[1] |
LE-CUN Y , BENGIO Y , HINTON G . Deep learning[J]. Nature, 2015,521(7553): 436-444.
|
[2] |
HE K , ZHANG X , REN S ,et al. Deep residual learning for image recognition[C]// Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 2016: 770-778.
|
[3] |
GUO G , ZHANG N . A survey on deep learning based face recognition[J]. Computer Vision and Image Understanding, 2019,189:102805.
|
[4] |
DENG L , HINTON G , KINGSBURY B . New types of deep neural network learning for speech recognition and related applications:an overview[C]// 2013 IEEE International Conference on Acoustics,Speech and Signal Processing. 2013: 8599-8603.
|
[5] |
YOUNG T , HAZARIKA D , PORIA S ,et al. Recent trends in deep learning based natural language processing[J]. IEEE Computational Intelligence Magazine, 2018,13(3): 55-75.
|
[6] |
GOODFELLOW I J , SHLENS J , SZEGEDY C . Explaining and harnessing adversarial examples[J]. arXiv preprint arXiv:1412.6572, 2014.
|
[7] |
DENG J , DONG W , SOCHER R ,et al. Imagenet:a large-scale hierarchical image database[C]// 2009 IEEE Conference on Computer Vision and Pattern Recognition. 2009: 248-255.
|
[8] |
何英哲, 胡兴波, 何锦雯 ,等. 机器学习系统的隐私和安全问题综述[J]. 计算机研究与发展, 2019,56(10): 2049.
|
|
HE Y Z , HU X B , HE J W ,et al. Overview of the privacy and security issues of machine learning systems[J]. Computer Research and Development, 2019,56(10): 2049.
|
[9] |
ZHENG T , CHEN C , REN K . Distributionally adversarial attack[C]// Proceedings of the AAAI Conference on Artificial Intelligence. 2019: 2253-2260.
|
[10] |
XIAO C , LI B , ZHU J Y ,et al. Generating adversarial examples with adversarial networks[J]. arXiv preprint arXiv:1801.02610, 2018.
|
[11] |
QIU S , LIU Q , ZHOU S ,et al. Review of artificial intelligence adversarial attack and defense technologies[J]. Applied Sciences, 2019,9(5): 909.
|
[12] |
AKHTAR N , MIAN A . Threat of adversarial attacks on deep learning in computer vision:a survey[J]. IEEE Access, 2018,6: 14410-14430.
|
[13] |
KURAKIN A , GOODFELLOW I , BENGIO S ,et al. Adversarial attacks and defences competition[M]// The NIPS'17 Competition:Building Intelligent Systems. 2018: 195-231.
|
[14] |
TRAMèR F , KURAKIN A , PAPERNOT N ,et al. Ensemble adversarial training:attacks and defenses[J]. arXiv preprint arXiv:1705.07204, 2017.
|
[15] |
MADRY A , MAKELOV A , SCHMIDT L ,et al. Towards deep learning models resistant to adversarial attacks[J]. arXiv preprint arXiv:1706.06083, 2017.
|
[16] |
LIANG B , LI H , SU M ,et al. Detecting adversarial image examples in deep neural networks with adaptive noise reduction[J]. IEEE Transactions on Dependable and Secure Computing, 2018: 1-10.
|
[17] |
PAPERNOT N , MCDANIEL P , WU X ,et al. Distillation as a defense to adversarial perturbations against deep neural networks[C]// 2016 IEEE Symposium on Security and Privacy (SP). 2016: 582-597.
|
[18] |
JIA X , WEI X , CAO X ,et al. Comdefend:an efficient image compression model to defend adversarial examples[C]// Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 2019: 6084-6092.
|
[19] |
SZEGEDY C , ZAREMBA W , SUTSKEVER I ,et al. Intriguing properties of neural networks[J]. arXiv preprint arXiv:1312.6199, 2013.
|
[20] |
张思思, 左信, 刘建伟 . 深度学习中的对抗样本问题[J]. 计算机学报, 2019,42(8): 1886-1904.
|
|
ZHANG S S , ZUO X , LIU J W . The problem of adversarial examples in deep learning[J]. Chinese Journal of Computers, 2019,42(8): 1886-1904.
|
[21] |
段广晗, 马春光, 宋蕾 ,等. 深度学习中对抗样本的构造及防御研究[J]. 网络与信息安全学报, 2020,6(2): 1-11.
|
|
DUAN G H , MA C G , SONG L ,et al. Research on structure and defense of adversarial example in deep learning[J]. Chinese Journal of Network and Information Security, 2020,6(2): 1-11.
|
[22] |
刘西蒙, 谢乐辉, 王耀鹏 ,等. 深度学习中的对抗攻击与防御[J]. 网络与信息安全学报, 2020,6(5): 36-53.
|
|
LIU X M , XIE L H , WANG Y P ,et al. Adversarial attacks and defenses in deep learning[J]. Chinese Journal of Network and Information Security, 2020,6(5): 36-53.
|
[23] |
薛锐 . 公钥加密理论[M]. 北京: 科学出版社, 2016.
|
|
XUE R . Public key encryption theory[M]. Beijing: Science Press, 2016.
|
[24] |
DIFFIE W , HELLMAN M . New directions in cryptography[J]. IEEE Transactions on Information Theory, 1976,22(6): 644-654.
|
[25] |
RIVEST R L , SHAMIR A , ADLEMAN L . A method for obtaining digital signatures and public-key cryptosystems[J]. Communications of the ACM, 1978,21(2): 120-126.
|
[26] |
DONG Y , FU Q A , YANG X ,et al. Benchmarking adversarial robustness on image classification[C]// Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. 2020: 321-331.
|
[27] |
MADRY A , MAKELOV A , SCHMIDT L ,et al. Towards deep learning models resistant to adversarial attacks[J]. arXiv preprint arXiv:1706.06083, 2017.
|
[28] |
HYUN K , KIM Y , PARK K W ,et al. Friend-safe evasion attack:an adversarial example that is correctly recognized by a friendly classifier[J]. Computers & Security, 2018,78: 380-397.
|
[29] |
SU J , VARGAS D V , SAKURAI K . One pixel attack for fooling deep neural networks[J]. IEEE Transactions on Evolutionary Computation, 2019,23(5): 828-841.
|