Cargando…
Image Adversarial Example Generation Method Based on Adaptive Parameter Adjustable Differential Evolution
Adversarial example generation techniques for neural network models have exploded in recent years. In the adversarial attack scheme for image recognition models, it is challenging to achieve a high attack success rate with very few pixel modifications. To address this issue, this paper proposes an a...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2023
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10047979/ https://www.ncbi.nlm.nih.gov/pubmed/36981373 http://dx.doi.org/10.3390/e25030487 |
| _version_ | 1785014063464448000 |
|---|---|
| author | Lin, Zhiyi Peng, Changgen Tan, Weijie He, Xing |
| author_facet | Lin, Zhiyi Peng, Changgen Tan, Weijie He, Xing |
| author_sort | Lin, Zhiyi |
| collection | PubMed |
| description | Adversarial example generation techniques for neural network models have exploded in recent years. In the adversarial attack scheme for image recognition models, it is challenging to achieve a high attack success rate with very few pixel modifications. To address this issue, this paper proposes an adversarial example generation method based on adaptive parameter adjustable differential evolution. The method realizes the dynamic adjustment of the algorithm performance by adjusting the control parameters and operation strategies of the adaptive differential evolution algorithm, while searching for the optimal perturbation. Finally, the method generates adversarial examples with a high success rate, modifying just a very few pixels. The attack effectiveness of the method is confirmed in CIFAR10 and MNIST datasets. The experimental results show that our method has a greater attack success rate than the One Pixel Attack based on the conventional differential evolution. In addition, it requires significantly less perturbation to be successful compared to global or local perturbation attacks, and is more resistant to perception and detection. |
| format | Online Article Text |
| id | pubmed-10047979 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2023 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-100479792023-03-29 Image Adversarial Example Generation Method Based on Adaptive Parameter Adjustable Differential Evolution Lin, Zhiyi Peng, Changgen Tan, Weijie He, Xing Entropy (Basel) Article Adversarial example generation techniques for neural network models have exploded in recent years. In the adversarial attack scheme for image recognition models, it is challenging to achieve a high attack success rate with very few pixel modifications. To address this issue, this paper proposes an adversarial example generation method based on adaptive parameter adjustable differential evolution. The method realizes the dynamic adjustment of the algorithm performance by adjusting the control parameters and operation strategies of the adaptive differential evolution algorithm, while searching for the optimal perturbation. Finally, the method generates adversarial examples with a high success rate, modifying just a very few pixels. The attack effectiveness of the method is confirmed in CIFAR10 and MNIST datasets. The experimental results show that our method has a greater attack success rate than the One Pixel Attack based on the conventional differential evolution. In addition, it requires significantly less perturbation to be successful compared to global or local perturbation attacks, and is more resistant to perception and detection. MDPI 2023-03-10 /pmc/articles/PMC10047979/ /pubmed/36981373 http://dx.doi.org/10.3390/e25030487 Text en © 2023 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Lin, Zhiyi Peng, Changgen Tan, Weijie He, Xing Image Adversarial Example Generation Method Based on Adaptive Parameter Adjustable Differential Evolution |
| title | Image Adversarial Example Generation Method Based on Adaptive Parameter Adjustable Differential Evolution |
| title_full | Image Adversarial Example Generation Method Based on Adaptive Parameter Adjustable Differential Evolution |
| title_fullStr | Image Adversarial Example Generation Method Based on Adaptive Parameter Adjustable Differential Evolution |
| title_full_unstemmed | Image Adversarial Example Generation Method Based on Adaptive Parameter Adjustable Differential Evolution |
| title_short | Image Adversarial Example Generation Method Based on Adaptive Parameter Adjustable Differential Evolution |
| title_sort | image adversarial example generation method based on adaptive parameter adjustable differential evolution |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10047979/ https://www.ncbi.nlm.nih.gov/pubmed/36981373 http://dx.doi.org/10.3390/e25030487 |
| work_keys_str_mv | AT linzhiyi imageadversarialexamplegenerationmethodbasedonadaptiveparameteradjustabledifferentialevolution AT pengchanggen imageadversarialexamplegenerationmethodbasedonadaptiveparameteradjustabledifferentialevolution AT tanweijie imageadversarialexamplegenerationmethodbasedonadaptiveparameteradjustabledifferentialevolution AT hexing imageadversarialexamplegenerationmethodbasedonadaptiveparameteradjustabledifferentialevolution |