一种基于多个特征重要性感知的对抗攻击算法

With the wide application of deep neural network technology, the security of deep neural networks has gradually attracted people\'s attention. Although deep neural networks have shown impressive performance in the field of computer vision, studies have shown that the technique is vulnerable to adversarial examples. The transferability enables adversarial examples to have black-box attack capabilities, which facilitates adversarial attacks on target models in real-world scenarios. In order to make the adversarial examples more transferable, this paper proposes an adversarial attack algorithm based on multiple feature importance awareness. The idea of the attack is to selectively destroy the middle layer features of the image by establishing the feature importance awareness of the original image and the adversarial example, increasing the image diversity in the process of generating the feature importance awareness can effectively avoid the source model-specific features . Finally, this paper verifies the effectiveness of the attack in adversarial examplestransferability through comparative experiments.