Abstract
With the extensive application of artificial intelligence technology in 5G and Beyond Fifth Generation (B5G) networks, it has become a common trend for artificial intelligence to integrate into modern communication networks. Deep learning is a subset of machine learning and has recently led to significant improvements in many fields. In particular, many 5G-based services use deep learning technology to provide better services. Although deep learning is powerful, it is still vulnerable when faced with 5G-based deep learning services. Because of the nonlinearity of deep learning algorithms, slight perturbation input by the attacker will result in big changes in the output. Although many researchers have proposed methods against adversarial attacks, these methods are not always effective against powerful attacks such as CW. In this paper, we propose a new two-stream network which includes RGB stream and spatial rich model (SRM) noise stream to discover the difference between adversarial examples and clean examples. The RGB stream uses raw data to capture subtle differences in adversarial samples. The SRM noise stream uses the SRM filters to get noise features. We regard the noise features as additional evidence for adversarial detection. Then, we adopt bilinear pooling to fuse the RGB features and the SRM features. Finally, the final features are input into the decision network to decide whether the image is adversarial or not. Experimental results show that our proposed method can accurately detect adversarial examples. Even with powerful attacks, we can still achieve a detection rate of 91.3%. Moreover, our method has good transferability to generalize to other adversaries.
Highlights
Deep learning has recently led to significant improvements in many fields, such as computer vision [1,2,3], speech recognition [4, 5], and natural language processing [6, 7]
With the continuous development of 5G communication and artificial intelligence technology, the two have developed from mutual independence to deep integration. e artificial intelligence promotes the intelligent development of the communication network itself, and the industry widely believes that 5G and artificial intelligence are general-purpose technologies (GPTs) [8]
spatial rich model (SRM)-Net and KD + BU are almost invalid against adversarial examples generated on black models, while the precision score of FNet reaches 90.1% against CW
Summary
Deep learning has recently led to significant improvements in many fields, such as computer vision [1,2,3], speech recognition [4, 5], and natural language processing [6, 7]. E deep learning model deployed on the 5G platform provides intelligent image recognition services. To ensure the security of 5G-based deep learning services, we mainly research the detection method of adversarial samples to protect against image classification models. To solve the adversarial attack on the image classification service based on the 5G platform, we mainly research the detection method of adversarial samples. We use rich features extracted from the spatial rich model (SRM) [19] to help the deep learning model for detecting adversarial examples. (1) To improve the security of 5G-based deep learning services, we propose a new two-stream adversarial example detection model and perform end-to-end training. E 30 SRM filters could amplify the difference in the noise domain and get additional rich information to help detect adversarial samples.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
