Author Login Editor-in-Chief Peer Review Editor Work Office Work

Computer Engineering ›› 2021, Vol. 47 ›› Issue (1): 1-11. doi: 10.19678/j.issn.1000-3428.0059156

• Hot Topics and Reviews • Previous Articles     Next Articles

Survey of Adversarial Attacks and Defense Methods for Deep Learning Model

JIANG Yan, ZHANG Liguo   

  1. College of Computer Science and Technology, Harbin Engineering University, Harbin 150001, China
  • Received:2020-08-03 Revised:2020-09-29 Published:2020-10-22

面向深度学习模型的对抗攻击与防御方法综述

姜妍, 张立国   

  1. 哈尔滨工程大学 计算机科学与技术学院, 哈尔滨 150001
  • 作者简介:姜妍(1991-),女,博士研究生,主研方向为深度学习、对抗学习;张立国(通信作者),副教授、博士。
  • 基金资助:
    中央高校基本科研业务费专项资金(3072020CF0604,3072020CFQ0602)。

Abstract: As an important part of artificial intelligence technology,deep learning is widely used in computer vision,natural language processing and other fields.Although deep learning performs well in tasks such as image classification and target detection,its application security is potentially threatened by adversarial attacks,which further affects the security of the deep learning model itself.To address the problem,this paper briefly introduces the concept of adversarial sample and its causes,and on this basis analyzes the main attack modes and the targets of adversarial attacks.Then the paper studies the typical generation methods of adversarial samples,describes the detection methods and defense methods for adversarial samples,and represents the application cases of adversarial samples in the different fields.Finally,based on the analysis and summary of the attack modes and defense methods of adversarial attacks,the paper discusses the future directions of adversarial attack and defense research.

Key words: artificial intelligence, deep learning, adversarial attacks, security defense, adversarial samples

摘要: 深度学习作为人工智能技术的重要组成部分,被广泛应用于计算机视觉和自然语言处理等领域。尽管深度学习在图像分类和目标检测等任务中取得了较好性能,但是对抗攻击的存在对深度学习模型的安全应用构成了潜在威胁,进而影响了模型的安全性。在简述对抗样本的概念及其产生原因的基础上,分析对抗攻击的主要攻击方式及目标,研究具有代表性的经典对抗样本生成方法。描述对抗样本的检测与防御方法,并阐述对抗样本在不同领域的应用实例。通过对对抗样本攻击与防御方法的分析与总结,展望对抗攻击与防御领域未来的研究方向。

关键词: 人工智能, 深度学习, 对抗攻击, 安全防御, 对抗样本

CLC Number: