Initializing Perturbations in Multiple Directions for Fast Adversarial Training
Authors:
Xunguang Wang,
Ship Peng Xu,
Eric Ke Wang
Abstract:
Recent developments in the filed of Deep Learning have demonstrated that Deep Neural Networks(DNNs) are vulnerable to adversarial examples. Specifically, in image classification, an adversarial example can fool the well trained deep neural networks by adding barely imperceptible perturbations to clean images. Adversarial Training, one of the most direct and effective methods, minimizes the losses…
▽ More
Recent developments in the filed of Deep Learning have demonstrated that Deep Neural Networks(DNNs) are vulnerable to adversarial examples. Specifically, in image classification, an adversarial example can fool the well trained deep neural networks by adding barely imperceptible perturbations to clean images. Adversarial Training, one of the most direct and effective methods, minimizes the losses of perturbed-data to learn robust deep networks against adversarial attacks. It has been proven that using the fast gradient sign method (FGSM) can achieve Fast Adversarial Training. However, FGSM-based adversarial training may finally obtain a failed model because of overfitting to FGSM samples. In this paper, we proposed the Diversified Initialized Perturbations Adversarial Training (DIP-FAT) which involves seeking the initialization of the perturbation via enlarging the output distances of the target model in a random directions. Due to the diversity of random directions, the embedded fast adversarial training using FGSM increases the information from the adversary and reduces the possibility of overfitting. In addition to preventing overfitting, the extensive results show that our proposed DIP-FAT technique can also improve the accuracy of the clean data. The biggest advantage of DIP-FAT method: achieving the best banlance among clean-data, perturbed-data and efficiency.
△ Less
Submitted 25 January, 2021; v1 submitted 15 May, 2020;
originally announced May 2020.
A new key establishment scheme for wireless sensor networks
Authors:
Eric Ke Wang,
Lucas C. K. Hui,
S. M. Yiu
Abstract:
Traditional key management techniques, such as public key cryptography or key distribution center (e.g., Kerberos), are often not effective for wireless sensor networks for the serious limitations in terms of computational power, energy supply, network bandwidth. In order to balance the security and efficiency, we propose a new scheme by employing LU Composition techniques for mutual authenticated…
▽ More
Traditional key management techniques, such as public key cryptography or key distribution center (e.g., Kerberos), are often not effective for wireless sensor networks for the serious limitations in terms of computational power, energy supply, network bandwidth. In order to balance the security and efficiency, we propose a new scheme by employing LU Composition techniques for mutual authenticated pairwise key establishment and integrating LU Matrix with Elliptic Curve Diffie-Hellman for anonymous pathkey establishment. At the meantime, it is able to achieve efficient group key agreement and management. Analysis shows that the new scheme has better performance and provides authenticity and anonymity for sensor to establish multiple kinds of keys, compared with previous related works.
△ Less
Submitted 5 April, 2010;
originally announced April 2010.