Design And Implmentation Of Deep Neural Network Poisoning Attack Method Based On Adversarial Learning

As machine learning becomes more and more widely used in various fields,its security becomes more and more important.Deep neural network poisoning attacks contaminate training data,thereby destroying the learning process,causing model recognition errors,and reducing model security.In the current adversarial-based deep neural network poisoning attack method,in the adversarial training process,only the features of the last level of the neural network are used to optimize the model by calculating its classification loss function,which has poor universality and attack ability.Through experiments and analysis,this paper finds that it is difficult to completely describe all the features of the category by using only a single-level classification loss function,resulting in the feature information is not fully utilized,such as low-dimensional texture,shape,inter-class contrast,and other feature information.Therefore,this paper considers the method of combining multi-level features,using the shallow-level feature information extracted by the neural network,and the inter-class contrast feature information extracted by the data tuple-assisted classification method constructed in this work to enhance the effect of adversarial training.This paper has carried out the following aspects of work:(1)This paper proposes a multi-level feature combination deep neural network poisoning attack method,which uses different features extracted from multiple levels to fully mine the feature information,and builds a generative adversarial network model with different levels of combination functions.Two combination schemes of three types of functions,classification,feature similarity and inter-class contrast feature,are used for model optimization to improve the aggression of poisoned samples and the universality of noise generators respectively.(2)Based on the poisoning attack method proposed above,this paper describes the design process of the data poisoning system in detail,and designs the modules in detail for the base layer,data layer,business logic layer,presentation layer,and other parts.The whole system is implemented based on Python language and Django framework,and the system is analyzed and tested from both functional and non-functional aspects.The system provides users with an easy-to-understand and simple-to-operate interactive interface.(3)By conducting ablation experiments on the public dataset CIFAR10,the effectiveness of the proposed adversarial learning-based deep neural network poisoning attack method is verified.And use this dataset as system input for testing to verify the usability and robustness of the designed system.