检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:Xiaoyin Yi Long Chen Jiacheng Huang Ning Yu Qian Huang
机构地区:[1]School of Computer Science and Technology,Chongqing University of Posts and Telecommunications,Chongqing,400065,China [2]Chongqing Key Laboratory of Public Big Data Security Technology,Chongqing,401420,China [3]School of Cyber Security and Information Law,Chongqing University of Posts and Telecommunications,Chongqing,400065,China [4]Key Laboratory of Cyberspace Big Data Intelligent Security,Ministry of Education,Chongqing,400065,China [5]Artificial Intelligence and Big Data College,Chongqing Polytechnic University of Electronic Technology,Chongqing,401331,China
出 处:《Computers, Materials & Continua》2025年第4期157-175,共19页计算机、材料和连续体(英文)
基 金:supported by the Intelligent Policing Key Laboratory of Sichuan Province(No.ZNJW2022KFZD002);This work was supported by the Scientific and Technological Research Program of Chongqing Municipal Education Commission(Grant Nos.KJQN202302403,KJQN202303111).
摘 要:Transfer-based Adversarial Attacks(TAAs)can deceive a victim model even without prior knowledge.This is achieved by leveraging the property of adversarial examples.That is,when generated from a surrogate model,they retain their features if applied to other models due to their good transferability.However,adversarial examples often exhibit overfitting,as they are tailored to exploit the particular architecture and feature representation of source models.Consequently,when attempting black-box transfer attacks on different target models,their effectiveness is decreased.To solve this problem,this study proposes an approach based on a Regularized Constrained Feature Layer(RCFL).The proposed method first uses regularization constraints to attenuate the initial examples of low-frequency components.Perturbations are then added to a pre-specified layer of the source model using the back-propagation technique,in order to modify the original adversarial examples.Afterward,a regularized loss function is used to enhance the black-box transferability between different target models.The proposed method is finally tested on the ImageNet,CIFAR-100,and Stanford Car datasets with various target models,The obtained results demonstrate that it achieves a significantly higher transfer-based adversarial attack success rate compared with baseline techniques.
关 键 词:Adversarial examples black-box transferability regularized constrained transfer-based adversarial attacks
分 类 号:TP391[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.7