Adversarial attacks and defenses in deep learning

LIU Ximeng; XIE Lehui, WANG Yaopeng; LI Xuru

doi:10.11959/j.issn.2096-109x.2020071

网络与信息安全学报 (Oct 2020)

Adversarial attacks and defenses in deep learning

LIU Ximeng,
XIE Lehui, WANG Yaopeng,
LI Xuru

Affiliations

LIU Ximeng: College of Mathematics and Computer Science, Fuzhou University, Fuzhou 350108, China ; Guangdong Provincial Key Laboratory of Data Security and Privacy Protection, Guangzhou 510632, China
XIE Lehui, WANG Yaopeng: College of Mathematics and Computer Science, Fuzhou University, Fuzhou 350108, China
LI Xuru: School of Computer Science and Technology, East China Normal University, Shanghai 200241, China

DOI: https://doi.org/10.11959/j.issn.2096-109x.2020071
Journal volume & issue: Vol. 6, no. 5
pp. 36 – 53

Abstract

Read online

The adversarial example is a modified image that is added imperceptible perturbations, which can make deep neural networks decide wrongly. The adversarial examples seriously threaten the availability of the system and bring great security risks to the system. Therefore, the representative adversarial attack methods were analyzed, including white-box attacks and black-box attacks. According to the development status of adversarial attacks and defenses, the relevant domestic and foreign defense strategies in recent years were described, including pre-processing, improving model robustness, malicious detection. Finally, future research directions in the field of adversarial attacks and adversarial defenses were given.

Published in 网络与信息安全学报

ISSN: 2096-109X (Print)
Publisher: POSTS&TELECOM PRESS Co., LTD
Country of publisher: China
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://www.infocomm-journal.com/cjnis/CN/2096-109X/home.shtml

About the journal

Abstract

Keywords