网络与信息安全学报 ›› 2020, Vol. 6 ›› Issue (2): 1-11.doi: 10.11959/j.issn.2096-109x.2020016

• 综述 •    下一篇

深度学习中对抗样本的构造及防御研究

段广晗1,马春光2(),宋蕾1,武朋2   

  1. 1 哈尔滨工程大学计算机科学与技术学院,黑龙江 哈尔滨 150001
    2 山东科技大学计算机科学与工程学院,山东 青岛 266590
  • 修回日期:2019-08-20 出版日期:2020-04-15 发布日期:2020-04-23
  • 作者简介:段广晗(1994– ),男,黑龙江海伦人,哈尔滨工程大学博士生,主要研究方向为深度学习、对抗样本、机器学习|马春光(1974– ),男,黑龙江双城人,山东科技大学教授、博士生导师,主要研究方向为密码学、数据安全与隐私、人工智能安全与隐私、区块链技术与应用|宋蕾(1989– ),女,黑龙江牡丹江人,哈尔滨工程大学博士生,主要研究方向为机器学习安全与隐私保护、云计算、网络安全|武朋(1974– ),女,黑龙江齐齐哈尔人,山东科技大学讲师,主要研究方向为网络安全、隐私保护
  • 基金资助:
    国家自然科学基金资助项目(61472097);国家自然科学基金资助项目(61932005);国家自然科学基金资助项目(U1936112);黑龙江省自然科学基金资助项目(JJ2019LH1770)

Research on structure and defense of adversarial example in deep learning

Guanghan DUAN1,Chunguang MA2(),Lei SONG1,Peng WU2   

  1. 1 College of Computer Science and Technology,Harbin Engineering University,Harbin 150001,China
    2 College of Computer Science and Engineering,Shandong University of Science and Technology,Qingdao 266590,China
  • Revised:2019-08-20 Online:2020-04-15 Published:2020-04-23
  • Supported by:
    The National Natural Science Foundation of China(61472097);The National Natural Science Foundation of China(61932005);The National Natural Science Foundation of China(U1936112);The Natural Science Foundation of Heilongjiang Province(JJ2019LH1770)

摘要:

随着深度学习技术在计算机视觉、网络安全、自然语言处理等领域的进一步发展,深度学习技术逐渐暴露了一定的安全隐患。现有的深度学习算法无法有效描述数据本质特征,导致算法面对恶意输入时可能无法给出正确结果。以当前深度学习面临的安全威胁为出发点,介绍了深度学习中的对抗样本问题,梳理了现有的对抗样本存在性解释,回顾了经典的对抗样本构造方法并对其进行了分类,简述了近年来部分对抗样本在不同场景中的应用实例,对比了若干对抗样本防御技术,最后归纳对抗样本研究领域存在的问题并对这一领域的发展趋势进行了展望。

关键词: 对抗样本, 深度学习, 安全威胁, 防御技术

Abstract:

With the further promotion of deep learning technology in the fields of computer vision,network security and natural language processing,which has gradually exposed certain security risks.Existing deep learning algorithms can not effectively describe the essential characteristics of data or its inherent causal relationship.When the algorithm faces malicious input,it often fails to give correct judgment results.Based on the current security threats of deep learning,the adversarial example problem and its characteristics in deep learning applications were introduced,hypotheses on the existence of adversarial examples were summarized,classic adversarial example construction methods were reviewed and recent research status in different scenarios were summarized,several defense techniques in different processes were compared,and finally the development trend of adversarial example research were forecasted.

Key words: adversarial example, deep learning, security threat, defense technology

中图分类号: 

No Suggested Reading articles found!