• 中国精品科技期刊
  • CCF推荐A类中文期刊
  • 计算领域高质量科技期刊T1类
高级检索

针对深度学习模型的对抗性攻击与防御

李明慧, 江沛佩, 王骞, 沈超, 李琦

李明慧, 江沛佩, 王骞, 沈超, 李琦. 针对深度学习模型的对抗性攻击与防御[J]. 计算机研究与发展, 2021, 58(5): 909-926. DOI: 10.7544/issn1000-1239.2021.20200920
引用本文: 李明慧, 江沛佩, 王骞, 沈超, 李琦. 针对深度学习模型的对抗性攻击与防御[J]. 计算机研究与发展, 2021, 58(5): 909-926. DOI: 10.7544/issn1000-1239.2021.20200920
Li Minghui, Jiang Peipei, Wang Qian, Shen Chao, Li Qi. Adversarial Attacks and Defenses for Deep Learning Models[J]. Journal of Computer Research and Development, 2021, 58(5): 909-926. DOI: 10.7544/issn1000-1239.2021.20200920
Citation: Li Minghui, Jiang Peipei, Wang Qian, Shen Chao, Li Qi. Adversarial Attacks and Defenses for Deep Learning Models[J]. Journal of Computer Research and Development, 2021, 58(5): 909-926. DOI: 10.7544/issn1000-1239.2021.20200920

针对深度学习模型的对抗性攻击与防御

基金项目: 国家重点研发计划项目(2020AAA0107700);国家自然科学基金优秀青年科学基金项目(61822207);国家自然科学基金重点项目(U20B2049)
详细信息
  • 中图分类号: TP391

Adversarial Attacks and Defenses for Deep Learning Models

Funds: This work was supported by the National Key Research and Development Program of China (2020AAA0107700), the National Natural Science Foundation of China for Excellent Young Scientists (61822207), and the Key Program of the National Natural Science Foundation of China (U20B2049).
  • 摘要: 以深度学习为主要代表的人工智能技术正在悄然改变人们的生产生活方式,但深度学习模型的部署也带来了一定的安全隐患.研究针对深度学习模型的攻防分析基础理论与关键技术,对深刻理解模型内在脆弱性、全面保障智能系统安全性、广泛部署人工智能应用具有重要意义.拟从对抗的角度出发,探讨针对深度学习模型的攻击与防御技术进展和未来挑战.首先介绍了深度学习生命周期不同阶段所面临的安全威胁.然后从对抗性攻击生成机理分析、对抗性攻击生成、对抗攻击的防御策略设计、对抗性攻击与防御框架构建4个方面对现有工作进行系统的总结和归纳.还讨论了现有研究的局限性并提出了针对深度学习模型攻防的基本框架.最后讨论了针对深度学习模型的对抗性攻击与防御未来的研究方向和面临的技术挑战.
    Abstract: Deep learning is one of the main representatives of artificial intelligence technology, which is quietly enhancing our daily lives. However, the deployment of deep learning models has also brought potential security risks. Studying the basic theories and key technologies of attacks and defenses for deep learning models is of great significance for a deep understanding of the inherent vulnerability of the models, comprehensive protection of intelligent systems, and widespread deployment of artificial intelligence applications. This paper discusses the development and future challenges of the adversarial attacks and defenses for deep learning models from the perspective of confrontation. In this paper, we first introduce the potential threats faced by deep learning at different stages. Afterwards, we systematically summarize the progress of existing attack and defense technologies in artificial intelligence systems from the perspectives of the essential mechanism of adversarial attacks, the methods of adversarial attack generation, defensive strategies against the attacks, and the framework of the attacks and defenses. We also discuss the limitations of related research and propose an attack framework and a defense framework for guidance in building better adversarial attacks and defenses. Finally, we discuss several potential future research directions and challenges for adversarial attacks and defenses against deep learning model.
  • 期刊类型引用(1)

    1. 马莎,杨钿,杜皎皎,凌云浩. 可撤销云安全多用户密文检索设计与实验分析. 实验室研究与探索. 2024(02): 18-22 . 百度学术

    其他类型引用(0)

计量
  • 文章访问数:  2302
  • HTML全文浏览量:  28
  • PDF下载量:  1759
  • 被引次数: 1
出版历程
  • 发布日期:  2021-04-30

目录

    /

    返回文章
    返回