| 用于白盒目标攻击的GAN对抗样本生成 |
| |
| 引用本文: | 张高志,刘新平,邵明文.用于白盒目标攻击的GAN对抗样本生成[J].模式识别与人工智能,2020,33(9):830-838. |
| |
| 作者姓名: | 张高志 刘新平 邵明文 |
| |
| 作者单位: | 1.中国石油大学(华东) 计算机科学与技术学院 青岛 266580 |
| |
| 摘 要: | 深度神经网络易受对抗样本攻击的影响并产生错误输出,传统的生成对抗样本的方法都是从优化角度生成对抗样本.文中提出基于生成对抗网络(GAN)的对抗样本生成方法,使用GAN进行白盒目标攻击,训练好的生成器对输入样本产生扰动,生成对抗样本.使用四种损失函数约束生成对抗样本的质量并提高攻击成功率.在MNIST、CIFAR-10、ImageNet数据集上的大量实验验证文中方法的有效性,文中方法的攻击成功率较高.
|
| 关 键 词: | 对抗样本 生成对抗网络(GAN) 目标攻击 白盒攻击 |
| 收稿时间: | 2020-06-15 |
Generating Adversarial Example with GAN for White-Box Target Attacks |
| |
| ZHANG Gaozhi,LIU Xinping,SHAO Mingwen.Generating Adversarial Example with GAN for White-Box Target Attacks[J].Pattern Recognition and Artificial Intelligence,2020,33(9):830-838. |
| |
| Authors: | ZHANG Gaozhi LIU Xinping SHAO Mingwen |
| |
| Affiliation: | 1. College of Computer Science and Technology, China University of Petroleum, Qingdao 266580 |
| |
| Abstract: | Deep neural networks(DNNs) are easily affected by adversarial examples and consequently generate wrong outputs. Adversarial examples are generated by the traditional methods from an optimization perspective. In this paper, a method for generating adversarial examples is proposed with generative adversarial network(GAN) and GAN is exploited for target attack in the white-box setting. Adversarial perturbations are generated by a trained generator to form adversarial examples. Four kinds of loss functions are utilized to constrain the quality of adversarial examples and improve attack success rates. The effectiveness of the proposed method is testified through extensive experiments on MNIST, CIFAR-10 and ImageNet datasets and the proposed method produces higher attack success rates. |
| |
| Keywords: | Adversarial Example Generative Adversarial Network(GAN) Target Attack White-Box Attack |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《模式识别与人工智能》浏览原始摘要信息 |
|
点击此处可从《模式识别与人工智能》下载全文 |
