{"title":"An adaptive black box attack algorithm based on improved differential evolution","authors":"Ran Zhang, Yifan Wang, Yifeng Yin","doi":"10.1109/ISPDS56360.2022.9874005","DOIUrl":null,"url":null,"abstract":"As an important part of artificial intelligence technology, deep learning is widely used in various fields of contemporary society. The security of deep learning directly affects the effectiveness of its application in different fields. Effective attack algorithms can evaluate the security of deep learning models, and black box attacks are one of the important methods for testing the security of deep learning algorithms. An adaptive black box attack algorithm based on improved differential evolution is proposed to solve the problems of many queries, difficult selection of attack points that may cause higher attack costs in applications. The algorithm sets the variation factor as a linear decreasing function, uses the fitness function to adaptively control the change of the cross probability factor to improve the global search ability and accelerate the convergence rate, proposes a new variation strategy to enhance the ability of global search and local exploitation and the accuracy of searching attack points, and optimizes the loss function and the calculation method of gradient for defining decisions in deep learning models to improve the effectiveness and efficiency of black box attacks. The results of the comparison experiments show that the attack success rate is effectively improved and the average time and the average number of queries are reduced with the same attack success rate.","PeriodicalId":280244,"journal":{"name":"2022 3rd International Conference on Information Science, Parallel and Distributed Systems (ISPDS)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 3rd International Conference on Information Science, Parallel and Distributed Systems (ISPDS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISPDS56360.2022.9874005","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
As an important part of artificial intelligence technology, deep learning is widely used in various fields of contemporary society. The security of deep learning directly affects the effectiveness of its application in different fields. Effective attack algorithms can evaluate the security of deep learning models, and black box attacks are one of the important methods for testing the security of deep learning algorithms. An adaptive black box attack algorithm based on improved differential evolution is proposed to solve the problems of many queries, difficult selection of attack points that may cause higher attack costs in applications. The algorithm sets the variation factor as a linear decreasing function, uses the fitness function to adaptively control the change of the cross probability factor to improve the global search ability and accelerate the convergence rate, proposes a new variation strategy to enhance the ability of global search and local exploitation and the accuracy of searching attack points, and optimizes the loss function and the calculation method of gradient for defining decisions in deep learning models to improve the effectiveness and efficiency of black box attacks. The results of the comparison experiments show that the attack success rate is effectively improved and the average time and the average number of queries are reduced with the same attack success rate.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
