摘要
针对深度神经网络在躲避攻击多目标对抗方法中输入的数据易导致机器误解码,提出一种深度神经网络结合蚁群算法的躲避攻击多目标对抗方法。设计一种与变换器和多个模型组成的体系结构,利用变换器生成一个多目标的对抗性样本,利用深度学习训练的分类器对输入值进行分类;引入蚁群算法,利用蚂蚁互相交流学习的正反馈原理保证算法的收敛性和寻优速度;融合两种算法的优势,实现躲避攻击的多目标对抗。实验结果表明,相比其他现有方法,该方法在躲避攻击多目标对抗方面更具优势,实现了100%的攻击成功率。
Aiming at the fact that the data input by deep neural network in the multi-target antagonistic method of evading attack can easily lead to machine misunderstanding codes,a new method of evading attack multi-target antagonistic method based on deep neural network and ant colony algorithm is proposed.An architecture composed of a converter and multiple models was designed.A multi-target antagonistic sample was generated by the converter,and the input value was classified by the classifier of deep learning training.Then,the ant colony algorithm was introduced to ensure the convergence and optimization speed of the algorithm.The advantages of the two algorithms were fused to realize the multi-target confrontation of evading attack.Experimental results show that,compared with other existing methods,the proposed method has more advantages in avoiding attack against multiple targets and achieves 100%attack success rate.
作者
魏焕新
张宏国
Wei Huanxin;Zhang Hongguo(College of Information Engineering,Hunan College of Electrical and Mechanical Technology,Changsha 410151,Hunan,China;Department of Software Engineering,Harbin University of Science and Technology,Harbin 150080,Heilongjiang,China)
出处
《计算机应用与软件》
北大核心
2020年第11期292-298,共7页
Computer Applications and Software
基金
国家自然科学基金项目(51375128)
湖南省教育厅科学研究项目(15C0490)
全国教育科学规划课题(EJA17450)。
关键词
深度神经网络
躲避攻击
对抗样本
机器学习
蚁群算法
多目标对抗
Deep neural network
Evade attack
Counter sample
Machine learning
Ant colony algorithm
Multi-objective confrontation
