基于多变量时序数据的对抗攻击与防御方法

    Adversarial Attack and Defense Method Based on Multivariable Time Series Data

    • 摘要: 为了保证时序数据攻击检测模型的安全性,提出了基于多变量时间序列数据的对抗攻击与对抗防御方法. 首先,针对基于自编码器的攻击检测模型,设计了在测试阶段实施的逃逸攻击. 其次,针对设计的对抗攻击样本,提出了一种基于雅克比(Jacobian)正则化方法的对抗攻击防御策略,将模型训练过程中的Jacobian矩阵作为目标函数中的正则项,提高了深度学习模型对对抗攻击的防御能力. 在工业水处理数据集BATADAL上进行实验,验证了所提出的对抗攻击方法和对抗防御方法的有效性.

       

      Abstract: To ensure the security of the attack detection model of time series data, an adversarial attack and adversarial defense method based on multivariate time series data was proposed. First, the escape attack implemented in the test phase was designed for the autoencoder-based attack detection model. Second, according to the designed adversarial attack samples, the adversarial defense strategy based on the Jacobian regularization method was proposed. The Jacobian matrix in the calculation model training process was taken as the regular term in the objective function to improve the defense capability of the deep learning model. The attack effects of the proposed attack methods and the defense effect of the proposed adversarial defense method were verified on the BATADAL dataset of industrial water treatment.

       

    /

    返回文章
    返回