Research on a step-by-step adversarial defense method for image recognition

Computer Engineering & Science ›› 2023, Vol. 45 ›› Issue (06): 1020-1029.

• Computer Network and Znformation Security • Previous Articles Next Articles

Research on a step-by-step adversarial defense method for image recognition

XU Ru-zhi1,WANG Shuo1,LONG Yan2,ZONG Qi-zhuo1

(1.School of Control and Computer Engineering,North China Electric Power University,Beijing 102206;
2.State Power Investment Corporation Digital Technology Co.,Ltd.,Beijing 102200,China)

Received:2022-07-20 Revised:2022-09-09 Accepted:2023-06-25 Online:2023-06-25 Published:2023-06-16

Abstract

Abstract: At present, with the continuous development of deep learning technology, its application in the field of image recognition has also made a great breakthrough. However, the existence of adversarial samples seriously threatens the security of the model itself. Therefore, it is of profound practical significance to study effective adversarial defense methods and improve the robustness of the model. Therefore, based on the game between quickly generating adversarial samples and maintaining the similarity of sample prediction results, a step-by-step adversarial defense method is proposed. The method first performs random data enhancement on the common samples to improve the sample diversity. Secondly, it generates the difference adversarial samples and the similarity adversarial samples, so as to improve the variety and quality of the adversarial samples in the adversarial training. Finally, the loss function is redefined for adversarial training. Finally, experimental verification shows that the algorithm has better mobility and robustness in the face of multiple attacks against the sample.

Key words: image enhancement, adversarial training, step-by-step defense, deep learning

XU Ru-zhi, WANG Shuo, LONG Yan, ZONG Qi-zhuo. Research on a step-by-step adversarial defense method for image recognition[J]. Computer Engineering & Science, 2023, 45(06): 1020-1029.

[1]	TAN Yu-song, WANG Wei, JIAN Song-lei, YI Chao-xiong. Weakly-supervised IDS with abnormal-preserving transformation learning [J]. Computer Engineering & Science, 2024, 46(05): 801-809.
[2]	JI Xu-rui, WEI De-jian, ZHANG Jun-zhong, ZHANG Shuai, CAO Hui. Research progress on information extraction methods of Chinese electronic medical records [J]. Computer Engineering & Science, 2024, 46(02): 325-337.
[3]	QIU Xiao-meng, WANG Lin, GU Wen-jun, SONG Wei, TIAN Hao-lai, HU Yu. A time series image semantic segmentation model modified by optical flow [J]. Computer Engineering & Science, 2024, 46(01): 102-110.
[4]	LI Zhuo-xuan, ZHOU Ya-tong. iSFF-DBNet:An improved text detection algorithm in e-commerce images [J]. Computer Engineering & Science, 2023, 45(11): 2008-2017.
[5]	MA Zhi-feng, ZHANG Hao, LIU Jie. A survey of precipitation nowcasting based on deep learning [J]. Computer Engineering & Science, 2023, 45(10): 1731-1753.
[6]	MA Si-yuan, JIAO Jia-hui, REN Sheng-qi, SONG Wei. Missing value filling for multi-variable urban air quality data based on attention mechanism [J]. Computer Engineering & Science, 2023, 45(08): 1354-1364.
[7]	DENG Shan-shan, HUANG Hui, MA Yan. A small object detection algorithm based on improved Faster R-CNN [J]. Computer Engineering & Science, 2023, 45(05): 869-877.
[8]	DONG Pei-jie, NIU Xin, WEI Zi-mian, CHEN Xue-hui. Review of one-shot neural architecture search [J]. Computer Engineering & Science, 2023, 45(02): 191-203.
[9]	LIU Cong-jun, XU Jia-chen, XIAO Zhi-yong, CHAI Zhi-lei. An automatic cardiac magnetic resonance image segmentation algorithm based on deep learning [J]. Computer Engineering & Science, 2022, 44(09): 1646-1654.
[10]	HE Tao, SHI Hui-li, LI Da-liang. Deep learning-based SAR target recognition on DSP [J]. Computer Engineering & Science, 2022, 44(08): 1357-1363.
[11]	GOU Song, ZHAO Xu-yan, HOU Song, LI Wei. A mask detection method based on multi-scale optimized awareness network [J]. Computer Engineering & Science, 2022, 44(08): 1440-1448.
[12]	LIU Li-man, TAN Long-yu, PENG Yuan, LIU Jia. Semantic segmentation of 3D point cloud based on all fusion network [J]. Computer Engineering & Science, 2022, 44(05): 862-869.
[13]	LU Kai-liang. Advances in deep learning methods for pavement crack detection and identification with visual images [J]. Computer Engineering & Science, 2022, 44(04): 674-685.
[14]	FENG Qi-yao, ZHANG Jing-lei, . An object tracking algorithm based on mixed attention mechanism [J]. Computer Engineering & Science, 2022, 44(02): 276-282.
[15]	QIU Zeng-hui, HE Ming-jie, LIN Zheng-kui. A named entity recognition method for online shopping comments based on deep learning [J]. Computer Engineering & Science, 2020, 42(12): 2287-2294.

Research on a step-by-step adversarial defense method for image recognition

PDF

Knowledge

Abstract

Cite this article

share this article

Related Articles 15

Recommended Articles

Metrics

Comments