Study On Some Issues In Adversarial Machine Learning

Machine learning is often used in various classification and regression problems,and its performance is excellent.After the introduction of deep learning,machine learning ushered in a new wave of development.With the advancing of the concept of counter-attack,people noticed that machine learning still faces many security issues.The adversarial samples constructed by adding carefully designed perturbations to the input image can not only successfully attack the deep learning model,but also have an impact on other machine learning models such as support vector machines.At present,the research work of machine learning against attacks is mainly concentrated in the field of deep learning.In view of the importance and popularity of support vector machines,this paper proposes SVM defense based on kernel optimization.Aiming at the evasion attack of SVM classification,we propose a so-called vulnerability function to measure the vulnerability of SVM classifier,and propose an effective defense strategy based on Gaussian kernel optimization of support vector machine kernel.Our defense method is proven to be very effective on the benchmark data set,and after using our kernel optimization scheme,the SVM classifier becomes more robust.The main work of this article is roughly divided into the following parts:(1)The first part introduces the background of the development of machine learning,and the current research status of counterattacks in machine learning,and clarifies the research significance of the article.(2)The second part introduces deep learning related knowledge.Through the introduction of neurons,neural networks and convolutional neural networks,clarify the structure and related knowledge of deep learning models.The concept of adversarial examples is introduced,and several common adversarial example generation algorithms are listed.Then introduced several common methods to defend against adversarial samples.(3)The third part proposes SVM defense based on nuclear optimization.First,it introduces the representation method of SVM classification,and then introduces the evasion attack of SVM classification,and explains how to use nuclear optimization to defend against SVM evasion attack.Finally,through experiments and related data,a specific analysis is made to discuss defense capabilities based on nuclear optimization.(4)Summarize the article and make an outlook on the adversarial attack and defense issues in machine learning.