Physical adversarial attack in artificial intelligence of things

IF 1.5 4区 计算机科学 Q3 ENGINEERING, ELECTRICAL & ELECTRONIC IET Communications Pub Date : 2023-12-22 DOI:10.1049/cmu2.12714
Xin Ma, Kai Yang, Chuanzhen Zhang, Hualing Li, Xin Zheng
{"title":"Physical adversarial attack in artificial intelligence of things","authors":"Xin Ma,&nbsp;Kai Yang,&nbsp;Chuanzhen Zhang,&nbsp;Hualing Li,&nbsp;Xin Zheng","doi":"10.1049/cmu2.12714","DOIUrl":null,"url":null,"abstract":"<p>With the continuous development of wireless communication and artificial intelligence technology, Internet of Things (IoT) technology has made great progress. Deep learning methods are currently used in IoT technology, but deep neural networks (DNNs) are notoriously susceptible to adversarial examples, and subtle pixel changes to images can result in incorrect recognition results from DNNs. In the real-world application, the patches generated by the recent physical attack methods are larger or less realistic and easily detectable. To address this problem, a Generative Adversarial Network based on Visual attention model and Style transfer network (GAN-VS) is proposed, which reduces the patch area and makes the patch more natural and less noticeable. A visual attention model combined with generative adversarial network is introduced to detect the critical regions of image recognition, and only generate patches within the critical regions to reduce patch area and improve attack efficiency. For any type of seed patch, an adversarial patch can be generated with a high degree of stylistic and content similarity to the attacked image by generative adversarial network and style transfer network. Experimental evaluation shows that the proposed GAN-VS has good camouflage and outperforms state-of-the-art adversarial patch attack methods.</p>","PeriodicalId":55001,"journal":{"name":"IET Communications","volume":"18 6","pages":"375-385"},"PeriodicalIF":1.5000,"publicationDate":"2023-12-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cmu2.12714","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Communications","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/cmu2.12714","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}
引用次数: 0

Abstract

With the continuous development of wireless communication and artificial intelligence technology, Internet of Things (IoT) technology has made great progress. Deep learning methods are currently used in IoT technology, but deep neural networks (DNNs) are notoriously susceptible to adversarial examples, and subtle pixel changes to images can result in incorrect recognition results from DNNs. In the real-world application, the patches generated by the recent physical attack methods are larger or less realistic and easily detectable. To address this problem, a Generative Adversarial Network based on Visual attention model and Style transfer network (GAN-VS) is proposed, which reduces the patch area and makes the patch more natural and less noticeable. A visual attention model combined with generative adversarial network is introduced to detect the critical regions of image recognition, and only generate patches within the critical regions to reduce patch area and improve attack efficiency. For any type of seed patch, an adversarial patch can be generated with a high degree of stylistic and content similarity to the attacked image by generative adversarial network and style transfer network. Experimental evaluation shows that the proposed GAN-VS has good camouflage and outperforms state-of-the-art adversarial patch attack methods.

Abstract Image

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
人工智能中的物理对抗攻击
随着无线通信和人工智能技术的不断发展,物联网(IoT)技术取得了长足的进步。目前,深度学习方法被应用于物联网技术中,但深度神经网络(DNN)很容易受到对抗性实例的影响,图像细微的像素变化会导致 DNN 的识别结果不正确。在实际应用中,最近的物理攻击方法生成的补丁较大或不太真实,容易被检测到。为解决这一问题,我们提出了一种基于视觉注意力模型和风格转移网络(GAN-VS)的生成对抗网络(Generative Adversarial Network),它可以减少补丁面积,使补丁更自然、更不容易被察觉。它引入了视觉注意力模型和生成式对抗网络,以检测图像识别的关键区域,并只在关键区域内生成补丁,从而减少补丁面积,提高攻击效率。对于任何类型的种子补丁,生成式对抗网络和风格转移网络都能生成与被攻击图像在风格和内容上高度相似的对抗补丁。实验评估表明,所提出的 GAN-VS 具有良好的伪装性,优于最先进的对抗补丁攻击方法。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
IET Communications
IET Communications 工程技术-工程:电子与电气
CiteScore
4.30
自引率
6.20%
发文量
220
审稿时长
5.9 months
期刊介绍: IET Communications covers the fundamental and generic research for a better understanding of communication technologies to harness the signals for better performing communication systems using various wired and/or wireless media. This Journal is particularly interested in research papers reporting novel solutions to the dominating problems of noise, interference, timing and errors for reduction systems deficiencies such as wasting scarce resources such as spectra, energy and bandwidth. Topics include, but are not limited to: Coding and Communication Theory; Modulation and Signal Design; Wired, Wireless and Optical Communication; Communication System Special Issues. Current Call for Papers: Cognitive and AI-enabled Wireless and Mobile - https://digital-library.theiet.org/files/IET_COM_CFP_CAWM.pdf UAV-Enabled Mobile Edge Computing - https://digital-library.theiet.org/files/IET_COM_CFP_UAV.pdf
期刊最新文献
A deep learning-based approach for pseudo-satellite positioning Analysis of interference effect in VL-NOMA network considering signal power parameters performance An innovative model for an enhanced dual intrusion detection system using LZ-JC-DBSCAN, EPRC-RPOA and EG-GELU-GRU A high-precision timing and frequency synchronization algorithm for multi-h CPM signals Dual-user joint sensing and communications with time-divisioned bi-static radar
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1