基于抽样向量扰动的对抗样本生成方法

深度学习算法在很多领域取得了卓越的成就,但同时也容易受到对抗样本的攻击.使用对抗样本训练模型是抵御模型被攻击的有效手段,但这需要大量对抗样本的支持.为了提升对抗样本的生成效率,本文提出了一种基于抽样向量扰动的对抗样本生成方法(SPVT).实验结果表明,该方法可以在短时间内生成大量有效对抗样本,并且能够自适应计算出FGS...

Adversarial Example Generator Method Based on Sampling Perturbation Vector Transform

The deep learning algorithm has achieved remarkable achievements in many fields,but it is also vulnerable to adversari?al examples.Adversarial training is an effective means to improve the robustness of deep learning models,but it needs a large num?ber of adversarial examples.In order to improve the efficiency of generating adversarial examples,this paper proposes SPVT meth?od that based on sample vector perturbation.Firstly,sampling from the test dataset and use an optimized based generation algo?rithm to calculate the perturbation vectors;Secondly,transform the perturbation vectors into the disturbance amplitude;Finally,us?ing a gradient-based generation algorithm to generate a large number of adversarial examples.The experimental results show that SPVT can generate a large number of effective adversarial examples in a short time,and it can adapt the disturbance amplitude of FGSM,which has 0.77%higher success rate than that of FGSM with artificial parameters.When generating the same number of counter samples,SPVT method can save 1/6 of times compared with Deepfool,which solves the problem of low efficiency of adver?sarial examples generation problems.