Generation of adversarial samples based on dynamic iterative gradient

Konferenz: CIBDA 2022 - 3rd International Conference on Computer Information and Big Data Applications
25.03.2022 - 27.03.2022 in Wuhan, China

Tagungsband: CIBDA 2022

Seiten: 5Sprache: EnglischTyp: PDF

Autoren:
Yu, Ning; Duan, Jie; An, Yi; Duan, Jing; Gu, Liang; Liu, Haitao; Gong, Xin (Information and Communication Branch, State Grid Shanxi Electric Power Company, Taiyuan, China)

Inhalt:
Deep learning has good performance in solving many problems, but in the prediction stage of deep learning, it is easy to be affected by the adversarial attack of adversarial sample adding disturbance which is not easily detected by human, thus affecting the prediction result. Iterative gradient method is the most widely used method to generate adversarial samples. Existing iterative gradient method each iteration step length is usually fixed values, this leads to easy to fall into local extremum points when gradient is bigger, may make more hours in gradient iteration speed too slow lead to cannot get the adversarial sample of loss function is higher, so in both cases is difficult to produce ideal adversarial samples, this kind of adversarial samples tend to be less aggressive. Aimed at this problem this paper put forward the adversarial samples based on dynamic iterative gradient sign method(DI-FGSM), by changing the adversarial samples in the process of generating function disturbance along the gradient direction to make the size of each iteration step length with gradient changes to detour to the dynamic change, so as to solve the gradient is too large or gradient hours less offensive by the adversarial samples, The resulting adversarial samples were more aggressive overall.