Defence algorithm against adversarial example based on local perturbation DAT-LP
With further research into neural networks, their scope of application is becoming increasingly extensive. Among these, more neural network models are used in text classification tasks and have achieved excellent results. However, the crucial issue of derived adversarial examples has dramatically af...
Saved in:
| Published in | Nondestructive testing and evaluation Vol. 39; no. 1; pp. 204 - 220 |
|---|---|
| Main Authors | , , , , , |
| Format | Journal Article |
| Language | English |
| Published |
Abingdon
Taylor & Francis
02.01.2024
Taylor & Francis Ltd |
| Subjects | |
| Online Access | Get full text |
| ISSN | 1058-9759 1477-2671 |
| DOI | 10.1080/10589759.2023.2249581 |
Cover
| Abstract | With further research into neural networks, their scope of application is becoming increasingly extensive. Among these, more neural network models are used in text classification tasks and have achieved excellent results. However, the crucial issue of derived adversarial examples has dramatically affected the stability and robustness of the neural network model. This issue confines the further expansion of the neural network application, especially in some security-sensitive tasks. Concerning the text classification task, our proposed DAT-LP (Defence with Adversarial Training Based on Local Perturbation) algorithm is designed to address the adversarial example issue, which uses local perturbation to enhance model performance based on adversarial training. Furthermore, SW-CStart (Cold-start Algorithm Based on Sliding Window) algorithm is designed to realise adversarial training in the model's initialisation stage. The DAT-LP algorithm is evaluated by comparing with three baselines, including baseline models (BiLSTM, TextCNN), Dropout(regularisation method), and ADT (Adversarial Training method), respectively. As it turns out, DAT-LP's performance is superior and demonstrates the best generalisation ability. |
|---|---|
| AbstractList | With further research into neural networks, their scope of application is becoming increasingly extensive. Among these, more neural network models are used in text classification tasks and have achieved excellent results. However, the crucial issue of derived adversarial examples has dramatically affected the stability and robustness of the neural network model. This issue confines the further expansion of the neural network application, especially in some security-sensitive tasks. Concerning the text classification task, our proposed DAT-LP (Defence with Adversarial Training Based on Local Perturbation) algorithm is designed to address the adversarial example issue, which uses local perturbation to enhance model performance based on adversarial training. Furthermore, SW-CStart (Cold-start Algorithm Based on Sliding Window) algorithm is designed to realise adversarial training in the model’s initialisation stage. The DAT-LP algorithm is evaluated by comparing with three baselines, including baseline models (BiLSTM, TextCNN), Dropout(regularisation method), and ADT (Adversarial Training method), respectively. As it turns out, DAT-LP’s performance is superior and demonstrates the best generalisation ability. |
| Author | Huang, Yuchen Guo, Bing Tang, Jun Wang, Shiyu Mou, Zhi Zhang, Yuanyuan |
| Author_xml | – sequence: 1 givenname: Jun surname: Tang fullname: Tang, Jun organization: Sichuan University – sequence: 2 givenname: Yuchen orcidid: 0000-0002-1537-4924 surname: Huang fullname: Huang, Yuchen organization: Sichuan University – sequence: 3 givenname: Zhi surname: Mou fullname: Mou, Zhi organization: Sichuan University – sequence: 4 givenname: Shiyu surname: Wang fullname: Wang, Shiyu organization: Sichuan GreatWall Computer System Co.,Ltd – sequence: 5 givenname: Yuanyuan orcidid: 0000-0001-6265-7188 surname: Zhang fullname: Zhang, Yuanyuan email: yuanyuanzhang@stu.scu.edu.cn organization: Sichuan University – sequence: 6 givenname: Bing surname: Guo fullname: Guo, Bing organization: Sichuan University |
| BookMark | eNqFkE1LAzEQhoNUsK3-BGHB89Yk-xm8WFq_oGAP9Rxms0lN2d2sSar235vaevGgp2SG55kZ3hEadKaTCF0SPCG4xNcEZyUrMjahmCYTSlOWleQEDUlaFDHNCzII_8DEe-gMjZzbYExJVpRDtJxLJTshI2jWxmr_2kawBt05H0H9Lq0Dq6GJ5Ce0fSOjCpysI9NFjRGh3Uvrt7YCr0NrPl3Fi-U5OlXQOHlxfMfo5f5uNXuMF88PT7PpIhZJUvpwVp6kKhdCFCWtlKIqVErUgsgkJQVLsapwDbhiCmgoK8IKgtNS4SCyCpIxujrM7a1520rn-cZsbRdWcsqyNM_LwAfq5kAJa5yzUnGh_fe53oJuOMF8HyH_iZDvI-THCIOd_bJ7q1uwu3-924OnO2VsCx_GNjX3sGuMVRY6oR1P_h7xBVPbic0 |
| CitedBy_id | crossref_primary_10_1080_10589759_2024_2426705 |
| Cites_doi | 10.48550/arXiv.1412.6572 10.1609/aaai.v31i1.10970 10.48550/arXiv.1712.06751 10.1080/10589759.2023.2195646 10.48550/arXiv.1805.06504 10.48550/arXiv.1408.5882 10.48550/arXiv.1905.11268 10.1109/TIFS.2020.3021899 10.48550/arXiv.1908.07125 10.1007/978-981-19-5868-7_36 10.21203/rs.3.rs-2610874/v1 10.1109/ICSE.2019.00108 10.24963/ijcai.2018/585 10.1109/SPW.2018.00016 10.1080/10589759.2014.1002839 10.1145/1161366.1161397 10.1609/aaai.v32i1.12206 10.48550/arXiv.1507.00677 10.1109/EuroSP.2016.36 10.1007/978-1-4842-5364-9_2 10.1109/MILCOM.2016.7795300 10.48550/arXiv.1312.6199 10.1080/10589759.2023.2169285 10.48550/arXiv.1605.07725 10.48550/arXiv.1705.07204 10.1145/3132747.3132785 |
| ContentType | Journal Article |
| Copyright | 2023 Informa UK Limited, trading as Taylor & Francis Group 2023 2023 Informa UK Limited, trading as Taylor & Francis Group |
| Copyright_xml | – notice: 2023 Informa UK Limited, trading as Taylor & Francis Group 2023 – notice: 2023 Informa UK Limited, trading as Taylor & Francis Group |
| DBID | AAYXX CITATION 7SR 8BQ 8FD JG9 |
| DOI | 10.1080/10589759.2023.2249581 |
| DatabaseName | CrossRef Engineered Materials Abstracts METADEX Technology Research Database Materials Research Database |
| DatabaseTitle | CrossRef Materials Research Database Engineered Materials Abstracts Technology Research Database METADEX |
| DatabaseTitleList | Materials Research Database |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering |
| EISSN | 1477-2671 |
| EndPage | 220 |
| ExternalDocumentID | 10_1080_10589759_2023_2249581 2249581 |
| Genre | Research Article |
| GrantInformation_xml | – fundername: National Natural Science Foundation of China grantid: 62072319 – fundername: Sichuan Science and Technology Program grantid: 2022YFG0155 |
| GroupedDBID | .7F .QJ 0BK 0R~ 123 30N 4.4 5VS AAENE AAGDL AAHIA AAJMT AALDU AAMIU AAPUL AAQRR ABCCY ABDBF ABFIM ABHAV ABJNI ABLIJ ABPAQ ABPEM ABTAI ABXUL ABXYU ACGEJ ACGFS ACGOD ACIWK ACTIO ACUHS ADCVX ADGTB ADMLS ADXPE AEISY AENEX AEOZL AEPSL AEYOC AFKVX AFRVT AGDLA AGMYJ AHDZW AIJEM AIYEW AJWEG AKBVH AKOOK ALMA_UNASSIGNED_HOLDINGS ALQZU AQRUH AQTUD AVBZW AWYRJ BLEHA CCCUG CE4 CS3 DGEBU DKSSO DU5 EAP EBS EMK EPL EST ESX E~A E~B GTTXZ H13 HF~ HZ~ H~P I-F IPNFZ J.P KYCEM LJTGL M4Z MK~ NA5 NX~ O9- P2P PQQKQ RIG RNANH ROSJB RTWRZ S-T SNACF TASJS TBQAZ TDBHL TEN TFL TFT TFW TNC TTHFI TUROJ TUS TWF UT5 UU3 ZGOLN ~S~ AAYXX CITATION 7SR 8BQ 8FD JG9 |
| ID | FETCH-LOGICAL-c338t-26634f6ccc782bff2f4f6fcdc1e3417940fb0da0b9fa2794b1971048f06639ba3 |
| ISSN | 1058-9759 |
| IngestDate | Wed Aug 13 04:26:05 EDT 2025 Wed Oct 01 03:09:49 EDT 2025 Thu Apr 24 22:59:41 EDT 2025 Mon Oct 20 23:44:37 EDT 2025 |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 1 |
| Language | English |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-c338t-26634f6ccc782bff2f4f6fcdc1e3417940fb0da0b9fa2794b1971048f06639ba3 |
| Notes | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14 |
| ORCID | 0000-0002-1537-4924 0000-0001-6265-7188 |
| PQID | 2954668710 |
| PQPubID | 53225 |
| PageCount | 17 |
| ParticipantIDs | crossref_citationtrail_10_1080_10589759_2023_2249581 crossref_primary_10_1080_10589759_2023_2249581 proquest_journals_2954668710 informaworld_taylorfrancis_310_1080_10589759_2023_2249581 |
| ProviderPackageCode | CITATION AAYXX |
| PublicationCentury | 2000 |
| PublicationDate | 2024-01-02 |
| PublicationDateYYYYMMDD | 2024-01-02 |
| PublicationDate_xml | – month: 01 year: 2024 text: 2024-01-02 day: 02 |
| PublicationDecade | 2020 |
| PublicationPlace | Abingdon |
| PublicationPlace_xml | – name: Abingdon |
| PublicationTitle | Nondestructive testing and evaluation |
| PublicationYear | 2024 |
| Publisher | Taylor & Francis Taylor & Francis Ltd |
| Publisher_xml | – name: Taylor & Francis – name: Taylor & Francis Ltd |
| References | e_1_3_2_27_1 Wang W (e_1_3_2_10_1) 2019; 1902 e_1_3_2_29_1 e_1_3_2_20_1 e_1_3_2_22_1 e_1_3_2_23_1 e_1_3_2_24_1 e_1_3_2_25_1 e_1_3_2_26_1 e_1_3_2_16_1 e_1_3_2_9_1 e_1_3_2_17_1 Gulli A (e_1_3_2_30_1) 2017 e_1_3_2_8_1 e_1_3_2_18_1 e_1_3_2_7_1 e_1_3_2_19_1 Bastani O (e_1_3_2_21_1) 2016; 29 e_1_3_2_2_1 Weng L (e_1_3_2_28_1) 2018; 80 e_1_3_2_33_1 e_1_3_2_11_1 e_1_3_2_32_1 e_1_3_2_6_1 e_1_3_2_12_1 e_1_3_2_5_1 e_1_3_2_13_1 e_1_3_2_4_1 e_1_3_2_14_1 e_1_3_2_3_1 Abadi M (e_1_3_2_31_1) 2016; 16 Goodfellow I (e_1_3_2_15_1) 2016 |
| References_xml | – ident: e_1_3_2_8_1 doi: 10.48550/arXiv.1412.6572 – ident: e_1_3_2_17_1 doi: 10.1609/aaai.v31i1.10970 – ident: e_1_3_2_16_1 doi: 10.48550/arXiv.1712.06751 – ident: e_1_3_2_5_1 doi: 10.1080/10589759.2023.2195646 – start-page: 249 volume-title: Deep learning year: 2016 ident: e_1_3_2_15_1 – ident: e_1_3_2_32_1 doi: 10.48550/arXiv.1805.06504 – ident: e_1_3_2_33_1 doi: 10.48550/arXiv.1408.5882 – ident: e_1_3_2_18_1 doi: 10.48550/arXiv.1905.11268 – ident: e_1_3_2_26_1 doi: 10.1109/TIFS.2020.3021899 – ident: e_1_3_2_24_1 doi: 10.48550/arXiv.1908.07125 – ident: e_1_3_2_6_1 doi: 10.1007/978-981-19-5868-7_36 – volume: 1902 start-page: 1 year: 2019 ident: e_1_3_2_10_1 article-title: A survey on adversarial attacks and defenses in text publication-title: arXiv Preprint – ident: e_1_3_2_3_1 doi: 10.21203/rs.3.rs-2610874/v1 – ident: e_1_3_2_27_1 doi: 10.1109/ICSE.2019.00108 – ident: e_1_3_2_11_1 doi: 10.24963/ijcai.2018/585 – ident: e_1_3_2_12_1 doi: 10.1109/SPW.2018.00016 – ident: e_1_3_2_2_1 doi: 10.1080/10589759.2014.1002839 – ident: e_1_3_2_14_1 doi: 10.1145/1161366.1161397 – ident: e_1_3_2_22_1 doi: 10.1609/aaai.v32i1.12206 – ident: e_1_3_2_23_1 doi: 10.48550/arXiv.1507.00677 – volume-title: Deep learning with Keras year: 2017 ident: e_1_3_2_30_1 – volume: 16 start-page: 265 volume-title: 12th (USENIX) Symposium on Operating Systems Design and Implementation (OSDI) year: 2016 ident: e_1_3_2_31_1 – ident: e_1_3_2_20_1 doi: 10.1109/EuroSP.2016.36 – ident: e_1_3_2_29_1 doi: 10.1007/978-1-4842-5364-9_2 – ident: e_1_3_2_9_1 doi: 10.1109/MILCOM.2016.7795300 – ident: e_1_3_2_7_1 doi: 10.48550/arXiv.1312.6199 – ident: e_1_3_2_4_1 doi: 10.1080/10589759.2023.2169285 – ident: e_1_3_2_13_1 doi: 10.48550/arXiv.1605.07725 – ident: e_1_3_2_19_1 doi: 10.48550/arXiv.1705.07204 – volume: 80 start-page: 5276- volume-title: Proceedings of Machine Learning Research year: 2018 ident: e_1_3_2_28_1 – volume: 29 start-page: 1 year: 2016 ident: e_1_3_2_21_1 article-title: Measuring neural net robustness with constraints publication-title: Advances in neural information processing systems – ident: e_1_3_2_25_1 doi: 10.1145/3132747.3132785 |
| SSID | ssj0021578 |
| Score | 2.3005342 |
| Snippet | With further research into neural networks, their scope of application is becoming increasingly extensive. Among these, more neural network models are used in... |
| SourceID | proquest crossref informaworld |
| SourceType | Aggregation Database Enrichment Source Index Database Publisher |
| StartPage | 204 |
| SubjectTerms | adversarial attack Algorithms Classification DAT-LP defence algorithm machine learning security Neural networks Perturbation Regularization robustness Text categorization Training |
| Title | Defence algorithm against adversarial example based on local perturbation DAT-LP |
| URI | https://www.tandfonline.com/doi/abs/10.1080/10589759.2023.2249581 https://www.proquest.com/docview/2954668710 |
| Volume | 39 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVEBS databaseName: EBSCOhost Academic Search Ultimate customDbUrl: https://search.ebscohost.com/login.aspx?authtype=ip,shib&custid=s3936755&profile=ehost&defaultdb=asn eissn: 1477-2671 dateEnd: 20241102 omitProxy: true ssIdentifier: ssj0021578 issn: 1058-9759 databaseCode: ABDBF dateStart: 20020301 isFulltext: true titleUrlDefault: https://search.ebscohost.com/direct.asp?db=asn providerName: EBSCOhost – providerCode: PRVEBS databaseName: Inspec with Full Text customDbUrl: eissn: 1477-2671 dateEnd: 20241102 omitProxy: false ssIdentifier: ssj0021578 issn: 1058-9759 databaseCode: ADMLS dateStart: 19891201 isFulltext: true titleUrlDefault: https://www.ebsco.com/products/research-databases/inspec-full-text providerName: EBSCOhost – providerCode: PRVLSH databaseName: aylor and Francis Online customDbUrl: mediaType: online eissn: 1477-2671 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0021578 issn: 1058-9759 databaseCode: AHDZW dateStart: 19970101 isFulltext: true providerName: Library Specific Holdings – providerCode: PRVAWR databaseName: Taylor & Francis Science and Technology Library-DRAA customDbUrl: eissn: 1477-2671 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0021578 issn: 1058-9759 databaseCode: 30N dateStart: 19970101 isFulltext: true titleUrlDefault: http://www.tandfonline.com/page/title-lists providerName: Taylor & Francis |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3Nb9MwFLdKd4ED4lOMDeQDO1UpSewm7bGiqypUyg6pKFyi2LHXSSMZWjoBfwh_L-_ZTpOqEwMuUeMoteL38_uw_X6PkDdgUQIVDXJPah15yOjlAUpyT0umIFzQQS7MaYtFNFvy96vBqtP51Tq1tKlEX_68Na_kf6QKbSBXzJL9B8lu_xQa4DfIF64gYbj-lYwnSpuJmV2elxDkr7_2snOI9K8r3NoHvy4zJTnU9wwpgHtosHLcHDD2CwmLwdwIC4DJOPHmZ21PdVEWuXLssjeqVyEbh8tnbBjCm7jfHezdFA1OXNvnDeBi2_yh3Jj9kPVFs5TvVqzXFz827UWIkJtFiCZkTfbqgbQOJaFa9QegVmPH_a1sG49jL4xsAZZaF1tiox3MOcVqixQ7Gx2aBLp99W_PS2Jv2FkfS8P3Q6yubcvC7NJtLz6m0-V8nianq-SETa--eViLDPfsT9jEguUeOQjBWvhdcjCeTb582obywSC2SZbuu-rcsKH_9tbed7yeHU7cPR_AODbJI_LQRSR0bOH1mHRU8YQ8aPFUPiVnDmh0CzTqgEZbQKMOaNQAjZYFNUCjbaBRC7RnZDk9Td7NPFeKw5OMDSuQU8S4jqSU4FEKrUMNd1rmMlAMa9hxXws_z3wx0lkItyIYgevKhxo92pHI2HPSLcpCvSAUImYV80hyJgKe8WjIRK4k8gyynIWBOiS8HqpUOp56LJdymQaOzrYe4RRHOHUjfEj629euLFHLXS-M2nJIK4NhbeGbsjvePa6Fljp9cJ3ijnkUDeG7X_758RG538yhY9KFqaxegWtbidcOZ78BYX-fFw |
| linkProvider | Library Specific Holdings |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV1LT8MwDI4QHIADb8SbHLhmapq0W48ImAaMicOQuEVJmoyJsU2jSIhfj93HNEBoh52qqHLVJo4_O7U_E3IBiMJdHKXMeh8zZPRioCUp81Y4CBc8T02ebdGJW0_y7jl6nqmFwbRKjKF9QRSR22rc3HgYXaXEwTVqJPUI60xCUQuxfTJWX69E4OxjFwMRdKZBF4_qRTlcBBsbZKoqnv8e8wOffrCX_rHWOQQ1N4mtXr7IPHmtfWSmZr9-8Tou9nVbZKP0UOlloVLbZMkNd8j6DG_hLnm8dh4tAtWD3mjSz17eqO7pPniaVGOD53eNak3dp0buYYpImdLRkObAScduAjhncpWg15dd1n7cI0_Nm-5Vi5WtGZiFmDZjAOtC-thaCx6G8T70MPI2tdwJ7GkmA2-CVAcm8TqEoeEJuDKy4dHDSYwW-2R5OBq6A0IhgnJ1GVspDJdaxg1hUmeRd06kIuTukMhqQZQtecuxfcZA8ZLetJowhROmygk7JLWp2Lgg7pgnkMyutsryExNftDdRYo7sSaUaqrQB7wr_oMYxBKTB0QKPPierre5DW7VvO_fHZA1uyfwEKDwhy9nkw52CT5SZs1zpvwG3Kfuf |
| linkToPdf | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV1LSwMxEA6iIHrwLb7NweuW3U027R7FWqqW0kML3kKetahtaVcQf70z-yhWEQ-elrBM2J1M5pHMfEPIFViUyInEBsZ7ESCiVwBSYgNvmINwwUdW59kWXdEe8PvHpMomnJdplRhD-wIoItfVuLmn1lcZcfBMGmk9wTKTmNVi7J6MxddrAm_FsIoj7C5iriipF9VwCexroKmKeH6bZsk8LYGX_lDWuQVqbRNdfXuRePJce8t0zXx8g3X818_tkK3SP6XXhUDtkhU33iObX1AL90mv6TzqA6pehpPZKHt6pWqoRuBnUoXtnecKhZq6d4XIwxTtpKWTMc3NJp26GVg5nQsEbV73g07vgAxat_2bdlA2ZggMRLRZAEadcS-MMeBfaO9jDyNvrIkcw45mPPQ6tCrUqVcxDHWUgiPDGx79m1QrdkhWx5OxOyIU4idX58JwpiOuuGgwbZ1B1DlmWRy5Y8Kr9ZCmRC3H5hkvMirBTSuGSWSYLBl2TGoLsmkB2_EXQfp1sWWWn5f4ormJZH_QnlWSIUsNMJd4fyoEhKPhyT-mviTrvWZLdu66D6dkA97w_PgnPiOr2ezNnYNDlOmLXOQ_AZKZ-kM |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Defence+algorithm+against+adversarial+example+based+on+local+perturbation+DAT-LP&rft.jtitle=Nondestructive+testing+and+evaluation&rft.au=Tang%2C+Jun&rft.au=Huang%2C+Yuchen&rft.au=Mou%2C+Zhi&rft.au=Wang%2C+Shiyu&rft.date=2024-01-02&rft.pub=Taylor+%26+Francis+Ltd&rft.issn=1058-9759&rft.eissn=1477-2671&rft.volume=39&rft.issue=1&rft.spage=204&rft.epage=220&rft_id=info:doi/10.1080%2F10589759.2023.2249581&rft.externalDBID=NO_FULL_TEXT |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1058-9759&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1058-9759&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1058-9759&client=summon |