摘要
在现实环境下,出现恶意用户或攻击者对机器学习算法的攻击;在应用过程中,机器学习算法也会受到物体形状、位移、尺度、光照、背景等因素的影响。针对这些使用过程中所产生的安全性问题,本文提出了基于多层卷积神经网络深度学习算法的图像识别方法,并对其可移植性进行分析,通过对抗性训练提高模型泛化能力来防御对抗样例攻击。针对可用性攻击,在前向传播过程中,采用训练好的多层卷积神经网络深度学习模型自动提取输入图像特征,并利用模型权值共享、更新、下采样等操作对输入图像做降采样处理,降低计算复杂度;在反向传播过程中,利用delta法则和Fisher准则,以及基于类内距离和类间距离的能量约束函数实时调整多层卷积神经网络深度学习模型参数,计算模型输出层各个输出单元的残差,使模型权值能够更加快速收敛到有利于图像识别的最优值。测试结果表明:多层卷积神经网络深度学习算法在图像识别领域的应用具有识别准确率和鲁棒性较高,耗时较短的优点,从理论和实验2方面证明了算法的可移植性。
In the real environment, malicious users or attackers attack the machine learning algorithm;in the application process, the machine learning algorithm will also be affected by the shape, displacement, scale, light, background and other factors. In view of the safety problems in the use process. In this paper, an image recognition method based on multi-level convolutional neural network deep learning algorithm is proposed and its portability is analyzed. Defense against sample attacks by improving the generalization of models through confrontational training. For the usability attack, in the forward propagation process, the trained multi-layer convolutional neural network deep learning model is used to automatically extract the input image features, and the input image is downsampled by using the model weight sharing, updating, and downsampling operations, to reduce the computational complexity;in the backpropagation process, use the delta rule and the Fisher criterion, and the energy constraint function based on the intra-class distance and the inter-class distance to adjust the parameters of the multi-level convolutional neural network deep learning model in real time, and calculate the model output layer. The residuals of the individual output units enable the model weights to converge more quickly to the optimal value for image recognition. The test results show that the application of multi-level convolutional neural network deep learning algorithm in the field of image recognition has the advantages of high recognition accuracy, high robustness and short time-consuming. It proves the portability of the algorithm in both theoretical and experimental aspects.
作者
肖堃
XIAO Kun(School of Computer Science and Engineering,University of Electronic Science and Technology of China,Chengdu 611731,China)
出处
《哈尔滨工程大学学报》
EI
CAS
CSCD
北大核心
2020年第3期420-424,共5页
Journal of Harbin Engineering University
基金
国家科技重大专项项目(2014ZX03002001).
