Adversarial Attacks and Defenses Against Deep Learning Under the Cloud-Edge-Terminal Scenes

In the intelligent era of the Internet of everything, artificial intelligence technology represented by deep learning is changing many aspects of industrial production and human lifestyle. At the same time, with the maturity and development of the cloud-edge computing architecture, edge computing is increasingly moving towards the center stage of the intelligent era. lightweight models are deployed on embedded and IoT devices with limited computing resources. Although the artificial intelligence technology is becoming popular, its robustness and fragility to adversarial attacks have brought great security risks to the wide application of artificial intelligence systems. In response to this problem, domestic and foreign academia as well as the industry have carried out related research on artificial intelligence security, among which the research on adversarial attack and defense for deep learning has become a current hot topic. This paper focuses on the security issues of artificial intelligence technology under the cloud-edge-terminal scenarios, summarizes the countermeasures and defense technologies for large-scale neural networks and lightweight neural networks, and conducts a systematic review of related theories and research methods. First, several mainstream adversarial attack generation methods are reviewed and summarized. Secondly, from the perspective of robust prior, the existing adversarial defense work are divided into three categories: defense based on adversarial training, defense based on regularization and defense based on model structure. In this paper, the existing research work is systematically analyzed, and the strengths and weaknesses of current research are summarized. Finally, the current challenges and potential future research directions of adversarial attack and defense against deep learning models undet the cloud-edge-terminal scenarios are discussed.