Adversarial Attacks and Defenses in Deep Learning |
| |
| Affiliation: | 1. Institute of Cyberspace Research, Zhejiang University, Hangzhou 310027, China;2. College of Computer Science and Technology, Zhejiang University, Hangzhou 310027, China;3. Department of Electrical and Computer Engineering, University of Toronto, Toronto, ON M5S 2E8, Canada;4. School of Computer Science, McGill University, Montreal, QC H3A 0E9, Canada |
| |
| Abstract: | With the rapid developments of artificial intelligence (AI) and deep learning (DL) techniques, it is critical to ensure the security and robustness of the deployed algorithms. Recently, the security vulnerability of DL algorithms to adversarial samples has been widely recognized. The fabricated samples can lead to various misbehaviors of the DL models while being perceived as benign by humans. Successful implementations of adversarial attacks in real physical-world scenarios further demonstrate their practicality. Hence, adversarial attack and defense techniques have attracted increasing attention from both machine learning and security communities and have become a hot research topic in recent years. In this paper, we first introduce the theoretical foundations, algorithms, and applications of adversarial attack techniques. We then describe a few research efforts on the defense techniques, which cover the broad frontier in the field. Several open problems and challenges are subsequently discussed, which we hope will provoke further research efforts in this critical area. |
| |
| Keywords: | Machine learning Deep neural network Adversarial example Adversarial attack Adversarial defense |
| 本文献已被 ScienceDirect 等数据库收录! |
|
