The vulnerability of deep neural networks to adversarial attacks has raised significant concerns about the security and reliability of artificial intelligence systems. Adversarial training is an effective approach to enhance adversarial robustness. To address the issue that existing methods adopt fixed adversarial sample generation strategies but neglect the importance of the adversarial sample generation phase for adversarial training, an adversarial training method was proposed based on adaptive attack strength. Firstly, the clean sample and the adversarial sample were input into the model to obtain the output. Then, the difference between the model outputs of the clean sample and the adversarial sample was calculated. Finally, the change of the difference compared with the previous moment was measured to automatically adjust the strength of the adversarial sample. Comprehensive experimental results on three benchmark datasets demonstrate that compared with the baseline method Adversarial Training with Projected Gradient Descent (PGD-AT), the proposed method improves the robust precision under AA (AutoAttack) attack by 1.92, 1.50 and 3.35 percentage points on three benchmark datasets, respectively, and the proposed method outperforms the state-of-the-art defense method Adversarial Training with Learnable Attack Strategy (LAS-AT) in terms of robustness and natural accuracy. Furthermore, from the perspective of data augmentation, the proposed method can effectively address the problem of diminishing augmentation effect during adversarial training.
With the popularity of cloud storage services and telemedicine platforms, more and more medical images are uploaded to the cloud. After being uploaded, the uploaded medical images may be leaked to unauthorized third parties, resulting in the disclosure of users’ personal privacy. Besides, if medical images are only uploaded to a single server for storage, they are vulnerable to attacks resulting in the loss of all data. To solve these problems, a medical image privacy protection algorithm based on thumbnail encryption and distributed storage was proposed. Firstly, by encrypting the thumbnail of the original medical image, the relevance of the medical images was preserved properly while achieving the encryption effect. Secondly, the double embedding method was adopted when hiding secret information, and data extraction and image recovery were performed separately to achieve Reversible Data Hiding (RDH) of the encrypted image. Finally, the distributed storage method based on polynomial shared matrix was used to generate n shares of the image and distribute them to n servers. Experimental results show that by using the encrypted thumbnail as carrier, the proposed algorithm exceeds the traditional security encryption methods on embedding rate. Even if the server is attacked, the receiver can recover the original image and private information as long as it receives no less than k shares. In the privacy protection of medical images, experiments were carried out from the aspects of anti-attack and image recovery, and the analysis results show that the proposed encryption algorithm has good performance and high security.
Focusing on the issues that the Reserving Room Before Encryption (RRBE) embedding algorithm requires a series of pre-processing work and Vacating Room After Encryption (VRAE) embedding algorithm has less embedding space, an algorithm of reversible data hiding in encrypted image based on multi-objective optimization was proposed to improve the embedding rate as well as reducing the algorithm process and workload. In this algorithm, two representative algorithms in RRBE and VRAE were combined and used in the same carrier, and performance evaluation indicators such as the amount of information embedded, distortion of direct decryption of image, extraction error rate, and computational complexity were formulated as the optimization sub-objectives. Then, the efficiency coefficient method was used to establish a model to solve the relative optimal solution of the application ratio of the two algorithms. Experimental results show that the proposed algorithm reduces the computational complexity of using RRBE algorithm alone, enables image processing users to flexibly allocate optimization objectives according to different needs in actual application scenarios, and at the same time obtains better image quality and a satisfactory amount of information embedding.
Rapid development of Location Based Service (LBS) and Augmented Reality (AR) technology lead to the hidden danger of user location privacy leakage. After analyzing the advantages and disadvantages of existing location privacy protection methods, a location privacy protection method was proposed based on location security. The zone security degree and the camouflage region were introduced into the method, and the zone security was defined as a metric that indicates whether a zone needs protection. The zone security degree of insecure zones (zones need to be protected) was set to 1 while that of secure zones (zones not need to be protected) was set to 0. And the location security degree was calculated by expanding zone security degree and recognition levels. Experimental results show that, compared with the method without introducing location security, this method can reduce average location error and enhance average security, therefore effectively protecting the user location privacy and increasing the service quality of LBS.
As the existing dynamic programming algorithm cannot quickly solve Discounted {0-1} Knapsack Problem (D{0-1}KP), based on the idea of dynamic programming and combined with New Greedy Repair Optimization Algorithm (NGROA) and core algorithm, a Greedy Core Acceleration Dynamic Programming (GCADP) algorithm was proposed with the acceleration of the problem solving by reducing the problem scale. Firstly, the incomplete item was obtained based on the greedy solution of the problem by NGROA. Then, the radius and range of fuzzy core interval were found by calculation. Finally, Basic Dynamic Programming (BDP) algorithm was used to solve the items in the fuzzy core interval and the items in the same item set. The experimental results show that GCADP algorithm is suitable for solving D{0-1}KP. Meanwhile, the average solution speed of GCADP improves by 76.24% and 75.07% respectively compared with that of BDP algorithm and FirEGA (First Elitist reservation strategy Genetic Algorithm).
Towards the large frequency offset caused by Doppler effect in high speed moving environment, a dynamic state space model of Orthogonal Frequency Division Multiplexing (OFDM) was built, and a kind of frequency offset tracking and estimation algorithm in OFDM based on improved Strong Tracking Unscented Kalman Filter (STUKF) was proposed. By combining strong tracking filter theory and UKF together, the fading factor was introduced during the process of calculating the measurement predictive covariance and cross covariance. The frequency offset estimation error covariance was adjusted; meanwhile, the process noise covariance was also controlled, and the gain matrix was adjusted in real-time. So the tracking ability to time-varying frequency offset was enhanced and the estimated accuracy was raised. The simulation test was carried out in time-invariant and time-varying frequency offset models. The simulation results show that the proposed algorithm has better tracking and estimation performance than the UKF frequency offset estimation algorithm, the Signal-to-Noise Ratio (SNR) raises about 1dB under the same Bit Error Rate (BER).
To estimate the frequency offset in Orthogonal Frequency Division Multiplexing (OFDM) system, a novel blind frequency offset estimation algorithm based on Particle Swarm Optimization (PSO) method was proposed. Firstly the mathematical model and cost function were designed according to the principle of minimum reconstruction error of the reconstructed signal and the signal actually received. The powerful random, parallel, global search property of PSO was utilized to minimize the cost function to get the frequency offset estimation. Two inertia weight strategies for PSO algorithm of constant coefficient and differential descending were simulated, and comparison was made with the minimum output variance and gold section methods. The simulation results show that the proposed algorithm performs highly accuracy, about one order of magnitude higher than other similar algorithms in same Signal-to-Noise Ratio (SNR) and it is not restricted by modulation type and frequency estimation range (-0.5,0.5).
The document images scanned may be skew somehow. Severe image skew makes image segmentation difficult and lowers character recognition accuracy. A new approach of skew detection based on Hough transform was presented. In order to overcome the heavy computing burdens of Hough transform,the method selected the subfield with part representation and extracted the horizontal edge from images in the first place, then performed two-stage Hough transform on the edge extracted. Experiment results show that it corrects the skew document images more rapidly and accurately than general Hough method and cross relation method.