Fine-Grained Classification of Remote Sensing Ship Images Based on Improved VAN

The remote sensing ships’fine-grained classification technology makes it possible to identify certain ship types in remote sensing images,and it has broad application prospects in civil and military fields.However,the current model does not examine the properties of ship targets in remote sensing images with mixed multi-granularity features and a complicated backdrop.There is still an opportunity for future enhancement of the classification impact.To solve the challenges brought by the above characteristics,this paper proposes a Metaformer and Residual fusion network based on Visual Attention Network(VAN-MR)for fine-grained classification tasks.For the complex background of remote sensing images,the VAN-MR model adopts the parallel structure of large kernel attention and spatial attention to enhance the model’s feature extraction ability of interest targets and improve the classification performance of remote sensing ship targets.For the problem of multi-grained feature mixing in remote sensing images,the VAN-MR model uses a Metaformer structure and a parallel network of residual modules to extract ship features.The parallel network has different depths,considering both high-level and lowlevel semantic information.The model achieves better classification performance in remote sensing ship images with multi-granularity mixing.Finally,the model achieves 88.73%and 94.56%accuracy on the public fine-grained ship collection-23(FGSC-23)and FGSCR-42 datasets,respectively,while the parameter size is only 53.47 M,the floating point operations is 9.9 G.The experimental results show that the classification effect of VAN-MR is superior to that of traditional CNNs model and visual model with Transformer structure under the same parameter quantity.

Discussion on classification and naming scheme of fine-grained sedimentary rocks

Based on reviews and summaries of the naming schemes of fine-grained sedimentary rocks, and analysis of characteristics of fine-grained sedimentary rocks, the problems existing in the classification and naming of fine-grained sedimentary rocks are discussed. On this basis, following the principle of three-level nomenclature, a new scheme of rock classification and naming for fine-grained sedimentary rocks is determined from two perspectives: First, fine-grained sedimentary rocks are divided into 12 types in two major categories, mudstone and siltstone, according to particle size(sand, silt and mud). Second,fine-grained sedimentary rocks are divided into 18 types in four categories, carbonate rock, fine-grained felsic sedimentary rock,clay rock and mixed fine-grained sedimentary rock according to mineral composition(carbonate minerals, felsic detrital minerals and clay minerals as three end elements). Considering the importance of organic matter in unconventional oil and gas generation and evaluation, organic matter is taken as the fourth element in the scheme. Taking the organic matter contents of 0.5% and 2% as dividing points, fine grained sedimentary rocks are divided into three categories, organic-poor, organic-bearing,and organic-rich ones. The new scheme meets the requirement of unconventional oil and gas exploration and development today and solves the problem of conceptual confusion in fine-grained sedimentary rocks, providing a unified basic term system for the research of fine-grained sedimentology.

Multi-Branch Deepfake Detection Algorithm Based on Fine-Grained Features

With the rapid development of deepfake technology,the authenticity of various types of fake synthetic content is increasing rapidly,which brings potential security threats to people’s daily life and social stability.Currently,most algorithms define deepfake detection as a binary classification problem,i.e.,global features are first extracted using a backbone network and then fed into a binary classifier to discriminate true or false.However,the differences between real and fake samples are often subtle and local,and such global feature-based detection algorithms are not optimal in efficiency and accuracy.To this end,to enhance the extraction of forgery details in deep forgery samples,we propose a multi-branch deepfake detection algorithm based on fine-grained features from the perspective of fine-grained classification.First,to address the critical problem in locating discriminative feature regions in fine-grained classification tasks,we investigate a method for locating multiple different discriminative regions and design a lightweight feature localization module to obtain crucial feature representations by augmenting the most significant parts of the feature map.Second,using information complementation,we introduce a correlation-guided fusion module to enhance the discriminative feature information of different branches.Finally,we use the global attention module in the multi-branch model to improve the cross-dimensional interaction of spatial domain and channel domain information and increase the weights of crucial feature regions and feature channels.We conduct sufficient ablation experiments and comparative experiments.The experimental results show that the algorithm outperforms the detection accuracy and effectiveness on the FaceForensics++and Celeb-DF-v2 datasets compared with the representative detection algorithms in recent years,which can achieve better detection results.

General multi-attack detection for continuous-variable quantum key distribution with local local oscillator

Continuous-variable quantum key distribution with a local local oscillator(LLO CVQKD)has been extensively researched due to its simplicity and security.For practical security of an LLO CVQKD system,there are two main attack modes referred to as reference pulse attack and polarization attack presently.However,there is currently no general defense strategy against such attacks,and the security of the system needs further investigation.Here,we employ a deep learning framework called generative adversarial networks(GANs)to detect both attacks.We first analyze the data in different cases,derive a feature vector as input to a GAN model,and then show the training and testing process of the GAN model for attack classification.The proposed model has two parts,a discriminator and a generator,both of which employ a convolutional neural network(CNN)to improve accuracy.Simulation results show that the proposed scheme can detect and classify attacks without reducing the secret key rate and the maximum transmission distance.It only establishes a detection model by monitoring features of the pulse without adding additional devices.

One-Variable Attack on the Industrial Fault Classification System and Its Defense

Recently developed fault classification methods for industrial processes are mainly data-driven.Notably,models based on deep neural networks have significantly improved fault classification accuracy owing to the inclusion of a large number of data patterns.However,these data-driven models are vulnerable to adversarial attacks;thus,small perturbations on the samples can cause the models to provide incorrect fault predictions.Several recent studies have demonstrated the vulnerability of machine learning methods and the existence of adversarial samples.This paper proposes a black-box attack method with an extreme constraint for a safe-critical industrial fault classification system:Only one variable can be perturbed to craft adversarial samples.Moreover,to hide the adversarial samples in the visualization space,a Jacobian matrix is used to guide the perturbed variable selection,making the adversarial samples in the dimensional reduction space invisible to the human eye.Using the one-variable attack(OVA)method,we explore the vulnerability of industrial variables and fault types,which can help understand the geometric characteristics of fault classification systems.Based on the attack method,a corresponding adversarial training defense method is also proposed,which efficiently defends against an OVA and improves the prediction accuracy of the classifiers.In experiments,the proposed method was tested on two datasets from the Tennessee–Eastman process(TEP)and steel plates(SP).We explore the vulnerability and correlation within variables and faults and verify the effectiveness of OVAs and defenses for various classifiers and datasets.For industrial fault classification systems,the attack success rate of our method is close to(on TEP)or even higher than(on SP)the current most effective first-order white-box attack method,which requires perturbation of all variables.

DDoS Attack Detection Using Heuristics Clustering Algorithm and Naive Bayes Classification

In recent times among the multitude of attacks present in network system, DDoS attacks have emerged to be the attacks with the most devastating effects. The main objective of this paper is to propose a system that effectively detects DDoS attacks appearing in any networked system using the clustering technique of data mining followed by classification. This method uses a Heuristics Clustering Algorithm (HCA) to cluster the available data and Na?ve Bayes (NB) classification to classify the data and detect the attacks created in the system based on some network attributes of the data packet. The clustering algorithm is based in unsupervised learning technique and is sometimes unable to detect some of the attack instances and few normal instances, therefore classification techniques are also used along with clustering to overcome this classification problem and to enhance the accuracy. Na?ve Bayes classifiers are based on very strong independence assumptions with fairly simple construction to derive the conditional probability for each relationship. A series of experiment is performed using “The CAIDA UCSD DDoS Attack 2007 Dataset” and “DARPA 2000 Dataset” and the efficiency of the proposed system has been tested based on the following performance parameters: Accuracy, Detection Rate and False Positive Rate and the result obtained from the proposed system has been found that it has enhanced accuracy and detection rate with low false positive rate.

In-Vehicle Network Injection Attacks Detection Based on Feature Selection and Classification

Detecting abnormal data generated from cyberattacks has emerged as a crucial approach for identifying security threats within in-vehicle networks.The transmission of information through in-vehicle networks needs to follow specific data for-mats and communication protocols regulations.Typically,statistical algorithms are employed to learn these variation rules and facilitate the identification of abnormal data.However,the effectiveness of anomaly detection outcomes often falls short when confronted with highly deceptive in-vehicle network attacks.In this study,seven representative classification algorithms are selected to detect common in-vehicle network attacks,and a comparative analysis is employed to identify the most suitable and favorable detection method.In consideration of the communication protocol characteristics of in-vehicle networks,an optimal convolutional neural network(CNN)detection algorithm is proposed that uses data field characteristics and classifier selection,and its comprehensive performance is tested.In addition,the concept of Hamming distance between two adjacent packets within the in-vehicle network is introduced,enabling the proposal of an enhanced CNN algorithm that achieves robust detection of challenging-to-identify abnormal data.This paper also presents the proposed CNN classifica-tion algorithm that effectively addresses the issue of high false negative rate(FNR)in abnormal data detection based on the timestamp feature of data packets.The experimental results validate the efficacy of the proposed abnormal data detection algorithm,highlighting its strong detection performance and its potential to provide an effective solution for safeguarding the security of in-vehicle network information.

A New Childhood Pneumonia Diagnosis Method Based on Fine-Grained Convolutional Neural Network

Pneumonia is part of the main diseases causing the death of children.It is generally diagnosed through chest Xray images.With the development of Deep Learning(DL),the diagnosis of pneumonia based on DL has received extensive attention.However,due to the small difference between pneumonia and normal images,the performance of DL methods could be improved.This research proposes a new fine-grained Convolutional Neural Network(CNN)for children’s pneumonia diagnosis(FG-CPD).Firstly,the fine-grainedCNNclassificationwhich can handle the slight difference in images is investigated.To obtain the raw images from the real-world chest X-ray data,the YOLOv4 algorithm is trained to detect and position the chest part in the raw images.Secondly,a novel attention network is proposed,named SGNet,which integrates the spatial information and channel information of the images to locate the discriminative parts in the chest image for expanding the difference between pneumonia and normal images.Thirdly,the automatic data augmentation method is adopted to increase the diversity of the images and avoid the overfitting of FG-CPD.The FG-CPD has been tested on the public Chest X-ray 2017 dataset,and the results show that it has achieved great effect.Then,the FG-CPD is tested on the real chest X-ray images from children aged 3–12 years ago from Tongji Hospital.The results show that FG-CPD has achieved up to 96.91%accuracy,which can validate the potential of the FG-CPD.

An Efficient Character-Level Adversarial Attack Inspired by Textual Variations in Online Social Media Platforms

In recent years,the growing popularity of social media platforms has led to several interesting natural language processing(NLP)applications.However,these social media-based NLP applications are subject to different types of adversarial attacks due to the vulnerabilities of machine learning(ML)and NLP techniques.This work presents a new low-level adversarial attack recipe inspired by textual variations in online social media communication.These variations are generated to convey the message using out-of-vocabulary words based on visual and phonetic similarities of characters and words in the shortest possible form.The intuition of the proposed scheme is to generate adversarial examples influenced by human cognition in text generation on social media platforms while preserving human robustness in text understanding with the fewest possible perturbations.The intentional textual variations introduced by users in online communication motivate us to replicate such trends in attacking text to see the effects of such widely used textual variations on the deep learning classifiers.In this work,the four most commonly used textual variations are chosen to generate adversarial examples.Moreover,this article introduced a word importance ranking-based beam search algorithm as a searching method for the best possible perturbation selection.The effectiveness of the proposed adversarial attacks has been demonstrated on four benchmark datasets in an extensive experimental setup.

Alpha Fusion Adversarial Attack Analysis Using Deep Learning

The deep learning model encompasses a powerful learning ability that integrates the feature extraction,and classification method to improve accuracy.Convolutional Neural Networks(CNN)perform well in machine learning and image processing tasks like segmentation,classification,detection,identification,etc.The CNN models are still sensitive to noise and attack.The smallest change in training images as in an adversarial attack can greatly decrease the accuracy of the CNN model.This paper presents an alpha fusion attack analysis and generates defense against adversarial attacks.The proposed work is divided into three phases:firstly,an MLSTM-based CNN classification model is developed for classifying COVID-CT images.Secondly,an alpha fusion attack is generated to fool the classification model.The alpha fusion attack is tested in the last phase on a modified LSTM-based CNN(CNN-MLSTM)model and other pre-trained models.The results of CNN models show that the accuracy of these models dropped greatly after the alpha-fusion attack.The highest F1 score before the attack was achieved is 97.45 And after the attack lowest F1 score recorded is 22%.Results elucidate the performance in terms of accuracy,precision,F1 score and Recall.

Chained Dual-Generative Adversarial Network:A Generalized Defense Against Adversarial Attacks

Neural networks play a significant role in the field of image classification.When an input image is modified by adversarial attacks,the changes are imperceptible to the human eye,but it still leads to misclassification of the images.Researchers have demonstrated these attacks to make production self-driving cars misclassify StopRoad signs as 45 Miles Per Hour(MPH)road signs and a turtle being misclassified as AK47.Three primary types of defense approaches exist which can safeguard against such attacks i.e.,Gradient Masking,Robust Optimization,and Adversarial Example Detection.Very few approaches use Generative Adversarial Networks(GAN)for Defense against Adversarial Attacks.In this paper,we create a new approach to defend against adversarial attacks,dubbed Chained Dual-Generative Adversarial Network(CD-GAN)that tackles the defense against adversarial attacks by minimizing the perturbations of the adversarial image using iterative oversampling and undersampling using GANs.CD-GAN is created using two GANs,i.e.,CDGAN’s Sub-ResolutionGANandCDGAN’s Super-ResolutionGAN.The first is CDGAN’s Sub-Resolution GAN which takes the original resolution input image and oversamples it to generate a lower resolution neutralized image.The second is CDGAN’s Super-Resolution GAN which takes the output of the CDGAN’s Sub-Resolution and undersamples,it to generate the higher resolution image which removes any remaining perturbations.Chained Dual GAN is formed by chaining these two GANs together.Both of these GANs are trained independently.CDGAN’s Sub-Resolution GAN is trained using higher resolution adversarial images as inputs and lower resolution neutralized images as output image examples.Hence,this GAN downscales the image while removing adversarial attack noise.CDGAN’s Super-Resolution GAN is trained using lower resolution adversarial images as inputs and higher resolution neutralized images as output images.Because of this,it acts as an Upscaling GAN while removing the adversarial attak noise.Furthermore,CD-GAN has a modular design such that it can be prefixed to any existing classifier without any retraining or extra effort,and 2542 CMC,2023,vol.74,no.2 can defend any classifier model against adversarial attack.In this way,it is a Generalized Defense against adversarial attacks,capable of defending any classifier model against any attacks.This enables the user to directly integrate CD-GANwith an existing production deployed classifier smoothly.CD-GAN iteratively removes the adversarial noise using a multi-step approach in a modular approach.It performs comparably to the state of the arts with mean accuracy of 33.67 while using minimal compute resources in training.

Detecting and Mitigating DDOS Attacks in SDNs Using Deep Neural Network

Distributed denial of service(DDoS)attack is the most common attack that obstructs a network and makes it unavailable for a legitimate user.We proposed a deep neural network(DNN)model for the detection of DDoS attacks in the Software-Defined Networking(SDN)paradigm.SDN centralizes the control plane and separates it from the data plane.It simplifies a network and eliminates vendor specification of a device.Because of this open nature and centralized control,SDN can easily become a victim of DDoS attacks.We proposed a supervised Developed Deep Neural Network(DDNN)model that can classify the DDoS attack traffic and legitimate traffic.Our Developed Deep Neural Network(DDNN)model takes a large number of feature values as compared to previously proposed Machine Learning(ML)models.The proposed DNN model scans the data to find the correlated features and delivers high-quality results.The model enhances the security of SDN and has better accuracy as compared to previously proposed models.We choose the latest state-of-the-art dataset which consists of many novel attacks and overcomes all the shortcomings and limitations of the existing datasets.Our model results in a high accuracy rate of 99.76%with a low false-positive rate and 0.065%low loss rate.The accuracy increases to 99.80%as we increase the number of epochs to 100 rounds.Our proposed model classifies anomalous and normal traffic more accurately as compared to the previously proposed models.It can handle a huge amount of structured and unstructured data and can easily solve complex problems.

基于后门攻击的恶意流量逃逸方法

针对基于深度学习模型的流量分类器,提出了一种利用后门攻击实现恶意流量逃逸的方法。通过在训练过程添加毒化数据将后门植入模型,后门模型将带有后门触发器的恶意流量判定为良性,从而实现恶意流量逃逸;同时对不含触发器的干净流量正常判定,保证了模型后门的隐蔽性。采用多种触发器分别生成不同后门模型,比较了多种恶意流量对不同后门模型的逃逸效果,同时分析了不同后门对模型性能的影响。实验验证了所提方法的有效性,为恶意流量逃逸提供了新的思路。

DCVAE与DPC融合的网络入侵检测模型研究

入侵检测是主动防御网络中攻击行为的技术,以往入侵检测模型因正常网络流量与未知攻击内在特征区分度不足,导致对未知攻击识别率不够高,本文设计基于判别条件变分自编码器与密度峰值聚类算法的入侵检测模型(DCVAE-DPC).利用判别条件变分自编码器能够生成指定类别样本的能力,学习正常网络流量特征的隐空间表示并计算其重建误差,增加其与未知攻击间的特征区分度,并使用密度峰值聚类算法求出正常网络流量重建误差的分布,提高未知攻击识别率.实验结果表明,在NSL-KDD数据集中与当前流行的入侵检测模型相比,模型的分类准确率可以达到97.08%,具有更高的未知攻击检测能力,面对当前复杂网络环境,有更强的入侵检测性能.

针对图像分类的鲁棒物理域对抗伪装

深度学习模型对对抗样本表现出脆弱性.作为一种对现实世界深度系统更具威胁性的攻击形式,物理域对抗样本近年来受到了广泛的研究关注.现有方法大多利用局部对抗贴片噪声在物理域实现对图像分类模型的攻击,然而二维贴片在三维空间的攻击效果将由于视角变化而不可避免地下降.为了解决这一问题,所提Adv-Camou方法利用空间组合变换来实时生成任意视角及变换背景的训练样本,并最小化预测类与目标类交叉熵损失,使模型输出指定错误类别.此外,所建立的仿真三维场景能公平且可重复地评估不同的攻击.实验结果表明,Adv-Camou生成的一体式对抗伪装可在全视角欺骗智能图像分类器,在三维仿真场景比多贴片拼接纹理平均有目标攻击成功率高出25%以上,对Clarifai商用分类系统黑盒有目标攻击成功率达42%,此外3D打印模型实验在现实世界平均攻击成功率约为66%,展现出先进的攻击性能.

面向边缘计算的TCA1C DDoS检测模型

边缘计算弥补了传统云计算数据传输开销大的不足,但边缘网络中存储和计算资源受限的特殊性限制了其部署复杂安全算法的能力,更易受到分布式拒绝服务(DDoS)攻击。针对目前边缘网络中DDoS攻击检测方法性能不高、未对卸载任务分类处理、对多属性的流量处理能力弱的问题,提出一种基于任务分类的Attention-1D-CNN DDoS检测模型TCA1C,对通信链路中的流量按不同的卸载任务进行分类,使单个任务受到攻击时不会影响整个链路中计算任务卸载的安全性,再对同一任务下的流量提取属性值并进行归一化处理。处理后的数据输入到Attention-1D-CNN,通道Attention和空间Attention学习数据特征对DDoS检测的贡献度,利用筛选函数剔除低于特征阈值的冗余信息,降低模型学习过程的复杂度,使模型快速收敛。仿真结果表明:TCA1C模型在缩短DDoS检测所用时间的情况下,检测准确率高达99.73%,检测性能优于DT、ELM、LSTM和CNN;当多个卸载任务在面临特定攻击概率时,卸载任务分类能有效降低不同任务的相互影响,使终端设备的计算任务在卸载过程中保持较高的安全性。

An Empirical Study on the Effectiveness of Adversarial Examples in Malware Detection

Antivirus vendors and the research community employ Machine Learning(ML)or Deep Learning(DL)-based static analysis techniques for efficient identification of new threats,given the continual emergence of novel malware variants.On the other hand,numerous researchers have reported that Adversarial Examples(AEs),generated by manipulating previously detected malware,can successfully evade ML/DL-based classifiers.Commercial antivirus systems,in particular,have been identified as vulnerable to such AEs.This paper firstly focuses on conducting black-box attacks to circumvent ML/DL-based malware classifiers.Our attack method utilizes seven different perturbations,including Overlay Append,Section Append,and Break Checksum,capitalizing on the ambiguities present in the PE format,as previously employed in evasion attack research.By directly applying the perturbation techniques to PE binaries,our attack method eliminates the need to grapple with the problem-feature space dilemma,a persistent challenge in many evasion attack studies.Being a black-box attack,our method can generate AEs that successfully evade both DL-based and ML-based classifiers.Also,AEs generated by the attack method retain their executability and malicious behavior,eliminating the need for functionality verification.Through thorogh evaluations,we confirmed that the attack method achieves an evasion rate of 65.6%against well-known ML-based malware detectors and can reach a remarkable 99%evasion rate against well-known DL-based malware detectors.Furthermore,our AEs demonstrated the capability to bypass detection by 17%of vendors out of the 64 on VirusTotal(VT).In addition,we propose a defensive approach that utilizes Trend Locality Sensitive Hashing(TLSH)to construct a similarity-based defense model.Through several experiments on the approach,we verified that our defense model can effectively counter AEs generated by the perturbation techniques.In conclusion,our defense model alleviates the limitation of the most promising defense method,adversarial training,which is only effective against the AEs that are included in the training classifiers.

融合注意力和胶囊池化的轻量型胶囊网络

针对胶囊网络特征信息传播低效性和路由过程存在较大计算开销等问题,文中提出了一种融合注意力和胶囊池化的轻量型胶囊网络。该网络主要有以下两方面的优势:1)提出了胶囊注意力。将注意力作用于初级胶囊层,增强对重要胶囊的关注,提高低级胶囊对高级胶囊预测的准确性;2)提出新的胶囊池化。在初级胶囊层所有特征图的对应位置筛选出权重最大的胶囊,在减少模型参数量的同时以少量的重要胶囊表示有效特征信息。公共数据集的结果表明,提出的胶囊网络在CIFAR10上达到92.60%的精度,并在复杂数据集上具有良好的白盒对抗攻击鲁棒性。此外,提出的胶囊网络在AffNIST数据集上达到95.74%的精度,具有较好的仿射变换鲁棒性。计算效率结果表明,所提网络的浮点运算量比传统胶囊网络减少了31.3%,参数量减少了41.9%。

Multi-granularity sequence generation for hierarchical image classification

Hierarchical multi-granularity image classification is a challenging task that aims to tag each given image with multiple granularity labels simultaneously.Existing methods tend to overlook that different image regions contribute differently to label prediction at different granularities,and also insufficiently consider relationships between the hierarchical multi-granularity labels.We introduce a sequence-to-sequence mechanism to overcome these two problems and propose a multi-granularity sequence generation(MGSG)approach for the hierarchical multi-granularity image classification task.Specifically,we introduce a transformer architecture to encode the image into visual representation sequences.Next,we traverse the taxonomic tree and organize the multi-granularity labels into sequences,and vectorize them and add positional information.The proposed multi-granularity sequence generation method builds a decoder that takes visual representation sequences and semantic label embedding as inputs,and outputs the predicted multi-granularity label sequence.The decoder models dependencies and correlations between multi-granularity labels through a masked multi-head self-attention mechanism,and relates visual information to the semantic label information through a crossmodality attention mechanism.In this way,the proposed method preserves the relationships between labels at different granularity levels and takes into account the influence of different image regions on labels with different granularities.Evaluations on six public benchmarks qualitatively and quantitatively demonstrate the advantages of the proposed method.Our project is available at https://github.com/liuxindazz/mgs.

基于自适应攻击强度的对抗训练方法

深度神经网络(DNN)易受对抗样本攻击的特性引发了人们对人工智能系统安全性和可靠性的重大关切,其中对抗训练是增强对抗鲁棒性的一种有效方式。针对现有方法使用固定的对抗样本生成策略但存在忽视对抗样本生成阶段对对抗训练重要性的问题,提出一种基于自适应攻击强度的对抗训练方法。首先,将干净样本和对抗样本输入模型得到输出;然后,计算干净样本和对抗样本模型输出的差异;最后,衡量该差异与上一时刻差异的变化情况,并自动调整对抗样本强度。对三个基准数据集的全面实验结果表明,相较于基准方法投影梯度下降的对抗训练(PGD-AT),该方法在三个基准数据集的AA(AutoAttack)攻击下鲁棒精度分别提升1.92、1.50和3.35个百分点,且所提出方法在鲁棒性和自然准确率方面优于最先进的防御方法可学习攻击策略的对抗训练(LAS-AT)。此外,从数据增强角度看,该方法可以有效解决对抗训练这种特殊数据增强方式中增广效果随训练进展会不断下降的问题。