Promoting Adversarial Transferability via Dual-Sampling Variance Aggregation and Feature Heterogeneity Attacks
-
Published:2023-02-03
Issue:3
Volume:12
Page:767
-
ISSN:2079-9292
-
Container-title:Electronics
-
language:en
-
Short-container-title:Electronics
Author:
Huang Yang1, Chen Yuling1, Wang Xuewei2, Yang Jing1ORCID, Wang Qi1ORCID
Affiliation:
1. State Key Laboratory of Public Big Data, College of Computer Science and Technology, Guizhou University, Guiyang 550025, China 2. Computer College, Weifang University of Science and Technology, Weifang 261000, China
Abstract
At present, deep neural networks have been widely used in various fields, but their vulnerability requires attention. The adversarial attack aims to mislead the model by generating imperceptible perturbations on the source model, and although white-box attacks have achieved good success rates, existing adversarial samples exhibit weak migration in the black-box case, especially on some adversarially trained defense models. Previous work for gradient-based optimization either optimizes the image before iteration or optimizes the gradient during iteration, so it results in the generated adversarial samples overfitting the source model and exhibiting poor mobility to the adversarially trained model. To solve these problems, we propose the dual-sample variance aggregation with feature heterogeneity attack; our method is optimized before and during iterations to produce adversarial samples with better transferability. In addition, our method can be integrated with various input transformations. A large amount of experimental data demonstrate the effectiveness of the proposed method, which improves the attack success rate by 5.9% for the normally trained model and 11.5% for the adversarially trained model compared with the current state-of-the-art migration-enhancing attack methods.
Funder
National Natural Science Foundation Top Technology Talent Project from Guizhou Education Department
Subject
Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering
Reference43 articles.
1. Long, J., Shelhamer, E., and Darrell, T. (2015, January 7–12). Fully convolutional networks for semantic segmentation. Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, Boston, MA, USA. 2. Deeplab: Semantic image segmentation with deep convolutional nets, atrous convolution, and fully connected crfs;Chen;IEEE Trans. Pattern Anal. Mach. Intell.,2017 3. Shi, G., Wu, Y., Liu, J., Wan, S., Wang, W., and Lu, T. (2022, January 10–14). Incremental few-shot semantic segmentation via embedding adaptive-update and hyper-class representation. Proceedings of the 30th ACM International Conference on Multimedia, Lisbon, Portugal. 4. Shen, X., Yang, J., Wei, C., Deng, B., Huang, J., Hua, X.S., Cheng, X., and Liang, K. (2021, January 20–25). Dct-mask: Discrete cosine transform mask representation for instance segmentation. Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, Nashville, TN, USA. 5. Wu, Y., Guo, H., Chakraborty, C., Khosravi, M., Berretti, S., and Wan, S. (2022). Edge computing driven low-light image dynamic enhancement for object detection. IEEE Trans. Netw. Sci. Eng.
Cited by
6 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. RPU-PVB: robust object detection based on a unified metric perspective with bilinear interpolation;Journal of Cloud Computing;2023-12-02 2. Communication-Efficient Federated Learning with Sparsity and Quantization;2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech);2023-11-14 3. Robust Object Detection Based on a Comparative Learning Perspective;2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech);2023-11-14 4. Adversarial Attack Method Based on Dual- frequency Domain Transformation;2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech);2023-11-14 5. Boosting Adversarial Attacks with Nadam Optimizer;Electronics;2023-03-20
|
|