GENERATING ADVERSARIAL EXAMPLES ON SAR IMAGES BY OPTIMIZING FLOW FIELD DIRECTLY IN FREQUENCY DOMAIN

被引：0

作者：

Zhang, Lei ^{[1
,2
]}

Jiang, Tianpeng ^{[3
]}

Gao, Songyi ^{[1
,2
]}

Zhang, Yue ^{[4
]}

Xu, Mingming ^{[4
,5
]}

Liu, Lei ^{[6
]}

机构：

[1] Beijing Inst Technol, Beijing, Peoples R China

[2] Beijing Key Lab Embedded Real Time Informat Proc, Beijing, Peoples R China

[3] Beijing Inst Technol, Chongqing Innovat Ctr, Chongqing, Peoples R China

[4] China Acad Space Technol, Inst Remote Sensing Satellite, Beijing, Peoples R China

[5] Beijing Inst Technol, Sch Informat & Elect, Beijing, Peoples R China

[6] China Acad Space Technol, Beijing Inst Spacecraft Syst Engn, Beijing, Peoples R China

来源：

2022 IEEE INTERNATIONAL GEOSCIENCE AND REMOTE SENSING SYMPOSIUM (IGARSS 2022) | 2022年

关键词：

Adversarial examples; deep neural network; Synthetic aperture radar image (SAR image);

D O I：

10.1109/IGARSS46834.2022.9883169

中图分类号：

P [天文学、地球科学];

学科分类号：

07 ;

摘要：

Deep neural networks (DNNs) have become significant methods for SAR image analysis. However, there is a non-negligible security problem with deep learning. DNNs are particularly vulnerable to adversarial perturbations added to the input images. The study of adversarial examples generation can undoubtedly facilitate the study of defense algorithms and effectively improve the security and robustness of deep learning systems. We propose a novel method for generating adversarial examples on SAR images by optimizing flow field directly in frequency domain. We first transform the SAR images from spatial domain to frequency domain via discrete cosine transform. Then we optimize the flow field directly in frequency domain to generate the adversarial examples. Experiment of classification task on MSTAR dataset shows that our method can fool the DNN with 100% success rate, and the average number of attacks is greatly reduced from 36.58 to 5.58, which significantly improves the attack efficiency.

引用

页码：2979 / 2982

页数：4

共 33 条

[1] DualFlow: Generating imperceptible adversarial examples by flow field and normalize flow-based model
Liu, Renyang
Jin, Xin
Hu, Dongting
Zhang, Jinhong
Wang, Yuanyu
Zhang, Jin
Zhou, Wei
[J]. FRONTIERS IN NEUROROBOTICS, 2023, 17
[2] Generating Black-Box Adversarial Examples in Sparse Domain
Zanddizari, Hadi
Zeinali, Behnam
Chang, J. Morris
[J]. IEEE TRANSACTIONS ON EMERGING TOPICS IN COMPUTATIONAL INTELLIGENCE, 2022, 6 (04): : 795 - 804
[3] Generating simulated SAR images using Generative Adversarial Network
Liu, Wenlong
Zhao, Yuejin
Liu, Ming
Dong, Liquan
Liu, Xiaohua
Hui, Mei
[J]. APPLICATIONS OF DIGITAL IMAGE PROCESSING XLI, 2018, 10752
[4] Generating Images in Compressed Domain Using Generative Adversarial Networks
Kang, Byeongkeun
Tripathi, Subarna
Nguyen, Truong Q.
[J]. IEEE ACCESS, 2020, 8 : 180977 - 180991
[5] FDT: Improving the transferability of adversarial examples with frequency domain transformation
Ling, Jie
Chen, Jinhui
Li, Honglei
[J]. Computers and Security, 2024, 144
[6] Generating De-identification facial images based on the attention models and adversarial examples
Yang, Jingjing
Zhang, Weijia
Liu, Jiaxing
Wu, Jinzhao
Yang, Jie
[J]. ALEXANDRIA ENGINEERING JOURNAL, 2022, 61 (11) : 8417 - 8429
[7] DoFA: Adversarial examples detection for SAR images by dual-objective feature attribution
Zhang, Yu
Zeng, Guo-Qiang
Chen, Min-Rong
Geng, Guang-Gang
Weng, Jian
Lu, Kang-Di
[J]. EXPERT SYSTEMS WITH APPLICATIONS, 2024, 255
[8] Joint contrastive learning and frequency domain defense against adversarial examples
Yang, Jin
Li, Zhi
Liu, Shuaiwei
Hong, Bo
Wang, Weidong
[J]. NEURAL COMPUTING & APPLICATIONS, 2023, 35 (25): : 18623 - 18639
[9] Joint contrastive learning and frequency domain defense against adversarial examples
Jin Yang
Zhi Li
Shuaiwei Liu
Bo Hong
Weidong Wang
[J]. Neural Computing and Applications, 2023, 35 : 18623 - 18639
[10] Adversarial Deep Domain Adaptation for Multi-Band SAR Images Classification
Zhang, Wei
Zhu, Yongfeng
Fu, Qiang
[J]. IEEE ACCESS, 2019, 7 : 78571 - 78583

← 1 2 3 4 →