@wuxin1994
2017-11-14T14:27:52.000000Z
字数 1514
阅读 890
吴帆1114
学习笔记17
1. 继续综述的进度,给裘老师写了周报
2. 列出目前进度的outline
- 介绍机器学习应用中的实际问题及安全隐患,引入对抗攻击的概念
1.1 机器学习和深度学习背景及应用(background and application of machine learning and deep learning)
1.2 实际中的安全隐患(potential safety hazard of machine learning)
1.2.1 机器学习模型没有充分考虑实际场景
1.2.2 深度学习框架中实现漏洞
1.2.3 对抗攻击者的恶意样本攻击
1.3 引入对抗攻击的概念(introduction of adversarial attack)
1.3.1 安全隐患不容忽视的原因
1.3.2 让模型更加鲁棒的流程
1.3.3 引入对抗攻击概念及解决机器学习安全问题的困难点
- 对抗攻击的原因分析分类(principle and classification of adversarial attack)
2.1 对抗攻击原理
2.1.1 线性特征
2.1.2 非线性特征
2.2 黑盒攻击和白盒攻击
2.2.1 区分神经网络模型的依据
2.2.2 黑盒攻击和白盒攻击的区别和联系
2.3 目标攻击和非目标攻击
2.4 exploratory attack,evasion attack,poisoning attack
- 按类别介绍经典对抗攻击算法研究
3.1 exploratory attack
3.1.1 Model inversion
3.1.2 Inferring useful information(inference attack)
3.1.3 Model extraction attack using online APIs(black box attack、API attack)
3.2 evasion attack
3.2.1 gradient based attack
3.2.2 universal perturbation
3.2.3 GAN based attack
……
3.3 poisoning attack
3.3.1 poisoning attack in early statistic machine learning model
3.3.2 simple machine learning model
3.3.3 deep learning model and neural network
……
Summary of some milestone research
4.1 FGSM
4.2 JSMA
4.3 DeepFool
4.4 Universal perturbation
4.5 RP2
4.6 CW
4.7 GAN based attack
4.8 Transferability research of adversarial examples
……
efficiency of adversarial attack evaluation method
5.1 Biggio evaluation method
5.2 Papernot evaluation method
5.3 Dezfooli evaluation method
……
- application of adversarial attack
6.1 face recognition
6.2 physical photo detection
6.3 malware augment
6.4 autonomous vehicle attack
……
- promising direction in attack algorithm
7.1 universal perturbation attack
7.2 combination of adversarial attack and GAN
7.3 application in defensive policy construction
……
- appendix
