[1] |
JOSHI A, MUKHERJEE A, SARKAR S, et al. Semantic Adversarial Attacks:Parametric Transformations That Fool Deep Classifiers[C]// Proceeding of the IEEE/CVF International Conference on Computer Vision (ICCV).Piscataway:IEEE, 2019:4773-4783.
|
[2] |
JIA R, LIANGP. Adversarial Examples for Evaluating Reading Comprehension Systems[C]// Proceeding of the 2017 Conference on Empirical Methods in Natural Language Processing (EMNLP).Stroudsburg:ACL, 2017:2021-2031.
|
[3] |
SZEGEDY C, ZAREMBA W, SUTSKEVER I, et al. Intriguing Properties of Neural Networks[C]// Proceeding of the 2nd International Conference on Learning Representations (ICLR).La Jolla:ICLR, 2014:1-10.
|
[4] |
MADRY A, MAKELOV A, SCHMIDTL, et al. Towards Deep Learning Models Resistant to Adversarial Attacks[C]// Proceeding of the 6th International Conference on Learning Representations (ICLR).La Jolla:ICLR, 2018:1-28.
|
[5] |
SHAFAHI A, HUANG W R, STUDER C, et al. Are Adversarial Examples Inevitable[C]// Proceeding of the 7th International Conference on Learning Representations (ICLR).La Jolla:ICLR, 2019:1-17.
|
[6] |
SHAFAHI A, NAJIBI M, GHIASI A, et al. Adversarial Training for Free![C]// Proceedings of the 33rd International Conference on Neural Information Processing Systems (NIPS).New York:ACM, 2019:3358-3369.
|
[7] |
WANG Y, ZOU D, YI J, et al. Improving Adversarial Robustness Requires Revisiting Misclassified Examples[C]// Proceeding of the 7th International Conference on Learning Representations (ICLR).La Jolla:ICLR, 2019:1-14.
|
[8] |
ZHENG H, ZHANG Z, GU J, et al. Efficient Adversarial Training With Transferable Adversarial Examples[C]// Proceeding of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR).Piscataway:IEEE, 2020:1181-1190.
|
[9] |
DING G W, SHARMA Y, LUIK Y C, et al. MMA Training:Direct Input Space Margin Maximization through Adversarial Training[C]// Proceeding of the 7th International Conference on Learning Representations (ICLR).La Jolla:ICLR, 2019:1-28.
|
[10] |
JIA X, WEI X, CAO X, et al. ComDefend:An Efficient Image Compression Model to Defend Adversarial Examples[C]// Proceeding of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR).Piscataway:IEEE, 2019:6084-6092.
|
[11] |
LIAO F, LIANG M, DONG Y, et al. Defense Against Adversarial Attacks Using High-Level Representation Guided Denoiser[C]// Proceeding of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR).Piscataway:IEEE, 2018:1778-1787.
|
[12] |
SONG Y, KIM T, NOWOZIN S, et al. PixelDefend:Leveraging Generative Models to Understand and Defend against Adversarial Examples[C]// Proceeding of the 6th International Conference on Learning Representations (ICLR).La Jolla:ICLR, 2018:1-20.
|
[13] |
GU S, RIGAZIO L. Towards Deep Neural Network Architectures Robust to Adversarial Examples[C]// In Proceeding of the 3th International Conference on Learning Representations (ICLR).La Jolla:ICLR, 2015:1-9.
|
[14] |
XU W, DAVID E, QI Y. Feature Squeezing:Detecting Adversarial Examples in Deep Neural Networks[C]// In Proceeding of the 25th Annual Network and Distributed System Security Symposium(NDSS) 2018.
|
[15] |
GUO C, RANA M, CISSE M, et al. Countering Adversarial Images using Input Transformations[C]// Proceeding of the 6th International Conference on Learning Representations (ICLR).La Jolla:ICLR, 2018:1-12.
|
[16] |
NASEER M, KHAN S, HAYATM, et al. A Self-Supervised Approach for Adversarial Robustness[C]// Proceeding of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR).Piscataway:IEEE, 2020:262-271.
|
[17] |
张树栋, 高海昌, 曹曦文, 等. 针对ASR系统的快速有目标自适应对抗攻击[J]. 西安电子科技大学学报, 2021, 48(1):168-175.
|
|
ZHANG Shudong, GAO Haichang, CAO Xiwen, et al. Adaptive Fast and Targeted Adversarial Attack for Speech Recognition[J]. Journal of Xidian University, 2021, 48(1):168-175.
|
[18] |
XIE C, WU Y, MAATEN L, et al. Feature Denoising for Improving Adversarial Robustness[C]// Proceeding of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR).Piscataway:IEEE, 2019:501-509.
|
[19] |
SALMAN H, SUN M, YANG G, et al. Denoised Smoothing:A Provable Defense for Pretrained Classifiers[C]// Proceeding of 33th Neural Information Processing Systems (NIPS).New York:ACM, 2020:21945-21957.
|
[20] |
JEONG, J, SHIN J. Consistency Regularization for Certified Robustness of Smoothed Classifiers[C]// // Proceeding of 33th Neural Information Processing Systems (NIPS).New York:ACM, 2020:6-12.
|
[21] |
RONNEBERGER O, FISCHER P, BROX T. U-net:Convolutional Networks for Biomedical Image Segmentation[C]// In Proceeding of the 18th International Conference on Medical Image Computing and Computer-Assisted Intervention (MICCAI).Heidelberg:Springer, 2015:234-241.
|
[22] |
ZHANG H, CISSE M, YANN N, et al. Mixup:Beyond Empirical Risk Minimization[C]// Proceeding of the 6th International Conference on Learning Representations (ICLR).La Jolla:ICLR, 2018:1-13.
|
[23] |
陈开周. 最优化计算方法[M]. 西安: 西北电讯工程学院出版社, 1985: 22.
|
[24] |
HE K, ZHANG X, REN S, et al. Deep Residual Learning for Image Recognition[C]// Proceeding of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR).Piscataway:IEEE, 2016:770-778.
|
[25] |
GOODFELLOW I J, SHLENS J, SZEGEDY C. Explaining and Harnessing Adversarial Examples[C]// Proceeding of the 3rd International Conference on Learning Representations (ICLR).La Jolla:ICLR, 2015:1-11.
|
[26] |
CARLINI N, WAGNER D. Towards Evaluating the Robustness of Neural Networks[C]// Proceeding of the 2017 IEEE Symposium on Security and Privacy (SP).Piscataway:IEEE, 2017:39-57.
|
[27] |
KOS J, FISCHER I, SONG D. Adversarial Examples for Generative Models[C]// Proceeding of the 2018 IEEE Security and Privacy Workshops (SPW).Piscataway:IEEE, 2018:36-42.
|
[28] |
LIUS, DENG W. Very Deep Convolutional Neural Network Based Image Classification Using Small Training Sample Size[C]// Proceeding of the 3rd IAPR Asian Conference on Pattern Recognition (ACPR).Piscataway:IEEE, 2015:730-734.
|
[29] |
WONG E, RICE L, KOLTER J Z. Fast is Better Than Free:Revisiting Adversarial Training[C]// Proceeding of the 8th International Conference on Learning Representations (ICLR).La Jolla:ICLR, 2020:1-17.
|