Research on Adversarial Sample Detection Method Based on Image Similarity

網際網路技術學刊 Pub Date : 2024-01-01 DOI:10.53106/160792642024012501012

Xiaoxue Wu Xiaoxue Wu, Shuqi Zuo Xiaoxue Wu, Shiyu Weng Shuqi Zuo, Yongkang Jiang Shiyu Weng, Hao Huang Yongkang Jiang

{"title":"Research on Adversarial Sample Detection Method Based on Image Similarity","authors":"Xiaoxue Wu Xiaoxue Wu, Shuqi Zuo Xiaoxue Wu, Shiyu Weng Shuqi Zuo, Yongkang Jiang Shiyu Weng, Hao Huang Yongkang Jiang","doi":"10.53106/160792642024012501012","DOIUrl":null,"url":null,"abstract":"\n With the widespread application of deep neural networks in image detection, adversarial sample attacks have gradually become a hot issue of concern for researchers. In this paper we propose a new adversarial sample detection approach called AdvDetector, which combines image generation through label fusion with image similarity detection. AdvDetector enhances sample quality and effectively identifies adversarial samples. Specifically, the method generates images by selecting seed pixels, the labels of deep neural network classification, and the pixel distribution learned from training data, and detects them using image similarity comparison methods. During the sample generation process, we introduce the AdvDetector method for adversarial sample detection to improve the quality of generated samples. We evaluated the effectiveness of the method on three publicly available image datasets, MNIST, Cifar-10, and GTSR, and the results show that the method is superior to existing baseline methods in terms of adversarial sample detection rate and sample generation quality.\n \n","PeriodicalId":442331,"journal":{"name":"網際網路技術學刊","volume":"303 11","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"網際網路技術學刊","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.53106/160792642024012501012","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

With the widespread application of deep neural networks in image detection, adversarial sample attacks have gradually become a hot issue of concern for researchers. In this paper we propose a new adversarial sample detection approach called AdvDetector, which combines image generation through label fusion with image similarity detection. AdvDetector enhances sample quality and effectively identifies adversarial samples. Specifically, the method generates images by selecting seed pixels, the labels of deep neural network classification, and the pixel distribution learned from training data, and detects them using image similarity comparison methods. During the sample generation process, we introduce the AdvDetector method for adversarial sample detection to improve the quality of generated samples. We evaluated the effectiveness of the method on three publicly available image datasets, MNIST, Cifar-10, and GTSR, and the results show that the method is superior to existing baseline methods in terms of adversarial sample detection rate and sample generation quality.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于图像相似性的对抗样本检测方法研究

随着深度神经网络在图像检测领域的广泛应用，对抗样本攻击逐渐成为研究人员关注的热点问题。本文提出了一种名为 AdvDetector 的新型对抗样本检测方法，它将通过标签融合生成图像与图像相似性检测相结合。AdvDetector 可提高样本质量，有效识别对抗样本。具体来说，该方法通过选择种子像素、深度神经网络分类标签和从训练数据中学到的像素分布生成图像，并使用图像相似性比较方法检测它们。在样本生成过程中，我们引入了用于对抗样本检测的 AdvDetector 方法，以提高生成样本的质量。我们在 MNIST、Cifar-10 和 GTSR 这三个公开的图像数据集上评估了该方法的有效性，结果表明该方法在对抗样本检测率和样本生成质量方面都优于现有的基线方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

網際網路技術學刊

自引率

0.00%

发文量