Computer Science ›› 2021, Vol. 48 ›› Issue (7): 9-16.doi: 10.11896/jsjkx.201200204
Special Issue: Artificial Intelligence Security
• Artificial Intelligence Security • Previous Articles Next Articles
XIE Chen-qi, ZHANG Bao-wen, YI Ping
CLC Number:
[1]LECUN Y,BENGIO Y,HINTON G.Deep learning[J].Na-ture,2015,521(7553):436-444. [2]GOODFELLOW I,BENGIO Y,COURVILLE A,et al.Deeplearning[M].Cambridge:MIT press,2016. [3]SCHMIDHUBER J.Deep learning in neural networks:An overview[J].Neural networks,2015,61:85-117. [4]WANG X,YANG W,WEINREB J,et al.Searching for prostate cancer by fully automated magnetic resonance imaging classification:deep learning versus non-deep learning[J].Scientific Reports,2017,7(1):1-8. [5]XIONG H Y,ALIPANAHI B,LEE L J,et al.The human splicing code reveals new insights into the genetic determinants of disease[J].Science,2015,347(6218):144-153. [6]WEBB S.Deep learning for biology[J].Nature,2018,554(2):555-557. [7]BRANSON K.A deep (learning) dive into a cell [J].Nature Methods,2018,15(4):253-254. [8]DENG Y,BAO F,KONG Y,et al.Deep direct reinforcement learning for financial signal representation and trading[J].IEEE Transactions on Neural Networks and Learning Systems,2016,28(3):653-664. [9]HE Y,ZHAO N,YIN H.Integrated networking,caching,and computing for connected vehicles:A deep reinforcement learning approach[J].IEEE Transactions on Vehicular Technology,2017,67(1):44-55. [10]ZHAO D,CHEN Y,LV L.Deep reinforcement learning with visual attention for vehicle classification[J].IEEE Transactions on Cognitive and Developmental Systems,2016,9(4):356-367. [11]HE K,ZHANG X,REN S,et al.Deep residual learning for ima-ge recognition[C]//Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition.2016:770-778. [12]SIMONYAN K,ZISSERMAN A.Very deep convolutional networks for large-scale image recognition[J].arXiv:1409.1556,2014. [13]COLLOBERT R,WESTON J,BOTTOU L,et al.Natural language processing (almost) from scratch[J].Journal of Machine Learning Research,2011,12(ARTICLE):2493-2537. [14]CHOWDHARY K.Natural language processing[M]//Fundamentals of Artificial Intelligence.Springer,2020:603-649. [15]AKHTAR N,MIAN A.Threat of adversarial attacks on deep learning in computer vision:A survey[J].IEEE Access,2018,6:14410-14430. [16]CHEN H,WANG F Y.Guest editors’ introduction:Artificialintelligence for homeland security[J].IEEE intelligent systems,2005,20(5):12-16. [17]JUUTI M,SZYLLER S,MARCHAL S,et al.PRADA:protecting against DNN model stealing attacks[C]//Proceedings of the 2019 IEEE European Symposium on Security and Privacy (EuroS&P).IEEE,2019:512-527. [18]TRAMÈR F,ZHANG F,JUELS A,et al.Stealing machinelearning models via prediction apis[C]//Proceedings of the 25th {USENIX} Security Symposium ({USENIX} Security 16.2016:601-618. [19]DAVIES C R.An evolutionary step in intellectual propertyrights-Artificial intelligence and intellectual property[J].Computer Law & Security Review,2011,27(6):601-619. [20]COX I J,MILLER M L,BLOOM J A,et al.Digital watermar-king[M].San Francisco:Morgan Kaufmann,2002. [21]PODILCHUK C I,DELP E J.Digital watermarking:algorithms and applications[J].IEEE Signal Processing Magazine,2001,18(4):33-46. [22]UCHIDA Y,NAGAI Y,SAKAZAWA S,et al.Embedding watermarks into deep neural networks[C]//Proceedings of the 2017 ACM on International Conference on Multimedia Retrie-val.2017:269-277. [23]CHEN H,FU C,ROUHANI B D,et al.DeepAttest:An end-to-end attestation framework for deep neural networks[C]//Proceedings of the 2019 ACM/IEEE 46th Annual International Symposium on Computer Architecture (ISCA).IEEE,2019:487-498. [24]CHEN H,ROHANI B D,KOUSHANFAR F.DeepMarks:adigital fingerprinting framework for deep neural networks[J].arXiv:1804.03648,2018. [25]ROUHANI B D,CHEN H,KOUSHANFAR F.Deepsigns:A generic watermarking framework for ip protection of deep lear-ning models[J].arXiv:1804.00750,2018. [26]ADI Y,BAUM C,CISSE M,et al.Turning your weakness into a strength:Watermarking deep neural networks by backdooring[C]//Proceedings of the 27th {USENIX} Security Symposium.2018:1615-1631. [27]FAN L,NG K W,CHAN C S.Rethinking deep neural network ownership verification:Embedding passports to defeat ambiguity attacks [C]//Proceedings of the Advances in Neural Information Processing Systems.2019:4714-4723. [28]VAN SCHYNDEL R G,TIRKEL A Z,OSBORNE C F.A digi-tal watermark[C]//Proceedings of 1st International Conference on Image Processing.IEEE,1994:86-90. [29]LIU Z,SUN M,ZHOU T,et al.Rethinking the value of network pruning[J].arXiv:1810.05270,2018. [30]CETINIC E,LIPIC T,GRGIC S.Fine-tuning convolutional neural networks for fine art classification[J].Expert Systems with Applications,2018,114:107-118. [31]CHANG C L,HUNG J L,TIEN C W,et al.Evaluating Robustness of AI Models against Adversarial Attacks[C]//Procee-dings of the 1st ACM Workshop on Security and Privacy on Artificial Intelligence.2020:47-54. [32]CHENG Y,YU F X,FERIS R S,et al.An exploration of para-meter redundancy in deep networks with circulant projections[C]//Proceedings of the IEEE International Conference on Computer Vision.2015:2857-2865. [33]ZHANG J,GU Z,JANG J,et al.Protecting intellectual property of deep neural networks with watermarking[C]// Proceedings of the Proceedings of the 2018 on Asia Conference on Computer and Communications Security.2018:159-172. [34]NAMBA R,SAKUMA J.Robust watermarking of neural net-work with exponential weighting[C]//Proceedings of the 2019 ACM Asia Conference on Computer and Communications Secu-rity.2019:228-240. [35]LI H,WILLSON E,ZHENG H,et al.Persistent and unfor-geable watermarks for deep neural networks[J].arXiv:1910.01226,2019. [36]LI H,WENGER E,SHAN S,et al.Piracy resistant watermarks for deep neural networks[J].arXiv:1910.01226,2019. [37]ZHU C,CHENG Y,GAN Z,et al.Freelb:Enhanced adversarial training for natural language understanding[J].arXiv:1909.11764,2019. [38]LI L,MA R,GUO Q,et al.Bert-attack:Adversarial attackagainst bert using bert[J].arXiv:2004.09984,2020. [39]SAMIZADE S,TAN Z H,SHEN C,et al.Adversarial example detection by classification for deep speech recognition[C]//ICASSP 2020 IEEE International Conference on Acoustics,Speech and Signal Processing (ICASSP 2020).IEEE,2020:3102-3106. [40]LE MERRER E,PEREZ P,TRÉDAN G.Adversarial frontierstitching for remote neural network watermarking[J].Neural Computing and Applications,2020,32(13):9233-9244. [41]GOODFELLOW I J,SHLENS J,SZEGEDY C.Explaining and harnessing adversarial examples[J].arXiv:1412.6572,2014. [42]SHAFAHI A,NAJIBI M,GHIASI A,et al.Adversarial training for free![J].arXiv:1904.12843,2019. [43]CHEN H,ROUHANI B D,KOUSHANFAR F.BlackMarks:Blackbox Multibit Watermarking for Deep Neural Networks[J].arXiv:1904.00344,2019. [44]ZHANG J,CHEN D,LIAO J,et al.Model watermarking for ima-ge processing networks[C]//Proceedings of the AAAI Confe-rence on Artificial Intelligence.2020:12805-12812. [45]WANG T,KERSCHBAUM F.Robust and Undetectable White-Box Watermarks for Deep Neural Networks [J].arXiv:1910.14268,2019. [46]LI Z,HU C,ZHANG Y,et al.How to prove your model belongs to you:a blind-watermark based framework to protect intellectual property of DNN[C]//Proceedings of the Proceedings of the 35th Annual Computer Security Applications Conference.2019:126-137. [47]YU Y C,DING L,CHEN Z N.Research on attack and defense technology of machine learning system[J].Netinfo Security,2018,213(9):10-18. [48]LIU R X,CHEN H,GUO R Y,et al.Privacy attack and defense in machine learning [J].Journal of Software,2020(3):866-892. [49]CHEN Y F,SHEN C,WANG T,et al.Security and privacy risk of artificial intelligence system [J].Journal of Computer Research and Development,2019,56(10):111-126. |
[1] | JING Hui-yun, ZHOU Chuan, HE Xin. Security Evaluation Method for Risk of Adversarial Attack on Face Detection [J]. Computer Science, 2021, 48(7): 17-24. |
[2] | BAO Yu-xuan, LU Tian-liang, DU Yan-hui, SHI Da. Deepfake Videos Detection Method Based on i_ResNet34 Model and Data Augmentation [J]. Computer Science, 2021, 48(7): 77-85. |
|