Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2020-09-28 Cooperative journals: 《计算机应用研究》
Abstract: Image classification techniques based on deep neural networks have achieved great success in recent years. However, recent studies have shown that deep neural network are vulnerable to the attack of adversarial examples. To solve this problem, some works train networks by adding Gaussian noise to the image. Thereby improving the ability of the network to defend adversarial examples, but the method does not consider the sensitivity of the network to different areas in the image when adding noise. To solve this problem, this paper proposed an adversarial training algorithm based on gradient guidance noise addition. When training the network, adding adaptive noise to different areas based on the sensitivity, adding large noise to the more sensitive areas, suppressing the sensitivity of the network to image changes, adding less noise to the less sensitive areas and improves the network classification accuracy. Compared with the existing algorithms on the cifar-10 dataset, the experimental results show that the proposed method effectively improved the accuracy of neural networks when classifying adversarial examples.
Hits
Hits
Downloads
Comment