检索结果-南通市图书馆

Towards the universal defense for query-based audio adversarial attacks on speech recognition system

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Cybersecurity 2024年第1期7卷 53-70页

作者： Feng Guo Zheng Sun Yuxuan Chen Lei Ju School of Cyber Science and Technology Shandong UniversityQingdaoChina Quancheng Laboratory QCLJinanChina

Recently,studies show that deep learning-based automatic speech recognition(ASR)systems are vulnerable to adversarial examples(AEs),which add a small amount of noise to the original audio *** AE attacks pose new challenges to deep learning security and have raised significant concerns about deploying ASR systems and *** existing defense methods are either limited in application or only defend on results,but not on *** this work,we propose a novel method to infer the adversary intent and discover audio adversarial examples based on the AEs generation *** insight of this method is based on the observation:many existing audio AE attacks utilize query-based methods,which means the adversary must send continuous and similar queries to target ASR models during the audio AE generation *** by this observation,We propose a memory mechanism by adopting audio fingerprint technology to analyze the similarity of the current query with a certain length of memory ***,we can identify when a sequence of queries appears to be suspectable to generate audio *** extensive evaluation on four state-of-the-art audio AE attacks,we demonstrate that on average our defense identify the adversary’s intent with over 90%*** careful regard for robustness evaluations,we also analyze our proposed defense and its strength to withstand two adaptive ***,our scheme is available out-of-the-box and directly compatible with any ensemble of ASR defense models to uncover audio AE attacks effectively without model retraining.

关键词： adversarial attacks Defense Memory mechanism Query-based

adversarial Training Against adversarial attacks for Machine Learning-Based Intrusion Detection Systems

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2022年第11期73卷 3513-3527页

作者： Muhammad Shahzad Haroon Husnain Mansoor Ali Department of Computer Science Shaheed Zulfikar Ali Bhutto Institute of Science and TechnologyKarachi75600Pakistan

Intrusion detection system plays an important role in defending networks from security ***-to-end machine learning-based intrusion detection systems are being used to achieve high detection ***,in case of adversarial attacks,that cause misclassification by introducing imperceptible perturbation on input samples,performance of machine learning-based intrusion detection systems is greatly *** such problems have widely been discussed in image processing domain,very few studies have investigated network intrusion detection systems and proposed corresponding *** this paper,we attempt to fill this gap by using adversarial attacks on standard intrusion detection datasets and then using adversarial samples to train various machine learning algorithms(adversarial training)to test their defence *** is achieved by first creating adversarial sample based on Jacobian-based Saliency Map Attack(JSMA)and Fast Gradient Sign Attack(FGSM)using NSLKDD,UNSW-NB15 and CICIDS17 *** study then trains and tests JSMA and FGSM based adversarial examples in seen(where model has been trained on adversarial samples)and unseen(where model is unaware of adversarial packets)*** experiments includes multiple machine learning classifiers to evaluate their performance against adversarial *** performance parameters include Accuracy,F1-Score and Area under the receiver operating characteristic curve(AUC)Score.

关键词： Intrusion detection system adversarial attacks adversarial training adversarial machine learning

Chained Dual-Generative adversarial Network:A Generalized Defense Against adversarial attacks

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2023年第2期74卷 2541-2555页

作者： Amitoj Bir Singh Lalit Kumar Awasthi Urvashi Mohammad Shorfuzzaman Abdulmajeed Alsufyani Mueen Uddin National Institute of Technology JalandharPB 144001India Department of Computer Science College of Computers and Information TechnologyTaif UniversityP.O.Box 11099Taif21944Saudi Arabia School of Digital Science University Brunei DarussalamJln Tungku LinkGadongBE1410Brunei Darussalam

Neural networks play a significant role in the field of image *** an input image is modified by adversarial attacks,the changes are imperceptible to the human eye,but it still leads to misclassification of the *** have demonstrated these attacks to make production self-driving cars misclassify StopRoad signs as 45 Miles Per Hour(MPH)road signs and a turtle being misclassified as *** primary types of defense approaches exist which can safeguard against such attacks i.e.,Gradient Masking,Robust Optimization,and adversarial Example *** few approaches use Generative adversarial Networks(GAN)for Defense against adversarial *** this paper,we create a new approach to defend against adversarial attacks,dubbed Chained Dual-Generative adversarial Network(CD-GAN)that tackles the defense against adversarial attacks by minimizing the perturbations of the adversarial image using iterative oversampling and undersampling using ***-GAN is created using two GANs,i.e.,CDGAN’s Sub-ResolutionGANandCDGAN’s *** first is CDGAN’s Sub-Resolution GAN which takes the original resolution input image and oversamples it to generate a lower resolution neutralized *** second is CDGAN’s Super-Resolution GAN which takes the output of the CDGAN’s Sub-Resolution and undersamples,it to generate the higher resolution image which removes any remaining *** Dual GAN is formed by chaining these two GANs *** of these GANs are trained ***’s Sub-Resolution GAN is trained using higher resolution adversarial images as inputs and lower resolution neutralized images as output image ***,this GAN downscales the image while removing adversarial attack ***’s Super-Resolution GAN is trained using lower resolution adversarial images as inputs and higher resolution neutralized images as output *** of this,it acts as an Upscaling GAN while removing the adversarial a

关键词： adversarial attacks GAN-based adversarial defense image classification models adversarial defense

Deep Image Restoration Model: A Defense Method Against adversarial attacks

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2022年第5期71卷 2209-2224页

作者： Kazim Ali Adnan N.Quershi Ahmad Alauddin Bin Arifin Muhammad Shahid Bhatti Abid Sohail Rohail Hassan Department of Information Technology University of Central PunjabLahore54000Pakistan Department of Communication Technology and Network Faculty of Computer Science and Information TechnologyUniversity Putra MalaysiaSalengor43400Malaysia Department of Computer Science Comsats University IslamabadLahore Campus54000Pakistan Othman Yeop Abdullah Graduate School of Business University Utara MalaysiaKuala Lumpur50300Malaysia

These days,deep learning and computer vision are much-growing fields in this modern world of information *** learning algorithms and computer vision have achieved great success in different applications like image classification,speech recognition,self-driving vehicles,disease diagnostics,and many *** success in various applications,it is found that these learning algorithms face severe threats due to adversarial *** examples are inputs like images in the computer vision field,which are intentionally slightly changed or *** changes are humanly *** are misclassified by a model with high probability and severely affects the performance or *** this scenario,we present a deep image restoration model that restores adversarial examples so that the target model is classified correctly *** proved that our defense method against adversarial attacks based on a deep image restoration model is simple and state-of-the-art by providing strong experimental results *** have used MNIST and CIFAR10 datasets for experiments and analysis of our defense *** the end,we have compared our method to other state-ofthe-art defense methods and proved that our results are better than other rival methods.

关键词： Computer vision deep learning convolutional neural networks adversarial examples adversarial attacks adversarial defenses

VeriFace:Defending against adversarial attacks in Face Verification Systems

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2023年第9期76卷 3151-3166页

作者： Awny Sayed Sohair Kinlany Alaa Zaki Ahmed Mahfouz Information Technology Department Faculty of Computing and Information TechnologyKing Abdulaziz UniversityJeddahSaudi Arabia Computer Science Department Faculty of ScienceMinia UniversityAl MinyaEgypt Faculty of Computer Studies Arab Open UniversityMuscatOman

Face verification systems are critical in a wide range of applications,such as security systems and biometric ***,these systems are vulnerable to adversarial attacks,which can significantly compromise their accuracy and *** attacks are designed to deceive the face verification system by adding subtle perturbations to the input *** perturbations can be imperceptible to the human eye but can cause the systemtomisclassifyor fail torecognize thepersoninthe *** this issue,weproposeanovel system called VeriFace that comprises two defense mechanisms,adversarial detection,and adversarial *** first mechanism,adversarial detection,is designed to identify whether an input image has been subjected to adversarial *** second mechanism,adversarial removal,is designed to remove these perturbations from the input image to ensure the face verification system can accurately recognize the person in the *** evaluate the effectiveness of the VeriFace system,we conducted experiments on different types of adversarial attacks using the Labelled Faces in the Wild(LFW)*** results show that the VeriFace adversarial detector can accurately identify adversarial imageswith a high detection accuracy of 100%.Additionally,our proposedVeriFace adversarial removalmethod has a significantly lower attack success rate of 6.5%compared to state-of-the-art removalmethods.

关键词： adversarial attacks face aerification adversarial detection perturbation removal

adversarial attacks on Content-Based Filtering Journal Recommender Systems

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2020年第9期64卷 1755-1770页

作者： Zhaoquan Gu Yinyin Cai Sheng Wang Mohan Li Jing Qiu Shen Su Xiaojiang Du Zhihong Tian Cyberspace Institute of Advanced Technology Guangzhou UniversityGuangzhouChina Department of Computer and Information Sciences Temple UniversityPhiladelphiaUSA

Recommender systems are very useful for people to explore what they really *** papers are important achievements for researchers and they often have a great deal of choice to submit their *** order to improve the efficiency of selecting the most suitable journals for publishing their works,journal recommender systems(JRS)can automatically provide a small number of candidate journals based on key information such as the title and the ***,users or journal owners may attack the system for their own *** this paper,we discuss about the adversarial attacks against content-based filtering *** propose both targeted attack method that makes some target journals appear more often in the system and non-targeted attack method that makes the system provide incorrect *** also conduct extensive experiments to validate the proposed *** hope this paper could help improve JRS by realizing the existence of such adversarial attacks.

关键词： Journal recommender system adversarial attacks Rocchio algorithm k-nearest-neighbor algorithm

An Overview of adversarial attacks and Defenses

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Journal of Information Hiding and Privacy Protection 2022年第1期4卷 15-24页

作者： Kai Chen Jinwei Wang Jiawei Zhang Nanjing University of Information Science and Technology Nanjing210044China

In recent years,machine learning has become more and more popular,especially the continuous development of deep learning technology,which has brought great revolutions to many *** tasks such as image classification,natural language processing,information hiding,multimedia synthesis,and so on,the performance of deep learning has far exceeded the traditional ***,researchers found that although deep learning can train an accurate model through a large amount of data to complete various tasks,the model is vulnerable to the example which is modified *** technology is called adversarial attacks,while the examples are called adversarial *** existence of adversarial attacks poses a great threat to the security of the neural *** on the brief introduction of the concept and causes of adversarial example,this paper analyzes the main ideas of adversarial attacks,studies the representative classical adversarial attack methods and the detection and defense methods.

关键词： Deep learning adversarial example adversarial attacks adversarial defenses

FedDAA:a robust federated learning framework to protect privacy and defend against adversarial attack

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Frontiers of Computer Science 2024年第2期18卷 107-122页

作者： Shiwei LU Ruihu LI Wenbin LIU Fundamentals Department Air Force Engineering UniversityXi’an 710051China Institute of Advanced Computational Science and Technology Guangzhou UniversityGuangzhou 510006China

Federated learning(FL)has emerged to break data-silo and protect clients’privacy in the field of artificial ***,deep leakage from gradient(DLG)attack can fully reconstruct clients’data from the submitted gradient,which threatens the fundamental privacy of *** cryptology and differential privacy prevent privacy leakage from gradient,they bring negative effect on communication overhead or model ***,the original distribution of local gradient has been changed in these schemes,which makes it difficult to defend against adversarial *** this paper,we propose a novel federated learning framework with model decomposition,aggregation and assembling(FedDAA),along with a training algorithm,to train federated model,where local gradient is decomposed into multiple blocks and sent to different proxy servers to complete *** bring better privacy protection performance to FedDAA,an indicator is designed based on image structural similarity to measure privacy leakage under DLG attack and an optimization method is given to protect privacy with the least proxy *** addition,we give defense schemes against adversarial attack in FedDAA and design an algorithm to verify the correctness of aggregated *** results demonstrate that FedDAA can reduce the structural similarity between the reconstructed image and the original image to 0.014 and remain model convergence accuracy as 0.952,thus having the best privacy protection performance and model training *** importantly,defense schemes against adversarial attack are compatible with privacy protection in FedDAA and the defense effects are not weaker than those in the traditional ***,verification algorithm of aggregation results brings about negligible overhead to FedDAA.

关键词： federated learning privacy protection adversarial attacks aggregated rule correctness verification

Evaluating the Efficacy of Latent Variables in Mitigating Data Poisoning attacks in the Context of Bayesian Networks:An Empirical Study

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computer Modeling in Engineering & Sciences 2024年第5期139卷 1635-1654页

作者： Shahad Alzahrani Hatim Alsuwat Emad Alsuwat Independent Researcher Specializing in Data Security and Privacy Taif26571Saudi Arabia Department of Computer Science College of Computer and Information SystemsUmm Al-Qura UniversityMakkah24382Saudi Arabia Department of Computer Science College of Computers and Information TechnologyTaif UniversityTaif26571Saudi Arabia

Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among ***,the reliability and integrity of learned Bayesian network models are highly dependent on the quality of incoming data *** of the primary challenges with Bayesian networks is their vulnerability to adversarial data poisoning attacks,wherein malicious data is injected into the training dataset to negatively influence the Bayesian network models and impair their *** this research paper,we propose an efficient framework for detecting data poisoning attacks against Bayesian network structure learning *** framework utilizes latent variables to quantify the amount of belief between every two nodes in each causal model over *** use our innovative methodology to tackle an important issue with data poisoning assaults in the context of Bayesian *** regard to four different forms of data poisoning attacks,we specifically aim to strengthen the security and dependability of Bayesian network structure learning techniques,such as the PC *** doing this,we explore the complexity of this area and offer workablemethods for identifying and reducing these sneaky ***,our research investigates one particular use case,the“Visit to Asia Network.”The practical consequences of using uncertainty as a way to spot cases of data poisoning are explored in this inquiry,which is of utmost *** results demonstrate the promising efficacy of latent variables in detecting and mitigating the threat of data poisoning ***,our proposed latent-based framework proves to be sensitive in detecting malicious data poisoning attacks in the context of stream data.

关键词： Bayesian networks data poisoning attacks latent variables structure learning algorithms adversarial attacks