基于遥感图像场景分类的频域量化对抗攻击

doi:10.19678/j.issn.1000-3428.0069675

计算机工程 ›› 2026, Vol. 52 ›› Issue (1): 266-281. doi: 10.19678/j.issn.1000-3428.0069675

基于遥感图像场景分类的频域量化对抗攻击

王熠¹, 李智¹^,*(), 张丽¹, 石雪丽¹, 刘登波¹, 卢妤²

1. 贵州大学计算机科学与技术学院, 贵州贵阳 550025
2. 贵州电网有限责任公司, 贵州贵阳 550002

收稿日期:2024-03-29 修回日期:2024-05-31 出版日期:2026-01-15 发布日期:2024-07-11
通讯作者: 李智
作者简介:
王熠(CCF学生会员), 女, 硕士研究生, 主研方向为深度学习、图像对抗
李智(CCF会员、通信作者), 教授、博士
张丽, 讲师、硕士
石雪丽, 硕士研究生
刘登波, 硕士研究生
卢妤, 高级工程师
基金资助:
国家自然科学基金(62062023)

Frequency-Domain Quantification Adversarial Attacks Based on Remote Sensing Image Scene Classification

WANG Yi¹, LI Zhi¹^,*(), ZHANG Li¹, SHI Xueli¹, LIU Dengbo¹, LU Yu²

1. School of Computer Science and Technology, Guizhou University, Guiyang 550025, Guizhou, China
2. Guizhou Power Grid Co., Ltd., Guiyang 550002, Guizhou, China

Received:2024-03-29 Revised:2024-05-31 Online:2026-01-15 Published:2024-07-11
Contact: LI Zhi

摘要/Abstract

摘要：

深度神经网络在遥感图像的场景分类任务中取得巨大成功。然而, 由于对抗样本具有较强的可迁移性, 基于遥感图像的场景分类网络的脆弱性不容忽视。为了增强遥感图像场景分类网络的鲁棒性, 确保其在各种环境和条件下的可靠性和安全性, 有效提高其实际应用价值, 提出一种频域的量化对抗攻击(FDQ)方法。首先, 将输入图像进行离散余弦变换(DCT), 在频域中利用量化筛选器有效捕捉使图像正确分类的关键特征在频域中的突出区域; 然后, 提出一个基于类的注意力损失, 使得量化筛选器逐渐丢失这些使图像正确分类的关键特征, 模型的注意力逐渐偏离与原始类别毫不相干的特征和区域。所提方法利用模型的注意力分布实现特征层级的黑盒攻击, 通过找到不同网络中的共同防御漏洞, 实现针对遥感图像生成且具有通用性的对抗样本。实验结果表明, FDQ方法可在遥感图像场景分类任务中成功攻击大多数最先进的深度神经网络, 与目前最先进的基于遥感图像场景分类任务的攻击方法相比, FDQ在基准数据集UCM和AID上基于RegNetX-400MF架构的攻击成功率分别提高了35.43%和23.63%。实验表明FDQ具有良好的攻击性和可迁移性, 很难被防御系统抵御。

关键词: 对抗攻击, 对抗样本, 深度神经网络, 遥感图像, 场景分类, 黑盒攻击

Abstract:

Deep neural networks have achieved significant success in remote sensing image scene classification. However, because of the strong transferability of adversarial samples, the vulnerability of scene classification networks based on remote sensing images cannot be ignored. To enhance the robustness of remote sensing image scene classification networks, ensure their reliability and security in various environments and conditions, and effectively improve their practical application value, this study proposes a Frequency-Domain Quantization (FDQ) adversarial attack method. First, the input image is subjected to a Discrete Cosine Transform (DCT), and a quantization filter is used in the frequency domain to effectively capture the prominent regions of key features that enable the image to be correctly classified in the frequency domain. Then, a class-based attention loss is proposed, which gradually causes the quantization filter to lose these key features that enable correct image classification, and the model's attention gradually deviates from features and regions that are completely unrelated to the original category. The proposed method uses the attention distribution of a model to implement black-box attacks at the feature level. Universal adversarial samples are obtained for remote sensing image generation by identifying common defense vulnerabilities in different networks. Experimental results demonstrate that the FDQ method can successfully attack most of the advanced deep neural networks in remote sensing image scene classification tasks. Compared with the current state-of-the-art attack methods based on remote sensing image scene classification tasks, FDQ's attack success rate based on the RegNetX-400MF architecture on the UCM and AID benchmark datasets increases by 35.43% and 23.63%, respectively. Experiments have shown that FDQ has good attack and transferability, making it more difficult for defense systems to resist.

Key words: adversarial attacks, adversarial examples, deep neural networks, remote sensing images, scene classification, black-box attacks

王熠, 李智, 张丽, 石雪丽, 刘登波, 卢妤. 基于遥感图像场景分类的频域量化对抗攻击[J]. 计算机工程, 2026, 52(1): 266-281.

WANG Yi, LI Zhi, ZHANG Li, SHI Xueli, LIU Dengbo, LU Yu. Frequency-Domain Quantification Adversarial Attacks Based on Remote Sensing Image Scene Classification[J]. Computer Engineering, 2026, 52(1): 266-281.

https://www.ecice06.com/CN/Y2026/V52/I1/266

图/表 15

图1 FDQ网络模型

Fig.1 FDQ network model

图2 4个代表性模型的注意力热图

Fig.2 Heatmap of attention for four representative models

图3 模型对实际类别的注意力计算流程

Fig.3 The attention calculation process of the model for actual categories

图4 损失曲线

Fig.4 Loss curves

图5 不同最大量化步长ρ约束下FDQ攻击的可迁移性比较

Fig.5 Comparison of transferability of FDQ attacks under different maximum quantization step sizes ρ constraints

图6 4个数据集上的对抗样本图像组

Fig.6 Adversarial sample image sets on four datasets

图7 干净样本和对抗样本的注意力热图比较

Fig.7 Comparison of attention heatmaps between clean samples and adversarial samples

参考文献 67

1	BOUKABARA S A , EYRE J , ANTHES R A , et al. The earth-observing satellite constellation: a review from a meteorological perspective of a complex, interconnected global system with extensive applications. IEEE Geoscience and Remote Sensing Magazine, 2021, 9 (3): 26- 42. doi: 10.1109/MGRS.2021.3070248
2	CHRISTOPHERSON J, CHANDRA S N R, QUANBECK J Q. 2019 joint agency commercial imagery evaluation—land remote sensing satellite compendium[EB/OL]. [2024-02-05]. https://pubs.usgs.gov/publication/cir1455.
3	ZHANG R Q , ZHU D L . Study of land cover classification based on knowledge rules using high-resolution remote sensing images. Expert Systems with Applications, 2011, 38 (4): 3647- 3652. doi: 10.1016/j.eswa.2010.09.019
4	CHERIYADAT A M . Unsupervised feature learning for aerial scene classification. IEEE Transactions on Geoscience and Remote Sensing, 2014, 52 (1): 439- 451. doi: 10.1109/TGRS.2013.2241444
5	DU L , LING H B . Dynamic scene classification using redundant spatial scenelets. IEEE Transactions on Cybernetics, 2016, 46 (9): 2156- 2165. doi: 10.1109/TCYB.2015.2466692
6	CHENG G , HAN J W , LU X Q . Remote sensing image scene classification: benchmark and state of the art. Proceedings of the IEEE, 2017, 105 (10): 1865- 1883. doi: 10.1109/JPROC.2017.2675998
7	HAN J W , ZHANG D W , CHENG G , et al. Object detection in optical remote sensing images based on weakly supervised learning and high-level feature learning. IEEE Transactions on Geoscience and Remote Sensing, 2015, 53 (6): 3325- 3337. doi: 10.1109/TGRS.2014.2374218
8	WU X , LI W , HONG D F , et al. Deep learning for unmanned aerial vehicle-based object detection and tracking: a survey. IEEE Geoscience and Remote Sensing Magazine, 2022, 10 (1): 91- 124. doi: 10.1109/MGRS.2021.3115137
9	GHORBANZADEH O , TIEDE D , WENDT L , et al. Transferable instance segmentation of dwellings in a refugee camp-integrating CNN and OBIA. European Journal of Remote Sensing, 2021, 54 (1): 127- 140.
10	ZHANG L P , ZHANG L F , DU B . Deep learning for remote sensing data: a technical tutorial on the state of the art. IEEE Geoscience and Remote Sensing Magazine, 2016, 4 (2): 22- 40. doi: 10.1109/MGRS.2016.2540798
11	WU G M , GUO Y M , SONG X Y , et al. A stacked fully convolutional networks with feature alignment framework for multi-label land-cover segmentation. Remote Sensing, 2019, 11 (9): 1051. doi: 10.3390/rs11091051
12	MOHAMMADIMANESH F , SALEHI B , MAHDIANPARI M , et al. A new fully convolutional neural network for semantic segmentation of polarimetric SAR imagery in complex land cover ecosystem. ISPRS Journal of Photogrammetry and Remote Sensing, 2019, 151, 223- 236. doi: 10.1016/j.isprsjprs.2019.03.015
13	GHAMISI P , RASTI B , YOKOYA N , et al. Multisource and multitemporal data fusion in remote sensing: a comprehensive review of the state of the art. IEEE Geoscience and Remote Sensing Magazine, 2019, 7 (1): 6- 39. doi: 10.1109/MGRS.2018.2890023
14	刘金香, 班伟, 陈宇, 等. 融合多维度CNN的高光谱遥感图像分类算法. 中国激光学报, 2021, 48 (16): 1610003.
	LIU J X , BAN W , CHEN Y , et al. Hyperspectral remote sensing image classification algorithm incorporating multi-dimensional CNN. Chinese Journal of Lasers, 2021, 48 (16): 1610003.
15	徐从安, 吕亚飞, 张筱晗, 等. 基于双重注意力机制的遥感图像场景分类特征表示方法. 电子与信息学报, 2021, 43 (3): 683- 691.
	XU C A , LV Y F , ZHANG X H , et al. A feature representation method for remote sensing image scene classification based on dual attention mechanism. Journal of Electronics and Information, 2021, 43 (3): 683- 691.
16	于野, 艾华, 贺小军, 等. A-FPN算法及其在遥感图像船舶检测中的应用. 遥感学报, 2021, 24 (2): 107- 115.
	YU Y , AI H , HE X J , et al. A-FPN algorithm and its application to ship detection in remote sensing images. Journal of Remote Sensing, 2021, 24 (2): 107- 115.
17	齐嘉豪, 张宇, 万鹏程, 等. 红外遥感图像目标识别对抗算法研究. 航空兵器, 2022, 29 (3): 1- 7.
	QI J H , ZHANG Y , WAN P C , et al. Research on target recognition adversarial algorithm for infrared remote sensing images. Air Armament, 2022, 29 (3): 1- 7.
18	SZEGEDY C, ZAREMBA W, SUTSKEVER I, et al. Intriguing properties of neural networks[EB/OL]. [2024-02-05]. https://arxiv.org/abs/1312.6199.
19	CZAJA W, FENDLEY N, PEKALA M, et al. Adversarial examples in remote sensing[C]//Proceedings of the 26th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems. New York, USA: ACM Press, 2018: 408-411.
20	CHEN L, ZHU G, LI Q, et al. Adversarial example in remote sensing image recognition[EB/OL]. [2024-02-05]. https://arxiv.org/pdf/1910.13222.
21	XU Y H , DU B , ZHANG L P . Assessing the threat of adversarial examples on deep neural networks for remote sensing scene classification: attacks and defenses. IEEE Transactions on Geoscience and Remote Sensing, 2021, 59 (2): 1604- 1617. doi: 10.1109/TGRS.2020.2999962
22	CHEN L , XU Z W , LI Q , et al. An empirical study of adversarial examples on remote sensing image scene classification. IEEE Transactions on Geoscience and Remote Sensing, 2021, 59 (9): 7419- 7433. doi: 10.1109/TGRS.2021.3051641
23	XU Y H , DU B , ZHANG L P . Self-attention context network: addressing the threat of adversarial attacks for hyperspectral image classification. IEEE Transactions on Image Processing, 2021, 30, 8671- 8685. doi: 10.1109/TIP.2021.3118977
24	XU Y H , GHAMISI P . Universal adversarial examples in remote sensing: methodology and benchmark. IEEE Transactions on Geoscience and Remote Sensing, 2022, 60, 1- 15.
25	YOSINSKI J, CLUNE J, NGUYEN A, et al. Understanding neural networks through deep visualization[EB/OL]. [2024-02-05]. https://arxiv.org/abs/1506.06579.
26	SELVARAJU R R, COGSWELL M, DAS A, et al. Grad-CAM: visual explanations from deep networks via gradient-based localization[C]//Proceedings of the IEEE International Conference on Computer Vision (ICCV). Washington D.C., USA: IEEE Press, 2017: 618-626.
27	BRENDEL W, RAUBER J, BETHGE M. Decision-based adversarial attacks: reliable attacks against black-box machine learning models[EB/OL]. [2024-02-05]. https://arxiv.org/abs/1712.04248.
28	CHEN P Y, ZHANG H, SHARMA Y, et al. ZOO: zeroth order optimization based black-box attacks to deep neural networks without training substitute models[C]//Proceedings of the 10th ACM Workshop on Artificial Intelligence and Security. New York, USA: ACM Press, 2017: 15-26.
29	CHEN J B, JORDAN M I, WAINWRIGHT M J. HopSkipJumpAttack: a query-efficient decision-based attack[C]//Proceedings of the IEEE Symposium on Security and Privacy (SP). Washington D.C., USA: IEEE Press, 2020: 1277-1294.
30	PAPERNOT N, MCDANIEL P, GOODFELLOW I. Transferability in machine learning: from phenomena to black-box attacks using adversarial samples[EB/OL]. [2024-02-05]. https://arxiv.org/abs/1605.07277.
31	PAPERNOT N, MCDANIEL P, GOODFELLOW I, et al. Practical black-box attacks against machine learning[C]//Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security. New York, USA: ACM Press, 2017: 506-519.
32	DONG Y P, LIAO F Z, PANG T Y, et al. Boosting adversarial attacks with momentum[C]//Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition. Washington D.C., USA: IEEE Press, 2018: 9185-9193.
33	XIE C H, ZHANG Z S, ZHOU Y Y, et al. Improving transferability of adversarial examples with input diversity[C]//Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). Washington D.C., USA: IEEE Press, 2019: 2725-2734.
34	GAO L L, ZHANG Q L, SONG J K, et al. Patch-wise attack for fooling deep neural network[EB/OL]. [2024-02-05]. https://arxiv.org/abs/2007.06765.
35	WU W B, SU Y X, LYU M R, et al. Improving the transferability of adversarial samples with adversarial transformations[C]//Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). Washington D.C., USA: IEEE Press, 2021: 9020-9029.
36	ZHOU W, HOU X, CHEN Y J, et al. Transferable adversarial perturbations[EB/OL]. [2024-02-05]. https://openaccess.thecvf.com/content_ECCV_2018/papers/Bruce_Hou_Transferable_Adversarial_Perturbations_ECCV_2018_paper.pdf.
37	INKAWHICH N, WEN W, LI H H, et al. Feature space perturbations yield more transferable adversarial examples[C]//Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). Washington D.C., USA: IEEE Press, 2019: 7059-7067.
38	WU W B, SU Y X, CHEN X X, et al. Boosting the transferability of adversarial samples via attention[C]//Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). Washington D.C., USA: IEEE Press, 2020: 1158-1167.
39	WANG Z B, GUO H C, ZHANG Z F, et al. Feature importance-aware transferable adversarial attacks[C]//Proceedings of the IEEE/CVF International Conference on Computer Vision (ICCV). Washington D.C., USA: IEEE Press, 2021: 7619-7628.
40	GAO L L , HUANG Z J , SONG J K , et al. Push & pull: transferable adversarial examples with attentive attack. IEEE Transactions on Multimedia, 2022, 24, 2329- 2338. doi: 10.1109/TMM.2021.3079723
41	KIM W J, HONG S, YOON S E. Diverse generative adversarial perturbations on attention space for transferable adversarial attacks[EB/OL]. [2024-02-05]. https://arxiv.org/pdf/2208.05650.
42	LUO C, LIN Q L, XIE W C, et al. Frequency-driven imperceptible adversarial attack on semantic similarity[C]//Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). Washington D.C., USA: IEEE Press, 2022: 15294-15303.
43	NASEER M M, KHAN S H, KHAN M H, et al. Cross-domain transferability of adversarial perturbations[EB/OL]. [2024-02-05]. https://arxiv.org/abs/1905.11736.
44	ZHANG Q, LI X, CHEN Y, et al. Beyond ImageNet attack: towards crafting adversarial examples for black-box domains[EB/OL]. [2024-02-05]. https://arxiv.org/abs/2201.11528.
45	HECKBERT P . Color image quantization for frame buffer display. ACM SIGGRAPH Computer Graphics, 1982, 16 (3): 297- 307. doi: 10.1145/965145.801294
46	ORCHARD M T , BOUMAN C A . Color quantization of images. IEEE Transactions on Signal Processing, 1991, 39 (12): 2677- 2690. doi: 10.1109/78.107417
47	WALLACE G K . The JPEG still picture compression standard. Communications of the ACM, 1991, 34 (4): 30- 44. doi: 10.1145/103085.103089
48	HINTON G E . Learning multiple layers of representation. Trends in Cognitive Sciences, 2007, 11 (10): 428- 434. doi: 10.1016/j.tics.2007.09.004
49	RAZAVIAN A S, AZIZPOUR H, SULLIVAN J, et al. CNN features off-the-shelf: an astounding baseline for recognition[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition Workshops. Washington D.C., USA: IEEE Press, 2014: 512-519.
50	SIMONYAN K, ZISSERMAN A. Very deep convolutional networks for large-scale image recognition[EB/OL]. [2024-02-05]. https://arxiv.org/abs/1409.1556.
51	HE K M, ZHANG X Y, REN S Q, et al. Deep residual learning for image recognition[C]// Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR). Washington D.C., USA: IEEE Press, 2016: 770-778.
52	HUANG G, LIU Z, VAN DER MAATEN L, et al. Densely connected convolutional networks[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR). Washington D.C., USA: IEEE Press, 2017: 2261-2269.
53	SZEGEDY C, VANHOUCKE V, IOFFE S, et al. Rethinking the inception architecture for computer vision[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR). Washington D.C., USA: IEEE Press, 2016: 2818-2826.
54	YANG Y, NEWSAM S. Bag-of-visual-words and spatial extensions for land-use classification[C]//Proceedings of the 18th SIGSPATIAL International Conference on Advances in Geographic Information Systems. Washington D.C., USA: IEEE Press, 2010: 270-279.
55	XIA G S , HU J W , HU F , et al. AID: a benchmark data set for performance evaluation of aerial scene classification. IEEE Transactions on Geoscience and Remote Sensing, 2017, 55 (7): 3965- 3981. doi: 10.1109/TGRS.2017.2685945
56	XIA G S, YANG W, DELON J, et al. Structural high-resolution satellite image indexing[EB/OL]. [2024-02-05]. https://hal.science/file/index/docid/458685/filename/structural_satellite_indexing_XYDG.pdf.
57	DAI D X , YANG W . Satellite image classification via two-layer sparse coding with biased image representation. IEEE Geoscience and Remote Sensing Letters, 2011, 8 (1): 173- 176. doi: 10.1109/LGRS.2010.2055033
58	ROSS T D, WORRELL S W, VELTEN V J, et al. Standard SAR ATR evaluation experiments using the MSTAR public release data set[EB/OL]. [2024-02-05]. https://www.spiedigitallibrary.org/conference-proceedings-of-spie/3370/1/Standard-SAR-ATR-evaluation-experiments-using-the-MSTAR-public-release/10.1117/12.321859.full.
59	RADOSAVOVIC I, KOSARAJU R P, GIRSHICK R, et al. Designing network design spaces[C]//Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR). Washington D.C., USA: IEEE Press, 2020: 10425-10433.
60	KRIZHEVSKY A , SUTSKEVER I , HINTON G E . ImageNet classification with deep convolutional neural networks. Communications of the ACM, 2017, 60 (6): 84- 90. doi: 10.1145/3065386
61	GOODFELLOW I J, SHLENS J, SZEGEDY C. Explaining and harnessing adversarial examples[EB/OL]. [2024-02-05]. https://arxiv.org/abs/1412.6572.
62	KURAKIN A, GOODFELLOW I J, BENGIO S. Adversarial examples in the physical world[EB/OL]. [2024-02-05]. https://arxiv.org/abs/1607.02533.
63	CARLINI N, WAGNER D. Towards evaluating the robustness of neural networks[C]//Proceedings of the IEEE Symposium on Security and Privacy. Washington D.C., USA: IEEE Press, 2017: 39-57.
64	ZHANG H, YU Y, JIAO J, et al. Theoretically principled trade-off between robustness and accuracy[EB/OL]. [2024-02-05]. https://arxiv.org/abs/1901.08573.
65	SCHWINN L , RAAB R , NGUYEN A , et al. Exploring misclassifications of robust neural networks to enhance adversarial attacks. Applied Intelligence, 2023, 53 (17): 19843- 19859. doi: 10.1007/s10489-023-04532-5
66	XU W, EVANS D, QI Y. Feature squeezing: detecting adversarial examples in deep neural networks[EB/OL]. [2024-02-05]. https://arxiv.org/abs/1704.01155.
67	SHIN R, SONG D. JPEG-resistant adversarial images[EB/OL]. [2024-02-05]. https://machine-learning-and-security.github.io/papers/mlsec17_paper_54.pdf.

[1]	欧寒芝, 黄睿. 混合噪声下的遥感图像多标签分类[J]. 计算机工程, 2026, 52(1): 188-195.
[2]	王春东, 赵智航, 杨伟杰, 方顺尧. 基于字词重现的中文文本对抗样本生成方法[J]. 计算机工程, 2026, 52(1): 303-313.
[3]	耿荣, 孙钦东, 曹晗, 王艳. 空频域联合优化的通用对抗扰动生成方法[J]. 计算机工程, 2026, 52(1): 176-187.
[4]	苗茹, 李祎, 周珂, 张俨娜, 常然然, 孟更. 一种改进的Faster R-CNN遥感图像多目标检测模型研究[J]. 计算机工程, 2025, 51(8): 292-304.
[5]	夏倪明, 张洁. 基于自适应集束搜索算法的中文对抗样本生成[J]. 计算机工程, 2025, 51(8): 131-140.
[6]	田青, 王斌, 周子枭. 无监督行人重识别研究综述[J]. 计算机工程, 2025, 51(7): 12-30.
[7]	侯彦, 车蕾, 李慧. 面向中文的多层次扰动定位文本对抗样本生成方法[J]. 计算机工程, 2025, 51(7): 232-243.
[8]	庞鑫, 葛凤培, 李艳玲. 声景识音：数字化时代声学场景分类的探索与前沿[J]. 计算机工程, 2025, 51(6): 1-19.
[9]	郭佩林, 张德, 王怀秀. 基于特征可视化探究跳跃连接结构对深度神经网络特征提取的影响[J]. 计算机工程, 2025, 51(4): 149-157.
[10]	张肇鑫, 黄世泽, 张兵杰, 沈拓. 面向交通场景的运动模糊伪装对抗样本生成方法[J]. 计算机工程, 2025, 51(3): 45-53.
[11]	赵宏, 宋馥荣, 李文改. 基于SE-AdvGAN的图像对抗样本生成方法研究[J]. 计算机工程, 2025, 51(2): 300-311.
[12]	黄舒怡, 谭光. 基于分区的高效视频目标检测[J]. 计算机工程, 2025, 51(2): 65-77.
[13]	刘婷, 董理, 严迪群, 王让定. 基于先验分布的抗JPEG压缩的鲁棒图像隐写[J]. 计算机工程, 2025, 51(11): 235-245.
[14]	凌海, 凌捷. 基于特征融合的对抗样本定向目标攻击可迁移性增强[J]. 计算机工程, 2025, 51(11): 162-170.
[15]	路悦, 周翔宇, 张世周, 梁国强, 邢颖慧, 程德, 张艳宁. 基于预训练的持续学习方法综述(特邀)[J]. 计算机工程, 2025, 51(10): 1-17.

选择文件类型/文献管理软件名称

选择包含的内容

基于遥感图像场景分类的频域量化对抗攻击

Frequency-Domain Quantification Adversarial Attacks Based on Remote Sensing Image Scene Classification

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 15

参考文献 67

相关文章 15

编辑推荐

Metrics

本文评价

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

基于遥感图像场景分类的频域量化对抗攻击

Frequency-Domain Quantification Adversarial Attacks Based on Remote Sensing Image Scene Classification

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 15

参考文献 67

相关文章 15

编辑推荐

Metrics

本文评价