Recovery of Adversarial Examples Based on SmsGAN

NAVIGATE

Table of Contents

STATISTICS

Viewed2879

Downloads1879

Recovery of Adversarial Examples Based on SmsGAN

[HTML] PDF下载 (1879)

[1]ZHAO Junjie,WANG Jinwei,Recovery of Adversarial Examples Based on SmsGAN[J].Journal of Zhengzhou University (Engineering Science),2021,42(01):50-55.[doi:10.13705/j.issn.1671-6833.2021.01.008]

Copy

Journal of Zhengzhou University (Engineering Science)[ISSN 1671-6833/CN 41-1339/T] Volume: 42卷 Number of periods: 2021 01 Page number: 50-55 Column: Public date: 2021-03-14

Title:: Recovery of Adversarial Examples Based on SmsGAN

Author(s):: ZHAO Junjie1; WANG Jinwei1; 2; 1.School of Computer and Software, Nanjing University of Information Science and Technology, Nanjing 210044, China;2.State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China

Keywords:: deep learning; adversarial example; image forensics; example recovery; GAN(generative adversarial network）

CLC:: TP183

DOI:: 10.13705/j.issn.1671-6833.2021.01.008

Abstract:: Due to adversarial examples′ serious interference to the detection models based on deep learning, a recovery method of adversarial examples based on stochastic multihlter statistical generative adversarial network (SmsGAN) was proposed in this work. To achieve high-precision forensics of adversarial examples, this paper proposed the feature statistical layer in the stochastic multihlter statistical network (SmsNet). The feature map output from each convolution layer was directly transferred to the feature statistical layer to get global feature values. Stochastic multihlter statistical generative adversarial network (SmsGAN) used SmsNet as its discriminator, and its generator used a multi-scale convolution kernel parallel structure to avoid checkerboard artifacts. The generator′s loss function consisted of two parts, discriminative loss and guidance loss, to form a target guidance generator. The adversarial examples entered the down-sampling network to obtain local statistical features, and then these features were sent into SmsGAN for reconstruction to get denoised examples. Using SmsGAN to recover the adversarial examples, the recovery rate reached 91.3%, and the average PSNR reached more than 32. The visual quality was better than the traditional signal processing method, and the purpose of removing the anti-disturbance was achieved.

References:: -

Similar References:

Memo

Last Update: 2021-03-15