|国家科技期刊平台
| 注册
首页|期刊导航|计算机与数字工程|基于梯度惩罚WGAN的人脸对抗样本生成方法

基于梯度惩罚WGAN的人脸对抗样本生成方法

梁杰 彭长根 谭伟杰 何兴

计算机与数字工程2023,Vol.51Issue(11):2659-2665,7.
计算机与数字工程2023,Vol.51Issue(11):2659-2665,7.DOI:10.3969/j.issn.1672-9722.2023.11.034

基于梯度惩罚WGAN的人脸对抗样本生成方法

Adversarial Face Synthesis Method Based on Gradient Penalty Wasserstein Generative Adversarial Network

梁杰 1彭长根 2谭伟杰 3何兴1

作者信息

  • 1. 贵州大学计算机科学与技术学院 贵阳 550025||贵州大学公共大数据国家重点实验室 贵阳 550025
  • 2. 贵州大学计算机科学与技术学院 贵阳 550025||贵州大学公共大数据国家重点实验室 贵阳 550025||贵州大学大数据产业发展应用研究院 贵阳 550025
  • 3. 贵州大学大数据产业发展应用研究院 贵阳 550025
  • 折叠

摘要

Abstract

Face recognition system is facing various security threats and challenges,among which adversarial face synthesis attack has a certain impact on the security and robustness of deep neural network in face recognition system.In this paper,aiming at the problems of low generation efficiency and poor adversarial face synthesis quality in traditional adversarial face synthesis attack methods,adversarial face synthesis method based on gradient penalty Wasserstein generative adversarial network(WGAN-GP)is proposed.Firstly,gradient penalty term is used to make the parameter distribution of the neural network more uniform to ensure the stability of generative adversarial network training.Secondly,in the process of face adversation sample generation,Asian face adver-sation sample with high visual quality is generated by training the facenent attack model suitable for Asian face and local perturba-tion of face.Finally,a black box attack on Baidu's facial comparison API is implemented through simulation.Under the average SSIM,MSE and time indexes,compared with the existing similar adversarial sample methods,the proposed method has improved the quality and efficiency of face adversarial sample generation.Compared with the traditional adversarial sample method,the quali-ty SSIM has improved 2.26 times,and the MSE has reduced 1 times.There is a 99%improvement in generation efficiency.

关键词

深度学习/人脸识别/对抗样本/生成对抗网络/黑盒攻击

Key words

deep learning/face recognition/adversarial sample/adversarial network generation/black box attack

分类

信息技术与安全科学

引用本文复制引用

梁杰,彭长根,谭伟杰,何兴..基于梯度惩罚WGAN的人脸对抗样本生成方法[J].计算机与数字工程,2023,51(11):2659-2665,7.

基金项目

国家自然科学基金项目"数据共享应用的块数据融合分析理论与安全管控模型研究"(编号:U1836205) (编号:U1836205)

贵州大学引进人才科研项目"基于物理指纹的6G物联网内生安全关键技术研究"(编号:贵大人基合字[2020]61号) (编号:贵大人基合字[2020]61号)

贵州大学培育项目"基于区块链的 5G内生安全关键技术研究"(编号:贵大培育[2019]56 号)资助. (编号:贵大培育[2019]56 号)

计算机与数字工程

OACSTPCD

1672-9722

访问量3
|
下载量0
段落导航相关论文