Research On Adversarial Examples Generation And Security Application Based On GAN

The application of deep neural network has achieved great success in many fields,especially in computer vision.The deep convolution neural network supported by big data has shown excellent performance in image recognition,detection and segmentation tasks.Some tasks have surpassed human performance in standard test sets.However,it is found that adding small perturbations to the sample data will lead to errors in the probability of deep neural networks with predictive accuracy reaching human level.This kind of sample with small perturbations is called adversarial examples.Most of the adversarial examples are very similar to the original examples in human eyes,so adversarial examples become one of the important factors threatening the security of deep learning applications.In order to ensure the security of in deep learning algorithm,it is necessary to study the influence of the adversarial examples on deep learning,which has become the hottest research topic.This paper mainly studies the generation method of the adversarial examples and the security application of the adversarial examples.This paper discusses the efficient generation method of adversarial examples and how to improve the security of image CAPTCHA by using adversarial examples.The main contributions of this thesis are as follows:1.A method of generating adversarial examples based on Generative Adversarial Network(GAN)is designed.Common adversarial examples generation methods,such as optimization-based method,fast gradient sign method(FGSM)and adversarial transformation networks(ATN),have some problems,such as slow generation speed,easy to be defensed by adversarial training and excessive disturbance to original examples.Aiming at the problem of targeted adversarial attack in image classification,this paper uses the class probability vector reordering function and GAN to make the adversarial attack on the premise that the internal structure of the neural network to be attacked is known.The experimental results show that compared with ATN,the targeted attack success rate of our method is 78%,and the image quality of our method is better,which eliminates texture interference and edge blurring caused by ATN.2.A transferable adversarial examples generation method based on GAN is designed.Common methods of generating adversarial examples only have high targeted attack success rate for single deep network model,and the adversarial examples generated by them are weak for other deep networks.In order to improve the transferability of adversarial examples,this paper proposes a model of adversarial examples generation based on multi-network joint optimization of GAN,which makes the adversarial examples generated by GAN be misclassified by multiple deep networks.The experimental results show that adversarial examples generated by our method average targeted attack success rate is 70%,when transferred to other 2 kinds of deep neural networks with unknown network architectures.3.A CAPTCHA generation system for defensive machine attack based on adversarial examples technology is designed.With the rapid development of deep learning technology,the recognition ability of machines becomes more and more powerful,which brings great challenges to CAPTCHA system.In this paper,we use GAN-based adversarial examples generation method to get a transferable adversarial examples generation model.By adding the generated sample image to the image data base,we can effectively resist the cracking attack using deep learning method.The experimental results show that,without reducing the user experience,our CAPTCHA generation system can effectively block attacks of robot.