摘要
针对基于深度神经网络的无线电信号调制分类任务所面临的对抗样本安全问题,提出了一种基于攻击成本的信号调制分类对抗样本检测算法。首先,使用攻击成本表征样本的相对位置;然后,运用攻击迭代次数衡量样本的攻击成本,寻找待测样本在训练集中的最近邻样本;最后,计算待测样本与最近邻样本之间攻击迭代次数的Z-Score来检测对抗样本。实验结果表明该算法具有稳定且优越的检测效果。
Aiming at the security problem of adversarial samples faced by radio signal modulation classification task based on deep neural network,a signal modulation classification adversarial sample detection algorithm based on attack cost is proposed.First,the attack cost is used to characterize the relative position of the samples;then,the number of attack iterations is used to measure the attack cost of the sample and find the nearest neighbor samples to be tested in the training set;finally,the Z-score of the number of attack iterations between the samples to be tested and the nearest neighbor samples is calculated to detect the adversarial samples.Experimental results show that the algorithm has a stable and superior detection effect.
作者
宣琦
周涛
XUAN Qi;ZHOU Tao(Institute of Cyberspace Security,Zhejiang University of Technology,Hangzhou 310023,China)
出处
《浙江工业大学学报》
CAS
北大核心
2022年第6期591-598,共8页
Journal of Zhejiang University of Technology
基金
国家自然科学基金资助项目(61973273)。
关键词
深度神经网络
信号调制分类
对抗样本检测
deep neural network
signal modulation classification
adversarial sample detection
