Cooperative defense strategy and system aiming at countermeasure attacks

The invention provides a collaborative defense strategy and system aiming at an adversarial attack. The method comprises the following steps: training an adversarial sample detector; acquiring a to-be-processed image; performing adversarial sample detection on the to-be-processed image according to a trained adversarial sample detector to obtain a detection result; if the detection result is no, directly delivering the to-be-processed image to a target deep neural network for image classification; if the detection result is' YES ', denoising the region of interest of the to-be-processed image to obtain a denoised image; performing super-resolution reconstruction on the de-noised image to obtain a recovered image; and finally, the recovered image is handed over to a target deep neural network for image classification. The method is suitable for being applied to an actual scene, time consumption is low, and multiple types of adversarial samples can be effectively defended. 本发明提供了一种针对对抗攻击的协同防御策略和系统，该方法包括：训练对抗样本检