在训练模型时,会对正常样本和对抗样本进行扰动去噪,提高模型对去噪样本特征的学习效果。在面对未知来源的样本时,会对样本进行去噪,再进入模型进行目标检测。实验结果表明,在DIOR数据集上,对于实验中的所有攻击算法(FGSM、I-FGSM、MI-FGSM、PGD),该方法的防御成功率优于现有算法。To improve the robustness of the target detection model against unknown attacks and optimize the defense capability of the target detection model after adversarial training,an adversarial example defense algorithm based on adversarial training and non-local mean denoising was proposed.Disturbance de-noising was performed on normal example and adversarial example when training the model,so as to improve the learning effect of the model on the features of de-noised example.When facing the example from unknown sources,the example was de-noised and then entered the model for target detection.Experimental results show that the defense success rate of this method is better than the existing algorithm for all the attack algorithms(FGSM,I-FGSM,MI-FGSM,PGD)in the DIOR dataset.
分 类 号:TP391[自动化与计算机技术—计算机应用技术] TP18[自动化与计算机技术—计算机科学与技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.171