计算机工程与科学2024,Vol.46Issue(8):1395-1402,8.DOI:10.3969/j.issn.1007-130X.2024.08.008
S-JSMA:一种低扰动冗余的快速JSMA对抗样本生成方法
S-JSMA:A fast JSMA adversarial example generation method with low disturbance redundancy
摘要
Abstract
Techniques based on deep learning neural network models are widely used in computer vi-sion,natural language processing,and other fields.However,researchers have found that neural net-work models have significant security risks,such as vulnerability to adversarial sample attacks.Study-ing the techniques related to adversarial samples for image classification can help people recognize the vulnerability of neural network models,which in turn can promote the research of security hardening mechanisms for related models.To overcome the challenges of high time overhead and perturbation re-dundancy of the JSMA method,a fast JSMA adversarial example generation method with low distur-bance redundancy called S-JSMA is proposed.The S-JSMA method replaces the iterative operation with a single-step one to simplify the work flow of the JSMA algorithm.Moreover,the proposed method a-dopts a simple perturbation rule rather than the salient graph based perturbation used in JSMA.Conse-quently,S-JSMA significantly reduces the time overhead and the disturbance redundancy of generating adversarial examples.The experimental results on the MN1ST dataset demonstrate that,compared with the JSMA and the FGSM methods,the proposed S-JSMA achieves considerable attacking effects with a significantly shorter time period.关键词
深度学习/神经网络/图像分类/对抗样本Key words
deep learning/neural network/image classification/adversarial example分类
信息技术与安全科学引用本文复制引用
刘强,李沐春,伍晓洁,王煜恒..S-JSMA:一种低扰动冗余的快速JSMA对抗样本生成方法[J].计算机工程与科学,2024,46(8):1395-1402,8.基金项目
湖南省自然科学基金(2021JJ30779) (2021JJ30779)
