摘要
针对深度学习模型中对抗样本迁移性和黑盒攻击能力不足的问题,研究设计了一种基于NadaMax优化器的迭代快速梯度方法(NM-FGSM)。该方法结合了Nesterov加速梯度和Adamax优化器的优势,通过自适应学习率和前瞻动量向量提高梯度更新精确度,并引入动态正则化增强问题凸性,优化算法稳定性和针对性。实验结果表明,NM-FGSM在不同攻击策略下优于现有方法,尤其在先进防御场景中攻击成功率提高了4%~8%。通过动态正则化的损失函数,对抗样本的跨模型迁移能力得到提升,进一步增强了黑盒攻击效果。最后,讨论了未来优化NM-FGSM算法和设计防御措施的研究方向,为深度学习模型的安全性研究提供了新的思路。
To address the problem of insufficient transferability of adversarial examples and inadequate black-box attack capabilities in deep learning models,this study designs an iterative fast gradient method based on the NadaMax optimizer(NM-FGSM).This method integrates the advantages of Nesterov Accelerated Gradient and the Adamax optimizer,improving the accuracy of gradient updates through adaptive learning rates and lookahead momentum vectors.Additionally,dynamic regularization is introduced to enhance the convexity of the problem,optimizing algorithm stability and specificity.The experimental results demonstrate that the NM-FGSM is prior to the existing methods under conditions of various attack strategies,particularly in advanced defense scenarios,attack success rate increases by 4%~8%.The dynamically regularized loss function enhances the cross-model transferability of adversarial examples,thereby further improving black-box attack effectiveness.Finally,points out the way forward for the NMFGSM algorithm and defense measures,providing a new insight into the security research of deep learning models.
作者
宋亚飞
仇文博
王艺菲
冯存前
SONG Yafei;QIU Wenbo;WANG Yifei;FENG Cunqian(Air Defense and Antimissile School,Air Force Engineering University,Xi’an 710051,China)
出处
《空军工程大学学报》
北大核心
2025年第3期119-127,共9页
Journal of Air Force Engineering University
基金
国家自然科学基金(62402521)。
