Back to Search Start Over

Model Robustness Optimization Method Using GAN and Feature Pyramid

Authors :
SUN Jiaze+, TANG Yanmei, WANG Shuyan
Source :
Jisuanji kexue yu tansuo, Vol 17, Iss 5, Pp 1139-1146 (2023)
Publication Year :
2023
Publisher :
Journal of Computer Engineering and Applications Beijing Co., Ltd., Science Press, 2023.

Abstract

Under the artificial intelligence adversarial environment, deep neural networks have an obvious vulnerability to adversarial samples. To improve the robustness of the model in the adversarial environment, a deep neural network model robustness optimization method AdvRob is proposed. Firstly, the target model is transformed into a feature pyramid structure, and then the prior knowledge of latent features is used to generate more aggressive adversarial samples for adversarial training. Experiments on the MNIST and CIFAR-10 datasets show that the adversarial samples generated by using latent features have a higher attack success rate, more diversity and stronger transferability than the AdvGAN method. Under high disturbances, on the MNIST dataset, compared with original model, the defensive ability of the AdvRob method against FGSM and JSMA attacks has been improved by at least 4 times, and the defensive ability against PGD, BIM, and C&W attacks has been improved by at least 10 times. Compared with original model, the defensive ability against FGSM, PGD, C&W, BIM and JSMA attacks is improved by at least 5 times, and the defensive effect is obvious on the CIFAR-10 dataset. On the SVHN dataset, compared with FGSM adversarial training, PGD adversarial training, defensive distillation, and model robustness optimization methods adding external modules, the AdvRob method has the most significant defensive effect against white-box attacks. It provides an efficient and robust optimization method for the DNN model in the adversarial environment.

Details

Language :
Chinese
ISSN :
16739418
Volume :
17
Issue :
5
Database :
Directory of Open Access Journals
Journal :
Jisuanji kexue yu tansuo
Publication Type :
Academic Journal
Accession number :
edsdoj.6bca210e0e6442df9e8fdf2f4f9c0103
Document Type :
article
Full Text :
https://doi.org/10.3778/j.issn.1673-9418.2106063