• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Pattern recognition letters >Generating adversarial examples with elastic-net regularized boundary equilibrium generative adversarial network
【24h】

Generating adversarial examples with elastic-net regularized boundary equilibrium generative adversarial network

机译:用弹性净正规边界平衡生成的对抗生成对抗性对抗的对抗性实例

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

To improve the attack success rate and image perceptual quality of adversarial examples against deep neural networks(DNNs), we propose a new Generative Adversarial Network (GAN) based attacker, named Elastic-net Regularized Boundary Equilibrium Generative Adversarial Network(ERBEGAN). Recent studies have shown that DNNs are easy to attack by adversarial examples(AEs) where benign images with small-magnitude perturbations mislead DNNs to incorrect results. A number of methods are proposed to generate AEs, but how to generate them with high attack success rate and perceptual quality needs more effort. Most attackers generate AEs by restricting L-2-norm and L-infinity-norm of adversarial perturbations. However, very few works have been developed on L-1 distortion matrix which encourages sparsity in the perturbation. In this paper, we penalize both L-2-norm and L-1-norm of perturbation as Elastic-Net regularization to improve the diversity and robustness of AEs. We further improve GAN by minimizing the additional pixel-wise loss derived from the Wasserstein distance between benign and adversarial auto-encoder loss distributions. Extensive experiments and visualizations on several datasets show that the proposed ER-BEGAN can yield higher attack success rates than the state-of-the-art GAN-based attacker AdvGAN under the semi-whitebox and black-box attack settings. Besides, our method efficiently generates diverse adversarial examples that are more perceptually realistic. (c) 2020 Elsevier B.V. All rights reserved.
机译:为了改善深度神经网络(DNN)对抗成功率和对抗普通例子的图像感知质量,我们提出了一种新的生成对抗网络(GAN)攻击者,名为Elastic-Net Rencalized边界平衡生成的对抗网络(Erbegan)。最近的研究表明,DNNS易于攻击的对手示例(AES),其中具有小幅度扰动的良性图像误导DNN以不正确的结果。提出了许多方法来生成AES,但如何以高攻击成功率和感知质量产生更多的努力。大多数攻击者通过限制对抗性扰动的L-2-NOM和L-Infinity-Num,产生AES。然而,在L-1失真矩阵上已经开发了很少的作品,这鼓励扰动中的稀疏性。在本文中,我们惩罚L-2-NOM和L-1-1 - 规范作为弹性净正则化,以改善AES的多样性和鲁棒性。我们通过最大限度地减少良性和对冲自动编码器损耗分布的额外像素明智的损失来进一步改善GaN。在多个数据集上的广泛实验和可视化表明,所提出的ER-Boggan可以在半白箱和黑匣子攻击设置下产生比最先进的GaN的攻击者Advang攻击更高的攻击成功率。此外,我们的方法有效地产生了更感知的不同的对抗例。 (c)2020 Elsevier B.v.保留所有权利。

著录项

  • 来源
    《Pattern recognition letters》 |2020年第12期|281-287|共7页
  • 作者

    Hu Cong; Wu Xiao-Jun; Li Zuo-Yong;

  • 作者单位

    Jiangnan Univ Sch Artificial Intelligence & Comp Sci Wuxi 214122 Jiangsu Peoples R China|Jiangnan Univ Jiangsu Prov Engn Lab Pattern Recognit & Computat Wuxi 214122 Jiangsu Peoples R China|Minjiang Univ Fujian Prov Key Lab Informat Proc & Intelligent C Fuzhou 350121 Peoples R China;

    Jiangnan Univ Sch Artificial Intelligence & Comp Sci Wuxi 214122 Jiangsu Peoples R China|Jiangnan Univ Jiangsu Prov Engn Lab Pattern Recognit & Computat Wuxi 214122 Jiangsu Peoples R China;

    Minjiang Univ Fujian Prov Key Lab Informat Proc & Intelligent C Fuzhou 350121 Peoples R China;

  • 收录信息 美国《科学引文索引》(SCI);美国《工程索引》(EI);
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

    Adversarial example; Elastic-net regularization; Generative adversarial network; Semi-whitebox attack; Blackbox attack;

    机译:对抗例子;弹性净正规化;生成的对抗网络;半白点攻击;黑箱攻击;

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号