基于自编码器的异常检测方法仅利用正常样本进行训练,因此可以有效地重构正常样本,但不能较好地对异常样本进行重构.另外,当基于自编码器的异常检测方法受到对抗攻击时,往往会取得错误的检测结果.为了解决上述问题,提出了一种基于对抗样本和自编码器的鲁棒异常检测(Robust Anomaly Detection Based on Adversarial Samples and AutoEncoder,RAD-ASAE)方法.RAD-ASAE由两个参数共享的编码器和一个解码器构成.首先,对正常样本施加微小的扰动以生成对抗样本,利用正常样本和对抗样本同时对模型进行训练,以提高模型的对抗鲁棒性;其次,在样本空间中最小化对抗样本的重构误差以及正常样本与对抗样本的重构样本之间的均方误差,同时在潜在空间中最小化正常样本和对抗样本的潜在特征之间的均方误差,以提高自编码器的重构能力.在MNIST,Fashion-MNIST,CIFAR-10数据集上进行实验,结果表明,与7种相关方法相比,RAD-ASAE展现了更优的异常检测性能.
Robust Anomaly Detection Based on Adversarial Samples and AutoEncoder
The anomaly detection method based on AutoEncoder only uses normal samples for training,so it can effectively re-construct normal samples,but cannot reconstruct abnormal samples.In addition,when the anomaly detection method based on AutoEncoder is attacked by adversarial attacks,it often obtains wrong detection results.In order to solve the above problems,ro-bust anomaly detection based on adversarial samples and AutoEncoder(RAD-ASAE)method is proposed.RAD-ASAE consists of two parameter-shared encoders and a decoder.First,the normal sample is perturbed slightly to generate the adversarial sample,and normal samples and adversarial samples are used to train the model at the same time to improve the adversarial robustness of the model.Second,the reconstruction error of the adversarial samples is minimized in the sample space,and the mean square error between the normal samples and the reconstructed samples of the adversarial samples is minimized.At the same time,the mean square error between the latent features of the normal samples and the adversarial samples is minimized in the latent space to im-prove the reconstruction ability of the AutoEncoder.Experimental results on MNIST,Fashion-MNIST and CIFAR-10 show that RAD-ASAE demonstrates better detection performance in comparison with 7 related methods.
万方数据
维普
