This article introduces adversarial attack, a recently-unveiled security threat to consumer electronics, especially those utilizing machine learning techniques. We start with the fundamental knowledge including what are adversarial examples, how to realize such attacks, and common defense methods. Adversarial training enhances models’ resilience to adversarial attacks by taking both regular and adversarial examples for training. However, applying adversarial examples under a single adversarial strength provide defense in a very limited effective range. We propose a multiple-strength adversarial training method. A random walk algorithm is adopted to optimize the selection of adversarial strengths, which is closely related to the design cost and training time. We also analyze the hardware cost and quantization loss to guide future consumer electronics designs.

中文翻译：

---

对抗攻击：对智能设备的新威胁及其防御方法

本文介绍了对抗性攻击，这是对消费类电子产品（尤其是那些利用机器学习技术的电子产品）最近发布的安全威胁。我们从基础知识开始，包括什么是对抗示例，如何实现此类攻击以及常见的防御方法。对抗训练通过以常规和对抗示例进行训练来增强模型对对抗攻击的弹性。但是，在单个对抗力量下应用对抗示例会在非常有限的有效范围内提供防御。我们提出了一种多强度对抗训练方法。采用随机游走算法来优化对抗强度的选择，这与设计成本和训练时间密切相关。