{"title":"基于深度学习的对抗防御神经网络模型","authors":"Zhiying Wang, Yong Wang","doi":"10.1117/12.3000789","DOIUrl":null,"url":null,"abstract":"Deep learning has achieved great success in many fields, such as image classification and target detection. Adding small disturbance which is hard to be detected by the human eyes to original images can make the neural network output error results with high confidence. An image after adding small disturbance is an adversarial example. The existence of adversarial examples brings a huge security problem to deep learning. In order to effectively defend against adversarial examples attacks, an adversarial example defense method based on image reconstruction is proposed by analyzing the existing adversarial examples attack methods and defense methods. Our data set is based on ImageNet 1k data set, and some filtering and expansion are carried out. Four attack modes, FGSM, BIM, DeepFool and C&W are selected to test the defense method. Based on the EDSR network, multi-scale feature fusion module and subspace attention module are added. By capturing the global correlation information of the image, the disturbance can be removed, while the image texture details can be better preserved, and the defense performance can be improved. The experimental results show that the proposed method has good defense effect.","PeriodicalId":210802,"journal":{"name":"International Conference on Image Processing and Intelligent Control","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2023-08-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A neural network model for adversarial defense based on deep learning\",\"authors\":\"Zhiying Wang, Yong Wang\",\"doi\":\"10.1117/12.3000789\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Deep learning has achieved great success in many fields, such as image classification and target detection. Adding small disturbance which is hard to be detected by the human eyes to original images can make the neural network output error results with high confidence. An image after adding small disturbance is an adversarial example. The existence of adversarial examples brings a huge security problem to deep learning. In order to effectively defend against adversarial examples attacks, an adversarial example defense method based on image reconstruction is proposed by analyzing the existing adversarial examples attack methods and defense methods. Our data set is based on ImageNet 1k data set, and some filtering and expansion are carried out. Four attack modes, FGSM, BIM, DeepFool and C&W are selected to test the defense method. Based on the EDSR network, multi-scale feature fusion module and subspace attention module are added. By capturing the global correlation information of the image, the disturbance can be removed, while the image texture details can be better preserved, and the defense performance can be improved. The experimental results show that the proposed method has good defense effect.\",\"PeriodicalId\":210802,\"journal\":{\"name\":\"International Conference on Image Processing and Intelligent Control\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-08-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Conference on Image Processing and Intelligent Control\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1117/12.3000789\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Image Processing and Intelligent Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1117/12.3000789","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A neural network model for adversarial defense based on deep learning
Deep learning has achieved great success in many fields, such as image classification and target detection. Adding small disturbance which is hard to be detected by the human eyes to original images can make the neural network output error results with high confidence. An image after adding small disturbance is an adversarial example. The existence of adversarial examples brings a huge security problem to deep learning. In order to effectively defend against adversarial examples attacks, an adversarial example defense method based on image reconstruction is proposed by analyzing the existing adversarial examples attack methods and defense methods. Our data set is based on ImageNet 1k data set, and some filtering and expansion are carried out. Four attack modes, FGSM, BIM, DeepFool and C&W are selected to test the defense method. Based on the EDSR network, multi-scale feature fusion module and subspace attention module are added. By capturing the global correlation information of the image, the disturbance can be removed, while the image texture details can be better preserved, and the defense performance can be improved. The experimental results show that the proposed method has good defense effect.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
