期刊文献+

黑盒攻击智能识别对抗算法研究现状 被引量:1

Research Status of Black-Box Intelligent Adversarial Attack Algorithms
下载PDF
导出
摘要 智能识别对抗算法是深度学习领域一个全新的研究方向,获得越来越多的关注。介绍针对目标识别技术的黑盒攻击智能识别对抗算法的工作流程和主要环节,从算法原理、代价函数、攻击性能和应用场景等方面进行综述:分析开展黑盒攻击对训练数据和模型的条件需求及运用策略,归纳基于数据和基于代理模型开展智能识别对抗算法的原理及优缺点;从提高攻击有效性、增强攻击泛化性、降低模型迭代次数和拓展对抗样本应用场景角度,剖析基于代理模型的智能识别对抗算法研究进展,即多样化代价函数、集成训练模型、优化参数更新空间、改进参数更新策略等手段在对抗样本生成过程中的作用;以攻击人脸识别系统、自动驾驶系统和追踪系统为典型应用场景,梳理算法现实应用情况;以军事应用为背景,探讨开展黑盒攻击智能识别对抗算法研究面临的困难挑战及解决方案。 The adversarial examples are used to attack the intellectual algorithm and become more and more attractive in the field of deep learning.The workflow and main contacts of adversarial attack are introduced,and the present algorithms are summarized in terms of algorithm principle,loss function,attack ability,and application scenario.The requirements and strategies are analyzed,and the strengths and weaknesses of algorithms based on data and surrogate models are studied.The status is elaborated in terms of enhancing attack efficiency,improving attack generation,deducing iteration,and enlarging application scenarios,that is,the function of diversifying loss function,integrating model,optimizing the parameter update space,and designing proper update strategy is further analyzed.The typical application scenarios,that is,attacking the face recognition system,auto driving system and tracking system are introduced briefly.Finally,the potential challenges and corresponding solutions are explored in terms of military application.
作者 魏健 宋小庆 王钦钊 WEI Jian;SONG Xiaoqing;WANG Qinzhao(Department of Weaponry and Control,Army Academy of Armored Forces,Beijing 100071,China)
出处 《计算机工程与应用》 CSCD 北大核心 2023年第13期61-73,共13页 Computer Engineering and Applications
基金 学院自主立项项目(2021CJ45)。
关键词 黑盒攻击 对抗样本 生成对抗网络 代理模型 black-box attack adversarial example generative adversarial network surrogate mode
  • 相关文献

参考文献5

二级参考文献12

共引文献56

同被引文献10

引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部