计算机应用与软件2024,Vol.41Issue(12):146-153,8.DOI:10.3969/j.issn.1000-386x.2024.12.021
基于神经网络热图的对抗样本检测方法
ADVERSARIAL SAMPLES DETECTING METHOD USING HEATMAP OF NEURAL NETWORKS
摘要
Abstract
Aiming at the problem that deep neural networks(DNN)face the threat of adversarial attacks,this paper proposes an adversarial samples detecting method based on heatmap.The idea of heatmap was proposed to represent the neural activity of a DNN when processing an input sample,and the original sample was transformed into an activity heuristic heatmap.The benign samples and adversarial samples were respectively generated to generate heat maps,and a binary classifier was trained to identify adversarial samples.The experimental results show that the detection accuracy of the proposed method is as high as 99.4%and 93.9%respectively when facing the advanced adversarial attack methods on MNIST and CIFAR-10 datasets.关键词
深度神经网络/热图/对抗样本/对抗样本检测/机器学习安全Key words
Deep neural network/Heatmap/Adversarial sample/Adversarial samples detection/Machine learning security分类
信息技术与安全科学引用本文复制引用
王德成,闫龙川,郭永和,赵子岩,朱京,陈晓惠,崔磊,李勇男..基于神经网络热图的对抗样本检测方法[J].计算机应用与软件,2024,41(12):146-153,8.基金项目
国家自然科学基金项目(61972392) (61972392)
中国人民公安大学公共安全行为科学实验室开放课题资助项目(2020SYS07) (2020SYS07)
中央高校基本科研基金项目(2021JKF106) (2021JKF106)
中国科学院青年创新促进会资助项目(2020164). (2020164)
