乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T14:53:32Z","timestamp":1740149612129,"version":"3.37.3"},"reference-count":42,"publisher":"MDPI AG","issue":"14","license":[{"start":{"date-parts":[[2023,7,11]],"date-time":"2023-07-11T00:00:00Z","timestamp":1689033600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"Deep learning models have been used in creating various effective image classification applications. However, they are vulnerable to adversarial attacks that seek to misguide the models into predicting incorrect classes. Our study of major adversarial attack models shows that they all specifically target and exploit the neural networking structures in their designs. This understanding led us to develop a hypothesis that most classical machine learning models, such as random forest (RF), are immune to adversarial attack models because they do not rely on neural network design at all. Our experimental study of classical machine learning models against popular adversarial attacks supports this hypothesis. Based on this hypothesis, we propose a new adversarial-aware deep learning system by using a classical machine learning model as the secondary verification system to complement the primary deep learning model in image classification. Although the secondary classical machine learning model has less accurate output, it is only used for verification purposes, which does not impact the output accuracy of the primary deep learning model, and, at the same time, can effectively detect an adversarial attack when a clear mismatch occurs. Our experiments based on the CIFAR-100 dataset show that our proposed approach outperforms current state-of-the-art adversarial defense systems.<\/jats:p>","DOI":"10.3390\/s23146287","type":"journal-article","created":{"date-parts":[[2023,7,11]],"date-time":"2023-07-11T05:58:14Z","timestamp":1689055094000},"page":"6287","source":"Crossref","is-referenced-by-count":4,"title":["Adversarial-Aware Deep Learning System Based on a Secondary Classical Machine Learning Verification Approach"],"prefix":"10.3390","volume":"23","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-6842-1300","authenticated-orcid":false,"given":"Mohammed","family":"Alkhowaiter","sequence":"first","affiliation":[{"name":"College of Engineering and Computer Science, University of Central Florida, Orlando, FL 32816, USA"},{"name":"College of Computer Engineering and Science, Prince Sattam Bin Abdulaziz University, Al-Kharj 11942, Saudi Arabia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7673-5850","authenticated-orcid":false,"given":"Hisham","family":"Kholidy","sequence":"additional","affiliation":[{"name":"College of Engineering, SUNY Polytechnic Institute, Utica, NY 13502, USA"}]},{"given":"Mnassar A.","family":"Alyami","sequence":"additional","affiliation":[{"name":"College of Engineering and Computer Science, University of Central Florida, Orlando, FL 32816, USA"}]},{"given":"Abdulmajeed","family":"Alghamdi","sequence":"additional","affiliation":[{"name":"College of Engineering and Computer Science, University of Central Florida, Orlando, FL 32816, USA"}]},{"given":"Cliff","family":"Zou","sequence":"additional","affiliation":[{"name":"College of Engineering and Computer Science, University of Central Florida, Orlando, FL 32816, USA"}]}],"member":"1968","published-online":{"date-parts":[[2023,7,11]]},"reference":[{"key":"ref_1","unstructured":"Goodfellow, I.J., Shlens, J., and Szegedy, C. (2014). Explaining and harnessing adversarial examples. arXiv."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"84","DOI":"10.1145\/3065386","article-title":"Imagenet classification with deep convolutional neural networks","volume":"60","author":"Krizhevsky","year":"2017","journal-title":"Commun. Acm"},{"key":"ref_3","unstructured":"Vaswani, A., Shazeer, N., Parmar, N., Uszkoreit, J., Jones, L., Gomez, A.N., Kaiser, \u0141., and Polosukhin, I. (2017). Attention is all you need. Adv. Neural Inf. Process. Syst., 30."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Alkhowaiter, M., Almubarak, K., and Zou, C. (2022, January 27\u201329). Evaluating perceptual hashing algorithms in detecting image manipulation over social media platforms. Proceedings of the 2022 IEEE International Conference on Cyber Security and Resilience (CSR), Rhodes, Greece.","DOI":"10.1109\/CSR54599.2022.9850288"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Alkhowaiter, M., Almubarak, K., Alyami, M., Alghamdi, A., and Zou, C. (December, January 28). Image Authentication Using Self-Supervised Learning to Detect Manipulation Over Social Network Platforms. Proceedings of the MILCOM 2022-2022 IEEE Military Communications Conference (MILCOM), Rockville, MD, USA.","DOI":"10.1109\/MILCOM55135.2022.10017725"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"64","DOI":"10.1016\/j.comcom.2020.04.004","article-title":"A deep neural networks based model for uninterrupted marine environment monitoring","volume":"157","author":"Reddy","year":"2020","journal-title":"Comput. Commun."},{"key":"ref_7","unstructured":"Stone, P., Brooks, R., Brynjolfsson, E., Calo, R., Etzioni, O., Hager, G., Hirschberg, J., Kalyanakrishnan, S., Kamar, E., and Kraus, S. (2022). Artificial intelligence and life in 2030: The one hundred year study on artificial intelligence. arXiv."},{"key":"ref_8","unstructured":"Krizhevsky, A., and Hinton, G. (2009). Learning Multiple Layers of Features from Tiny Images, CIFAR. Available online: https:\/\/www.cs.utoronto.ca\/~kriz\/learning-features-2009-TR.pdf."},{"key":"ref_9","unstructured":"Papernot, N., and McDaniel, P. (2018). Deep k-nearest neighbors: Towards confident, interpretable and robust deep learning. arXiv."},{"key":"ref_10","unstructured":"Ma, X., Li, B., Wang, Y., Erfani, S.M., Wijewickrema, S., Schoenebeck, G., Song, D., Houle, M.E., and Bailey, J. (2018). Characterizing adversarial subspaces using local intrinsic dimensionality. arXiv."},{"key":"ref_11","unstructured":"Lee, K., Lee, K., Lee, H., and Shin, J. (2018). A simple unified framework for detecting out-of-distribution samples and adversarial attacks. Adv. Neural Inf. Process. Syst., 31."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Cohen, G., Sapiro, G., and Giryes, R. (2020, January 14\u201319). Detecting adversarial samples using influence functions and nearest neighbors. Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition, Seattle, WA, USA.","DOI":"10.1109\/CVPR42600.2020.01446"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Moosavi-Dezfooli, S.M., Fawzi, A., and Frossard, P. (2016, January 27\u201330). Deepfool: A simple and accurate method to fool deep neural networks. Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, Las Vegas, NV, USA.","DOI":"10.1109\/CVPR.2016.282"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Carlini, N., and Wagner, D. (2017, January 22\u201326). Towards evaluating the robustness of neural networks. Proceedings of the 2017 IEEE Symposium on Security and Privacy (SP), San Jose, CA, USA.","DOI":"10.1109\/SP.2017.49"},{"key":"ref_15","unstructured":"Madry, A., Makelov, A., Schmidt, L., Tsipras, D., and Vladu, A. (2017). Towards deep learning models resistant to adversarial attacks. arXiv."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Papernot, N., McDaniel, P., Jha, S., Fredrikson, M., Celik, Z.B., and Swami, A. (2016, January 21\u201324). The limitations of deep learning in adversarial settings. Proceedings of the 2016 IEEE European symposium on security and privacy (EuroS&P), Saarbrucken, Germany.","DOI":"10.1109\/EuroSP.2016.36"},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Chen, P.Y., Sharma, Y., Zhang, H., Yi, J., and Hsieh, C.J. (2018, January 2\u20137). Ead: Elastic-net attacks to deep neural networks via adversarial examples. Proceedings of the AAAI Conference on Artificial Intelligence, New Orleans, LA, USA.","DOI":"10.1609\/aaai.v32i1.11302"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"14410","DOI":"10.1109\/ACCESS.2018.2807385","article-title":"Threat of adversarial attacks on deep learning in computer vision: A survey","volume":"6","author":"Akhtar","year":"2018","journal-title":"IEEE Access"},{"key":"ref_19","unstructured":"Szegedy, C., Zaremba, W., Sutskever, I., Bruna, J., Erhan, D., Goodfellow, I., and Fergus, R. (2013). Intriguing properties of neural networks. arXiv."},{"key":"ref_20","unstructured":"Wang, Y., Zou, D., Yi, J., Bailey, J., Ma, X., and Gu, Q. (2020, January 26\u201330). Improving adversarial robustness requires revisiting misclassified examples. Proceedings of the International Conference on Learning Representations, Addis Ababa, Ethiopia."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Vivek, B.S., and Babu, R.V. (2020). Single-step Adversarial training with Dropout Scheduling. arXiv.","DOI":"10.1109\/CVPR42600.2020.00103"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Naseer, M., Khan, S., Hayat, M., Khan, F.S., and Porikli, F. (2020, January 13\u201319). A self-supervised approach for adversarial robustness. Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition, Seattle, WA, USA.","DOI":"10.1109\/CVPR42600.2020.00034"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Chen, T., Liu, S., Chang, S., Cheng, Y., Amini, L., and Wang, Z. (2020, January 13\u201319). Adversarial robustness: From self-supervised pre-training to fine-tuning. Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition, Seattle, WA, USA.","DOI":"10.1109\/CVPR42600.2020.00078"},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Jia, X., Wei, X., Cao, X., and Foroosh, H. (2019, January 15\u201320). Comdefend: An efficient image compression model to defend adversarial examples. Proceedings of the IEEE\/CVF Conference on Computer Vision and Pattern Recognition, Long Beach, CA, USA.","DOI":"10.1109\/CVPR.2019.00624"},{"key":"ref_25","unstructured":"Samangouei, P., Kabkab, M., and Chellappa, R. (2018). Defense-gan: Protecting classifiers against adversarial attacks using generative models. arXiv."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"He, K., Zhang, X., Ren, S., and Sun, J. (2016, January 27\u201330). Deep residual learning for image recognition. Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, Las Vegas, NV, USA.","DOI":"10.1109\/CVPR.2016.90"},{"key":"ref_27","unstructured":"Simonyan, K., and Zisserman, A. (2014). Very deep convolutional networks for large-scale image recognition. arXiv."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Huang, G., Liu, Z., Van Der Maaten, L., and Weinberger, K.Q. (2017, January 21\u201326). Densely connected convolutional networks. Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, Honolulu, HI, USA.","DOI":"10.1109\/CVPR.2017.243"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Waseda, F., Nishikawa, S., Le, T.N., Nguyen, H.H., and Echizen, I. (2023, January 2\u20137). Closer Look at the Transferability of Adversarial Examples: How They Fool Different Models Differently. Proceedings of the IEEE\/CVF Winter Conference on Applications of Computer Vision, Waikoloa, HI, USA.","DOI":"10.1109\/WACV56688.2023.00141"},{"key":"ref_30","first-page":"18","article-title":"Classification and regression by randomForest","volume":"2","author":"Liaw","year":"2002","journal-title":"R News"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Apruzzese, G., and Colajanni, M. (2018, January 1\u20133). Evading Botnet Detectors Based on Flows and Random Forest with Adversarial Samples. Proceedings of the 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA), Cambridge, MA, USA.","DOI":"10.1109\/NCA.2018.8548327"},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"2783","DOI":"10.1890\/07-0539.1","article-title":"Random forests for classification in ecology","volume":"88","author":"Cutler","year":"2007","journal-title":"Ecology"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"323","DOI":"10.1037\/a0016973","article-title":"An introduction to recursive partitioning: Rationale, application, and characteristics of classification and regression trees, bagging, and random forests","volume":"14","author":"Strobl","year":"2009","journal-title":"Psychol. Methods"},{"key":"ref_34","unstructured":"Phua, C., Lee, V., Smith, K., and Gayler, R. (2010). A comprehensive survey of data mining-based fraud detection research. arXiv."},{"key":"ref_35","unstructured":"Steele II, B., and Kholidy, H.A. (2020). 5G Networks Security: Attack Detection Using the J48 and the Random Forest Tree Classifiers, SUNY Polytechnic Institute."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Alyami, M., Alkhowaiter, M., Ghanim, M.A., Zou, C., and Solihin, Y. (July, January 30). MAC-Layer Traffic Shaping Defense Against WiFi Device Fingerprinting Attacks. Proceedings of the 2022 IEEE Symposium on Computers and Communications (ISCC), Rhodes, Greece.","DOI":"10.1109\/ISCC55528.2022.9913056"},{"key":"ref_37","first-page":"2825","article-title":"Scikit-learn: Machine Learning in Python","volume":"12","author":"Pedregosa","year":"2011","journal-title":"J. Mach. Learn. Res."},{"key":"ref_38","unstructured":"Falcon, W. (2019). The PyTorch Lightning team. Pytorch Light."},{"key":"ref_39","unstructured":"Kim, H. (2020). Torchattacks: A pytorch repository for adversarial attacks. arXiv."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Alyami, M., Alharbi, I., Zou, C., Solihin, Y., and Ackerman, K. (2022, January 8\u201311). WiFi-based IoT Devices Profiling Attack based on Eavesdropping of Encrypted WiFi Traffic. Proceedings of the 2022 IEEE 19th Annual Consumer Communications Networking Conference (CCNC), Las Vegas, NV, USA.","DOI":"10.1109\/CCNC49033.2022.9700674"},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"273","DOI":"10.1007\/BF00994018","article-title":"Support-vector networks","volume":"20","author":"Cortes","year":"1995","journal-title":"Mach. Learn."},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Deng, J., Dong, W., Socher, R., Li, L.J., Li, K., and Fei-Fei, L. (2009, January 20\u201325). Imagenet: A large-scale hierarchical image database. Proceedings of the 2009 IEEE Conference on Computer Vision and Pattern Recognition, Miami, FL, USA.","DOI":"10.1109\/CVPR.2009.5206848"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/14\/6287\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,7,11]],"date-time":"2023-07-11T06:24:58Z","timestamp":1689056698000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/14\/6287"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,11]]},"references-count":42,"journal-issue":{"issue":"14","published-online":{"date-parts":[[2023,7]]}},"alternative-id":["s23146287"],"URL":"https:\/\/doi.org\/10.3390\/s23146287","relation":{},"ISSN":["1424-8220"],"issn-type":[{"type":"electronic","value":"1424-8220"}],"subject":[],"published":{"date-parts":[[2023,7,11]]}}}