Adversarial Attacks and Defenses Against Deep Learning Under the Cloud-Edge-Terminal Scenes

Li Qian; Lin Chenhao; Yang Yulong; Shen Chao; Fang Liming

doi:10.7544/issn1000-1239.20220665

Journal of Computer Research and Development > 2022 > 59(10): 2109-2129. > DOI: 10.7544/issn1000-1239.20220665 CSTR: 32373.14.issn1000-1239.20220665

Li Qian, Lin Chenhao, Yang Yulong, Shen Chao, Fang Liming. Adversarial Attacks and Defenses Against Deep Learning Under the Cloud-Edge-Terminal Scenes[J]. Journal of Computer Research and Development, 2022, 59(10): 2109-2129. DOI: 10.7544/issn1000-1239.20220665

Citation:

PDF (1761 KB)

Adversarial Attacks and Defenses Against Deep Learning Under the Cloud-Edge-Terminal Scenes

¹(School of Cyber Science and Engineering, Xi’an Jiaotong University, Xi’an 710049)
²(Key Laboratory for Intelligent Networks and Network Security(Xi’an Jiaotong University), Ministry of Education, Xi’an 710049)
³(College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 210016)

Funds: This work was supported by the National Key Research and Development Program of China (2021YFB3100700), the National Natural Science Foundation of China (62006181, 62161160337, 62132011, U21B2018, U20A20177), the Key Research and Development Program of Shaanxi Province (2021ZDLGY01-02), and the Industrial Internet Innovation and Development Project (TC200H02X).

More Information

Published Date: September 30, 2022

Graphical Abstract

Abstract

Abstract

In the intelligent era of the Internet of everything, artificial intelligence technology represented by deep learning is changing many aspects of industrial production and human lifestyle. At the same time, with the maturity and development of the cloud-edge computing architecture, edge computing is increasingly moving towards the center stage of the intelligent era. lightweight models are deployed on embedded and IoT devices with limited computing resources. Although the artificial intelligence technology is becoming popular, its robustness and fragility to adversarial attacks have brought great security risks to the wide application of artificial intelligence systems. In response to this problem, domestic and foreign academia as well as the industry have carried out related research on artificial intelligence security, among which the research on adversarial attack and defense for deep learning has become a current hot topic. This paper focuses on the security issues of artificial intelligence technology under the cloud-edge-terminal scenarios, summarizes the countermeasures and defense technologies for large-scale neural networks and lightweight neural networks, and conducts a systematic review of related theories and research methods. First, several mainstream adversarial attack generation methods are reviewed and summarized. Secondly, from the perspective of robust prior, the existing adversarial defense work are divided into three categories: defense based on adversarial training, defense based on regularization and defense based on model structure. In this paper, the existing research work is systematically analyzed, and the strengths and weaknesses of current research are summarized. Finally, the current challenges and potential future research directions of adversarial attack and defense against deep learning models undet the cloud-edge-terminal scenarios are discussed.
- artificial intelligence security,
- adversarial attacks,
- adversarial defenses,
- deep neural networks,
- lightweight neural networks

FullText(HTML)

References (0)

[1]	Ge Zhenxing, Xiang Shuai, Tian Pinzhuo, Gao Yang. Solving GuanDan Poker Games with Deep Reinforcement Learning[J]. Journal of Computer Research and Development, 2024, 61(1): 145-155. DOI: 10.7544/issn1000-1239.202220697
[2]	Liu Qixu, Liu Jiaxi, Jin Ze, Liu Xinyu, Xiao Juxin, Chen Yanhui, Zhu Hongwen, Tan Yaokang. Survey of Artificial Intelligence Based IoT Malware Detection[J]. Journal of Computer Research and Development, 2023, 60(10): 2234-2254. DOI: 10.7544/issn1000-1239.202330450
[3]	Li Qian, Lin Chenhao, Yang Yulong, Shen Chao, Fang Liming. Adversarial Attacks and Defenses Against Deep Learning Under the Cloud-Edge-Terminal Scenes[J]. Journal of Computer Research and Development, 2022, 59(10): 2109-2129. DOI: 10.7544/issn1000-1239.20220665
[4]	Li Minghui, Jiang Peipei, Wang Qian, Shen Chao, Li Qi. Adversarial Attacks and Defenses for Deep Learning Models[J]. Journal of Computer Research and Development, 2021, 58(5): 909-926. DOI: 10.7544/issn1000-1239.2021.20200920
[5]	Chen Yufei, Shen Chao, Wang Qian, Li Qi, Wang Cong, Ji Shouling, Li Kang, Guan Xiaohong. Security and Privacy Risks in Artificial Intelligence Systems[J]. Journal of Computer Research and Development, 2019, 56(10): 2135-2150. DOI: 10.7544/issn1000-1239.2019.20190415
[6]	Cao Zhenfu. New Devolopment of Information Security——For the 60th Anniversary of Journal of Computer Research and Development[J]. Journal of Computer Research and Development, 2019, 56(1): 131-137. DOI: 10.7544/issn1000-1239.2019.20180756
[7]	Wang Yilei, Zhuo Yifan, Wu Yingjie, Chen Mingqin. Question Answering Algorithm on Image Fragmentation Information Based on Deep Neural Network[J]. Journal of Computer Research and Development, 2018, 55(12): 2600-2610. DOI: 10.7544/issn1000-1239.2018.20180606
[8]	Li Chao, Yin Lihua, Guo Yunchuan. Analysis for Probabilistic and Timed Information Flow Security Properties via ptSPA[J]. Journal of Computer Research and Development, 2011, 48(8): 1370-1380.
[9]	Wei Yong, Lian Yifeng, and Feng Dengguo. A Network Security Situational Awareness Model Based on Information Fusion[J]. Journal of Computer Research and Development, 2009, 46(3): 353-362.
[10]	Liu Guohua, Song Jinling, Huang Liming, Zhao Danfeng, Song Li. Measurement and Elimination of Information Disclosure in Publishing Views[J]. Journal of Computer Research and Development, 2007, 44(7): 1227-1235.

Cited By

Cited by

Periodical cited type(2)

1.	邵子豪，霍如，王志浩，倪东，谢人超. 基于区块链的移动群智感知数据处理研究综述. 浙江大学学报(工学版). 2024(06): 1091-1106 .
2.	赵贺贺，高鹏飞，张健明. 英式逆拍卖可以提高第三支柱养老保险市场效率吗？. 长沙民政职业技术学院学报. 2023(01): 74-80 .