摘要
本文使用一个像素攻击法和通用扰动生成攻击法生成对抗数据集,通过人脸识别模型对对抗数据集进行微调训练,使其对一个像素攻击法生成的对抗样本具有较高的正确识别能力和对通用扰动生成的对抗样本的具有完全正确的识别能力,实现人脸安全识别。
In this paper,the one-pixel attack method and the general disturbance generation attack method are utilized to generate a dataset of adversarial examples.After trained by the dataset,the face recognition model is slightly adjusted and exhibits a higher correct recognition rate to the adversarial examples generated by the one-pixel attack method and a completely correct recognition rate to the adversarial examples generated by the general disturbance method,realizing secure face recognition.
作者
黄横
韩青
李晓东
HUANG Heng;HAN Qing;LI Xiaodong(Beijing Electronic Science and Technology Institute,Beijing 100070,P.R.China)
出处
《北京电子科技学院学报》
2019年第4期26-32,共7页
Journal of Beijing Electronic Science And Technology Institute
基金
国家自然科学基金面上项目:无退化的混沌密码标准实现研究(项目编号:61772047)
中央高校基本科研业务费项目:网络空间安全学科建设(项目编号:328201907)
关键词
对抗样本防御
人脸安全识别
一个像素攻击法
通用扰动
微调
defense against adversarial examples
secure face recognition
one-pixel attack
general disturbance
slightly adjusted
