Advanced Search
    Li Zituo, Sun Jianbin, Yang Kewei, Xiong Dehui. A Review of Adversarial Robustness Evaluation for Image Classification[J]. Journal of Computer Research and Development, 2022, 59(10): 2164-2189. DOI: 10.7544/issn1000-1239.20220507
    Citation: Li Zituo, Sun Jianbin, Yang Kewei, Xiong Dehui. A Review of Adversarial Robustness Evaluation for Image Classification[J]. Journal of Computer Research and Development, 2022, 59(10): 2164-2189. DOI: 10.7544/issn1000-1239.20220507

    A Review of Adversarial Robustness Evaluation for Image Classification

    • In recent years, artificial intelligence algorithms represented by deep learning have been successfully used in the fields such as financial security, automatic driving, medical diagnosis. However, the emergence of adversarial attacks has brought huge security risks to the application of image classification, which is a basic visual task in the above fields. Improving the ability of deep learning model to resist adversarial attacks (i.e., the adversarial robustness) has become a feasible technique to effectively alleviate this problem. In order to evaluate the adversarial robustness of deep learning model scientifically and comprehensively, many scholars have carried out in-depth research on adversarial robustness evaluation from the perspectives of benchmark evaluation and index evaluation. This paper reviews the adversarial robustness mainly from the perspective of index evaluation. Firstly, we introduce the concepts related to adversarial examples and the reasons for their existence, and summarize the evaluation criteria that should be followed in the evaluation of adversarial robustness. Secondly, we focus on sorting out existing adversarial robustness evaluation indicators from two aspects of attacked model and test data. Then, the mainstream image classification datasets and the adversarial attack-defense integration tools are analyzed and summarized to lay a foundation for the follow-up relative research. Finally, the advantages and disadvantages of the current research and the potential future research direction are discussed. This paper aims to provide practitioners or learners in related fields with a comprehensive, systematic and objective overview of adversarial robustness evaluation index for image categorization.
    • loading

    Catalog

      Turn off MathJax
      Article Contents

      /

      DownLoad:  Full-Size Img  PowerPoint
      Return
      Return