检索结果-南通市图书馆

adversarial attack-Based Robustness Evaluation for Trustworthy AI

Computer Systems Science & Engineering 2023年第11期47卷 1919-1935页

作者： Eungyu Lee Yongsoo Lee Taejin Lee Department of Information Security Hoseo UniversityAsan 31499Korea

Artificial Intelligence(AI)technology has been extensively researched in various fields,including the field of malware *** models must be trustworthy to introduce AI systems into critical decisionmaking and resource protection *** problem of robustness to adversarial attacks is a significant barrier to trustworthy *** various adversarial attack and defense methods are actively being studied,there is a lack of research on robustness evaluation metrics that serve as standards for determining whether AI models are safe and reliable against adversarial *** AI model’s robustness level cannot be evaluated by traditional evaluation indicators such as accuracy and *** evaluation indicators are necessary to evaluate the robustness of AI models against adversarial *** this paper,a Sophisticated adversarial Robustness Score(SARS)is proposed for AI model robustness *** uses various factors in addition to the ratio of perturbated features and the size of perturbation to evaluate robustness accurately in the evaluation *** evaluation indicator reflects aspects that are difficult to evaluate using traditional evaluation ***,the level of robustness can be evaluated by considering the difficulty of generating adversarial samples through adversarial *** paper proposed using SARS,calculated based on adversarial attacks,to identify data groups with robustness vulnerability and improve robustness through adversarial *** SARS,it is possible to evaluate the level of robustness,which can help developers identify areas for *** validate the proposed method,experiments were conducted using a malware *** adversarial training,it was confirmed that SARS increased by 70.59%,and the recall reduction rate improved by 64.96%.Through SARS,it is possible to evaluate whether an AI model is vulnerable to adversarial attacks and to identify vulnerable data *** addition

关键词： AI robustness adversarial attack adversarial robustness robustness indicator trustworthy AI

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Alpha Fusion adversarial attack Analysis Using Deep Learning

引用

Computer Systems Science & Engineering 2023年第7期46卷 461-473页

作者： Mohibullah Khan Ata Ullah Isra Naz Sajjad Haider Nz Jhanji Mohammad Shorfuzzaman Mehedi Masud Department of Computer Science National University of Modern LanguagesIslamabadPakistan Department of Computer Science COMSATS University IslamabadIslamabadPakistan School of Computer Science(SCS) Taylor’s UniversitySelangorMalaysia Department of Computer Science College of Computers and Information TechnologyTaif UniversityP.O.Box 11099Taif21944Saudi Arabia

The deep learning model encompasses a powerful learning ability that integrates the feature extraction,and classification method to improve *** Neural Networks(CNN)perform well in machine learning and image processing tasks like segmentation,classification,detection,identification,*** CNN models are still sensitive to noise and *** smallest change in training images as in an adversarial attack can greatly decrease the accuracy of the CNN *** paper presents an alpha fusion attack analysis and generates defense against adversarial *** proposed work is divided into three phases:firstly,an MLSTM-based CNN classification model is developed for classifying COVID-CT ***,an alpha fusion attack is generated to fool the classification *** alpha fusion attack is tested in the last phase on a modified LSTM-based CNN(CNN-MLSTM)model and other pre-trained *** results of CNN models show that the accuracy of these models dropped greatly after the alpha-fusion *** highest F1 score before the attack was achieved is 97.45 And after the attack lowest F1 score recorded is 22%.Results elucidate the performance in terms of accuracy,precision,F1 score and Recall.

关键词： adversarial attack classification deep learning preturbation images

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

An Efficient Character-Level adversarial attack Inspired by Textual Variations in Online Social Media Platforms

引用

Computer Systems Science & Engineering 2023年第12期47卷 2869-2894页

作者： Jebran Khan Kashif Ahmad Kyung-Ah Sohn Department of Artificial Intelligence Ajou UniversitySuwonKorea Department of Computer Science Munster Technological UniversityCorkIreland Department of Software and Computer Engineering Ajou UniversitySuwonKorea

In recent years,the growing popularity of social media platforms has led to several interesting natural language processing(NLP)***,these social media-based NLP applications are subject to different types of adversarial attacks due to the vulnerabilities of machine learning(ML)and NLP *** work presents a new low-level adversarial attack recipe inspired by textual variations in online social media *** variations are generated to convey the message using out-of-vocabulary words based on visual and phonetic similarities of characters and words in the shortest possible *** intuition of the proposed scheme is to generate adversarial examples influenced by human cognition in text generation on social media platforms while preserving human robustness in text understanding with the fewest possible *** intentional textual variations introduced by users in online communication motivate us to replicate such trends in attacking text to see the effects of such widely used textual variations on the deep learning *** this work,the four most commonly used textual variations are chosen to generate adversarial ***,this article introduced a word importance ranking-based beam search algorithm as a searching method for the best possible perturbation *** effectiveness of the proposed adversarial attacks has been demonstrated on four benchmark datasets in an extensive experimental setup.

关键词： adversarial attack text classification social media character-level attack phonetic similarity visual similarity word importance rank beam search

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

adversarial attack and defense in reinforcement learning-from AI security view

引用

Cybersecurity 2019年第1期2卷 167-188页

作者： Tong Chen Jiqiang Liu Yingxiao Xiang Wenjia Niu Endong Tong Zhen Han Beijing Key Laboratory of Security and Privacy in Intelligent Transportation Beijing Jiaotong UniversityBeijingChina

Reinforcement learning is a core technology for modern artificial intelligence,and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System(CAV).Therefore,a reliable RL system is the foundation for the security critical applications in AI,which has attracted a concern that is more critical than ***,recent studies discover that the interesting attack mode adversarial attack also be effective when targeting neural network policies in the context of reinforcement learning,which has inspired innovative researches in this ***,in this paper,we give the very first attempt to conduct a comprehensive survey on adversarial attacks in reinforcement learning under AI ***,we give briefly introduction on the most representative defense technologies against existing adversarial attacks.

关键词： Reinforcement learning Artificial intelligence Security adversarial attack adversarial example Defense

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Understanding adversarial attacks on observations in deep reinforcement learning

引用

Science China(Information Sciences) 2024年第5期67卷 69-83页

作者： You QIAOBEN Chengyang YING Xinning ZHOU Hang SU Jun ZHU Bo ZHANG Department of Computer Science and Technology Beijing National Research Center for Information Science and Technology Tsinghua-Bosch Joint Center for Machine Learning Institute for Artificial Intelligence Tsinghua University Peng Cheng Laboratory

Deep reinforcement learning models are vulnerable to adversarial attacks that can decrease the cumulative expected reward of a victim by manipulating its observations. Despite the efficiency of previous optimization-based methods for generating adversarial noise in supervised learning, such methods might not achieve the lowest cumulative reward since they do not generally explore the environmental ***, a framework is provided to better understand the existing methods by reformulating the problem of adversarial attacks on reinforcement learning in the function space. The reformulation approach adopted herein generates an optimal adversary in the function space of targeted attacks, repelling them via a generic two-stage framework. In the first stage, a deceptive policy is trained by hacking the environment and discovering a set of trajectories routing to the lowest reward or the worst-case performance. Next, the adversary misleads the victim to imitate the deceptive policy by perturbing the observations. Compared to existing approaches, it is theoretically shown that our adversary is strong under an appropriate noise level. Extensive experiments demonstrate the superiority of the proposed method in terms of efficiency and effectiveness, achieving state-of-the-art performance in both Atari and MuJoCo environments.

关键词： deep learning reinforcement learning adversarial robustness adversarial attack

来源：

同方期刊数据库评论

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Towards sustainable adversarial training with successive perturbation generation

引用

Frontiers of Information Technology & Electronic Engineering 2024年第4期25卷 527-539页

作者： Wei LIN Lichuan LIAO College of Computer Science and Mathematics Fujian University of TechnologyFuzhou 350118China College of Economics and Management Xi’an University of TechnologyXi’an 710048China Fujian Provincial Key Laboratory of Big Data Mining and Applications Fujian University of TechnologyFuzhou 350118China

adversarial training with online-generated adversarial examples has achieved promising performance in defending adversarial attacks and improving robustness of convolutional neural network ***,most existing adversarial training methods are dedicated to finding strong adversarial examples for forcing the model to learn the adversarial data distribution,which inevitably imposes a large computational overhead and results in a decrease in the generalization performance on clean *** this paper,we show that progressively enhancing the adversarial strength of adversarial examples across training epochs can effectively improve the model robustness,and appropriate model shifting can preserve the generalization performance of models in conjunction with negligible computational *** this end,we propose a successive perturbation generation scheme for adversarial training(SPGAT),which progressively strengthens the adversarial examples by adding the perturbations on adversarial examples transferred from the previous epoch and shifts models across the epochs to improve the efficiency of adversarial *** proposed SPGAT is both efficient and effective;e.g.,the computation time of our method is 900 min as against the 4100 min duration observed in the case of standard adversarial training,and the performance boost is more than 7%and 3%in terms of adversarial accuracy and clean accuracy,*** extensively evaluate the SPGAT on various datasets,including small-scale MNIST,middle-scale CIFAR-10,and large-scale *** experimental results show that our method is more efficient while performing favorably against state-of-the-art methods.

关键词： adversarial training adversarial attack Stochastic weight average Machine learning Model generalization

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Toward Trustworthy Decision-Making for Autonomous Vehicles:A Robust Reinforcement Learning Approach with Safety Guarantees

引用

Engineering 2024年第2期33卷 77-89页

作者： Xiangkun He Wenhui Huang Chen Lv School of Mechanical and Aerospace Engineering Nanyang Technological UniversitySingapore 639798Singapore

While autonomous vehicles are vital components of intelligent transportation systems,ensuring the trustworthiness of decision-making remains a substantial challenge in realizing autonomous ***,we present a novel robust reinforcement learning approach with safety guarantees to attain trustworthy decision-making for autonomous *** proposed technique ensures decision trustworthiness in terms of policy robustness and collision ***,an adversary model is learned online to simulate the worst-case uncertainty by approximating the optimal adversarial perturbations on the observed states and environmental *** addition,an adversarial robust actor-critic algorithm is developed to enable the agent to learn robust policies against perturbations in observations and ***,we devise a safety mask to guarantee the collision safety of the autonomous driving agent during both the training and testing processes using an interpretable knowledge model known as the Responsibility-Sensitive Safety ***,the proposed approach is evaluated through both simulations and *** results indicate that the autonomous driving agent can make trustworthy decisions and drastically reduce the number of collisions through robust safety policies.

关键词： Autonomous vehicle Decision-making Reinforcement learning adversarial attack Safety guarantee

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

Classification of adversarial attacks Using Ensemble Clustering Approach

引用

Computers, Materials & Continua 2023年第2期74卷 2479-2498页

作者： Pongsakorn Tatongjai Tossapon Boongoen Natthakan Iam-On Nitin Naik Longzhi Yang Center of Excellence in AI&Emerging Technologies School of ITMae Fah Luang UniversityChiang RaiThailand Department of Computer Science Aberystwyth UniversityAberystwythUnited Kingdom School of Informatics and Digital Engineering Aston UniversityBirminghamUnited Kingdom Department of Computer and Information Sciences Northumbria UniversityNewcastleUnited Kingdom

As more business transactions and information services have been implemented via communication networks,both personal and organization assets encounter a higher risk of *** safeguard these,a perimeter defence likeNIDS(network-based intrusion detection system)can be effective for known *** has been a great deal of attention within the joint community of security and data science to improve machine-learning based NIDS such that it becomes more accurate for adversarial attacks,where obfuscation techniques are applied to disguise patterns of intrusive *** current research focuses on non-payload connections at the TCP(transmission control protocol)stack level that is applicable to different network *** contrary to the wrapper method introduced with the benchmark dataset,three new filter models are proposed to transform the feature space without knowledge of class *** ECT(ensemble clustering based transformation)techniques,i.e.,ECT-Subspace,ECT-Noise and ECT-Combined,are developed using the concept of ensemble clustering and three different ensemble generation strategies,i.e.,random feature subspace,feature noise injection and their *** on the empirical study with published dataset and four classification algorithms,new models usually outperform that original wrapper and other filter alternatives found in the *** is similarly summarized from the first experiment with basic classification of legitimate and direct attacks,and the second that focuses on recognizing obfuscated *** addition,analysis of algorithmic parameters,i.e.,ensemble size and level of noise,is provided as a guideline for a practical use.

关键词： Intrusion detection adversarial attack machine learning feature transformation ensemble clustering

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Denoised Internal Models:A Brain-inspired Autoencoder Against adversarial attacks

引用

Machine Intelligence Research 2022年第5期19卷 456-471页

作者： Kai-Yuan Liu Xing-Yu Li Yu-Rui Lai Hang Su Jia-Chen Wang Chun-Xu Guo Hong Xie Ji-Song Guan Yi Zhou School of Life Sciences and Technology ShanghaiTech UniversityShanghai 201210China Shanghai Center for Brain Science and Brain-inspired Technology Shanghai 201602China School of Life Sciences Tsinghua UniversityBeijing 100084China National Engineering Laboratory for Brain-inspired Intelligence Technology and Application School of Information Science and TechnologyUniversity of Science and Technology of ChinaHefei 230026China Institute of Photonic Chips University of Shanghai for Science and TechnologyShanghai 200093China Centre for Artificial-intelligence Nanophotonics School of Optical-electrical and Computer EngineeringUniversity of Shanghai for Science and TechnologyShanghai 200093China

Despite its great success,deep learning severely suffers from robustness;i.e.,deep neural networks are very vulnerable to adversarial attacks,even the simplest *** by recent advances in brain science,we propose the denoised internal models(DIM),a novel generative autoencoder-based model to tackle this *** the pipeline in the human brain for visual signal processing,DIM adopts a two-stage *** the first stage,DIM uses a denoiser to reduce the noise and the dimensions of inputs,reflecting the information pre-processing in the *** by the sparse coding of memory-related traces in the primary visual cortex,the second stage produces a set of internal models,one for each *** evaluate DIM over 42 adversarial attacks,showing that DIM effectively defenses against all the attacks and outperforms the SOTA on the overall robustness on the MNIST(Modified National Institute of Standards and Technology)dataset.

关键词： Brain-inspired learning autoencoder robustness adversarial attack generative model

来源：

维普期刊数据库

同方期刊数据库评论

在线全文

学校读者我要写书评

暂无评论

adversarial attacks on Featureless Deep Learning Malicious URLs Detection

引用

Computers, Materials & Continua 2021年第7期68卷 921-939页

作者： Bader Rasheed Adil Khan S.M.Ahsan Kazmi Rasheed Hussain Md.Jalil Piran Doug Young Suh Institute of Data Science and Articial Intelligence Innopolis UniversityInnopolis420500Russia Institute of Information Security and Cyberphysical Systems Innopolis UniversityInnopolis420500Russia Department of Computer Science and Engineering Sejong UniversitySeoulKorea Department of Electronics Engineering Kyung Hee UniversityYonginKorea

Detecting malicious Uniform Resource Locators(URLs)is crucially important to prevent attackers from committing *** researches have investigated the role of machine learning(ML)models to detect malicious *** using ML algorithms,rst,the features of URLs are extracted,and then different ML models are *** limitation of this approach is that it requires manual feature engineering and it does not consider the sequential patterns in the ***,deep learning(DL)models are used to solve these issues since they are able to perform featureless ***,DL models give better accuracy and generalization to newly designed URLs;however,the results of our study show that these models,such as any other DL models,can be susceptible to adversarial *** this paper,we examine the robustness of these models and demonstrate the importance of considering this susceptibility before applying such detection systems in real-world *** propose and demonstrate a black-box attack based on scoring functions with greedy search for the minimum number of perturbations leading to a *** attack is examined against different types of convolutional neural networks(CNN)-based URL classiers and it causes a tangible decrease in the accuracy with more than 56%reduction in the accuracy of the best classier(among the selected classiers for this work).Moreover,adversarial training shows promising results in reducing the inuence of the attack on the robustness of the model to less than 7%on average.

关键词： Malicious URLs detection deep learning adversarial attack web security

来源：

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

欢迎您,

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

请选择保存的检索档案：

请选择收藏分类：

通借通还

欢迎您,

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

在线全文

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：