• 中国精品科技期刊
  • CCF推荐A类中文期刊
  • 计算领域高质量科技期刊T1类
Advanced Search
Li Minghui, Jiang Peipei, Wang Qian, Shen Chao, Li Qi. Adversarial Attacks and Defenses for Deep Learning Models[J]. Journal of Computer Research and Development, 2021, 58(5): 909-926. DOI: 10.7544/issn1000-1239.2021.20200920
Citation: Li Minghui, Jiang Peipei, Wang Qian, Shen Chao, Li Qi. Adversarial Attacks and Defenses for Deep Learning Models[J]. Journal of Computer Research and Development, 2021, 58(5): 909-926. DOI: 10.7544/issn1000-1239.2021.20200920
shu

Adversarial Attacks and Defenses for Deep Learning Models

  • 1(Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education (Wuhan University), Wuhan 430072)

  • 2(School of Cyber Science and Engineering, Wuhan University, Wuhan 430072)

  • 3(Key Laboratory for Intelligent Networks and Network Security (Xi’an Jiaotong University), Ministry of Education, Xi’an 710049)

  • 4(Faculty of Electronic and Information Engineering, Xi’an Jiaotong University, Xi’an 710049)

  • 5(Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing 100084)

Funds: This work was supported by the National Key Research and Development Program of China (2020AAA0107700), the National Natural Science Foundation of China for Excellent Young Scientists (61822207), and the Key Program of the National Natural Science Foundation of China (U20B2049).
More Information
  • Published Date: April 30, 2021
    Graphical Abstract
    • Abstract
  • Deep learning is one of the main representatives of artificial intelligence technology, which is quietly enhancing our daily lives. However, the deployment of deep learning models has also brought potential security risks. Studying the basic theories and key technologies of attacks and defenses for deep learning models is of great significance for a deep understanding of the inherent vulnerability of the models, comprehensive protection of intelligent systems, and widespread deployment of artificial intelligence applications. This paper discusses the development and future challenges of the adversarial attacks and defenses for deep learning models from the perspective of confrontation. In this paper, we first introduce the potential threats faced by deep learning at different stages. Afterwards, we systematically summarize the progress of existing attack and defense technologies in artificial intelligence systems from the perspectives of the essential mechanism of adversarial attacks, the methods of adversarial attack generation, defensive strategies against the attacks, and the framework of the attacks and defenses. We also discuss the limitations of related research and propose an attack framework and a defense framework for guidance in building better adversarial attacks and defenses. Finally, we discuss several potential future research directions and challenges for adversarial attacks and defenses against deep learning model.
    • FullText(HTML)
    • References (0)
    • Related Articles

  • Related Articles

    [1]Tai Jianwei, Yang Shuangning, Wang Jiajia, Li Yakai, Liu Qixu, Jia Xiaoqi. Survey of Adversarial Attacks and Defenses for Large Language Models[J]. Journal of Computer Research and Development, 2025, 62(3): 563-588. DOI: 10.7544/issn1000-1239.202440630
    [2]Liu Jialang, Guo Yanming, Lao Mingrui, Yu Tianyuan, Wu Yulun, Feng Yunhao, Wu Jiazhuang. Survey of Backdoor Attack and Defense Algorithms Based on Federated Learning[J]. Journal of Computer Research and Development, 2024, 61(10): 2607-2626. DOI: 10.7544/issn1000-1239.202440487
    [3]Zhao Jingxin, Yue Xinghui, Feng Chongpeng, Zhang Jing, Li Yin, Wang Na, Ren Jiadong, Zhang Haoxing, Wu Gaofei, Zhu Xiaoyan, Zhang Yuqing. Survey of Data Privacy Security Based on General Data Protection Regulation[J]. Journal of Computer Research and Development, 2022, 59(10): 2130-2163. DOI: 10.7544/issn1000-1239.20220800
    [4]Li Qian, Lin Chenhao, Yang Yulong, Shen Chao, Fang Liming. Adversarial Attacks and Defenses Against Deep Learning Under the Cloud-Edge-Terminal Scenes[J]. Journal of Computer Research and Development, 2022, 59(10): 2109-2129. DOI: 10.7544/issn1000-1239.20220665
    [5]Chen Yan, Gao Zhenguo, Wang Haijun, Ouyang Yun, Gou Jin. Node Localization Protocol with Adjustable Privacy Protection Capability[J]. Journal of Computer Research and Development, 2022, 59(9): 2075-2088. DOI: 10.7544/issn1000-1239.20210009
    [6]Fu Yao, Li Qingdan, Zhang Zehui, Gao Tiegang. Data Integrity Verification Scheme for Privacy Protection and Fair Payment[J]. Journal of Computer Research and Development, 2022, 59(6): 1343-1355. DOI: 10.7544/issn1000-1239.20210023
    [7]Zhou Chunyi, Chen Dawei, Wang Shang, Fu Anmin, Gao Yansong. Research and Challenge of Distributed Deep Learning Privacy and Security Attack[J]. Journal of Computer Research and Development, 2021, 58(5): 927-943. DOI: 10.7544/issn1000-1239.2021.20200966
    [8]He Yingzhe, Hu Xingbo, He Jinwen, Meng Guozhu, Chen Kai. Privacy and Security Issues in Machine Learning Systems: A Survey[J]. Journal of Computer Research and Development, 2019, 56(10): 2049-2070. DOI: 10.7544/issn1000-1239.2019.20190437
    [9]Yan Xixi, Liu Yuan, Li Zichen, Tang Yongli. Multi-Authority Attribute-Based Encryption Scheme with Privacy Protection[J]. Journal of Computer Research and Development, 2018, 55(4): 846-853. DOI: 10.7544/issn1000-1239.2018.20161043
    [10]Liu Yahui, Zhang Tieying, Jin Xiaolong, Cheng Xueqi. Personal Privacy Protection in the Era of Big Data[J]. Journal of Computer Research and Development, 2015, 52(1): 229-247. DOI: 10.7544/issn1000-1239.2015.20131340

  • Cited by

    Periodical cited type(14)

    1. 董彦松,刘月浩,董旭乾,赵亮,田聪,于斌,段振华. 基于误差分治的神经网络验证. 软件学报. 2024(05): 2307-2324 .
    2. 江钦辉,李默涵,孙彦斌. 深度神经网络后门防御综述. 信息安全学报. 2024(04): 47-63 .
    3. 陆正之,黄希宸,彭勃. 军事智能数据安全问题:对抗攻击威胁. 网络安全与数据治理. 2024(11): 23-28 .
    4. 王志波,王雪,马菁菁,秦湛,任炬,任奎. 面向计算机视觉系统的对抗样本攻击综述. 计算机学报. 2023(02): 436-468 .
    5. 萧晓彤,丁建伟,张琪. 基于图片边界后门嵌入的图像识别攻击研究. 现代电子技术. 2023(06): 129-134 .
    6. 张恒,吕雪,刘东,王国胤,杭芹,沙睿,郭宾. 核电人工智能应用:现状、挑战和机遇. 核动力工程. 2023(01): 1-8 .
    7. 吴炜霞,向红权,石凯. 智能无人系统安全防御体系研究. 信息安全与通信保密. 2023(05): 81-87 .
    8. 顾凡. 无线局域网络入侵行为的预判算法设计与仿真. 贵阳学院学报(自然科学版). 2023(03): 50-55 .
    9. 汪欣欣,陈晶,何琨,张子君,杜瑞颖,李瞧,佘计思. 面向目标检测的对抗攻击与防御综述. 通信学报. 2023(11): 260-277 .
    10. 姜忠龙,邓德位. 军事信息系统人工智能对抗技术研究. 舰船电子工程. 2023(11): 27-32 .
    11. 刘佳美,孙涵,林磊. 基于伪标签的可防御稳定网络. 计算机技术与发展. 2022(06): 34-38 .
    12. 彭琨,丁小波,蔡茂贞,钟地秀,黎蕴玉. 分布式图像解析系统的设计与研究. 现代计算机. 2022(11): 31-34+40 .
    13. 李自拓,孙建彬,杨克巍,熊德辉. 面向图像分类的对抗鲁棒性评估综述. 计算机研究与发展. 2022(10): 2164-2189 . 本站查看
    14. 陈国明,袁泽铎,龙舜,麦舒桃. 一种基于格雷码置乱与分块混沌置乱的医学影像隐私保护分类方案. 数据采集与处理. 2022(05): 984-996 .

    Other cited types(25)

Catalog

    Get Citation
    PDF
    XML
    Article views (2348) PDF downloads (1776) Cited by(39)
    Turn off MathJax
    Article Contents
    Abstract
    Related Articles
    Email Alert RSS
    微信订阅号<br/>(实时资讯)

    微信订阅号
    (实时资讯)

    微信服务号<br/>(同步网站)

    微信服务号
    (同步网站)

    微信视频号<br/>(视频分享)

    微信视频号
    (视频分享)

    CCF<br/>(扫码入会)

    CCF
    (扫码入会)

    Copyright © Editorial Department of Computer Research and Development

    Supported by: Beijing Renhe Information Technology Co., Ltd. Baidu Analytics

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return