摘要
随着人工智能技术的发展,机器学习的应用日益广泛,针对机器学习的攻击也相伴而生.数据投毒攻击是针对机器学习的一种攻击方式,它通过污染数据使得机器学习得到错误的结果,从而带来安全隐患.针对校园人脸识别的数据投毒攻击,通过孤立森林算法对人脸图像进行清洗,加快过滤被污染的数据样本;针对单个谱聚类算法的不足,结合多谱聚类评估算法对训练样本进行客观评分,提高算法的鲁棒性;通过线性拟合得到数据清洗和算法鲁棒性的最优平衡点,最优化单个谱聚类算法的性能.使用本校人脸识别系统中的1500张人脸图像进行了仿真实验,实验表明,算法快速有效.
With the development of artificial intelligence technology,the application of machine learning is becoming more and more extensive,and the attacks against it are also accompanied.Data poisoning attack is one of the attacks and makes machine learning get wrong results by polluting data,which brings potential security risks.Aiming at the data poisoning attack of campus face recognition,this paper uses isolated forest algorithm to clean the face image and speed up the filtering of contaminated data samples.Aiming at the shortcomings of single spectral clustering algorithm,combined with multi spectral clustering evaluation algorithm,the training samples are objectively scored to improve the robustness of the algorithm.The optimal balance between data cleaning and algorithm robustness is obtained by linear fitting,and the performance of single spectral clustering algorithm is optimized.1500 face images in our face recognition system are used in simulation experiments,and the results show that the algorithm is fast and effective.
作者
龚成清
何文华
GONG Cheng-qing;HE Wen-hua(School of Applied Design,Guangdong Women’s Polytechnic College,Guangzhou Guangdong 511450,China)
出处
《菏泽学院学报》
2022年第2期15-20,共6页
Journal of Heze University
基金
2021年度广东女子职业技术学院科研项目(ZDXM202107)
2019年度广东省普通高校特色创新类项目(2019GWTSCX044)。
关键词
人脸识别
数据投毒
攻击
数据清洗
鲁棒性
face recognition
data poisoning
attack
data cleaning
robustness