Recently, although deep learning has been employed in various fields, it poses the risk of a possible adversarial attack. In this study, we experimentally verified that classification accuracy in the image classification model of deep learning is lowered by adversarial samples generated by malicious attackers. We used the MNIST dataset, a representative image sample, and the NSL-KDD dataset, a representative network data. We measured the detection accuracy by injecting adversarial samples into the Autoencoder and Convolution Neural Network (CNN) classification models created using the TensorFlow and PyTorch libraries. Adversarial samples were generated by transforming the MNIST and NSL-KDD test datasets using the Jacobian-based Saliency Map Attack (JSMA) method and Fast Gradient Sign Method (FGSM). While measuring the accuracy by injecting the samples into the classification model, we verified that the detection accuracy was reduced by a minimum of 21.82% and a maximum of 39.08%.
- This research was supported by the MSIT (Ministry of Science and ICT), Korea, under the ITRC (Information Technology Research Center) support program (IITP-2018-2016-0-00304) supervised by the IITP (Institute for Information & communications Technology Promotion) - This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Science, ICT & Future Planning (NRF-2018R1D1A1B07043349) - This research was supported by an IITP grant funded by the Korean government (MSIT) (No. 2018-0-00336, Advanced Manufacturing Process Anomaly Detection to prevent the Smart Factory Operation Failure by Cyber Attacks) - This work was supported by the Ajou University research fund
