[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fGOIUDS6KX5q81imFRdBM9GT-7qaaC1ZAgU2V5-c-pcA":3},{"answer":4,"createTime":5,"id":6,"options":7,"origin":12,"question":16,"related":17,"source":27,"type":28},[],"2026-02-02 08:06:30",318189988,[8,9,10,11],"数据隐私","算法公平性","模型隐私","模型鲁棒性",{"courseId":13,"courseImg":14,"courseName":15},"53e1d2ef4961cca8eea3e23969ad2cb9","https:\u002F\u002Ftihai-oss-cloud.itihey.com\u002Fimg\u002F03a579384a6dc297c89809b582fcc767.png","默认课程","一种攻击手段旨在通过利用模型的梯度等信息,反向推演出该模型的网络结构和具体参数,从而实现对模型的非法复制.这种攻击主要侵犯了什么? ( )",[18,29,38,47,56,65,74,83,86,95],{"answer":19,"createTime":5,"id":20,"options":21,"question":26,"source":27,"type":28},[],318189981,[22,23,24,25],"物理攻击","基于分数的黑盒攻击","白盒攻击","数字攻击","一名攻击者在现实世界中的一个&quot;停止&quot;交通标志牌上粘贴了特制的贴纸,导致一辆自动驾驶汽车的摄像头在捕捉到该标志后,将其错误识别为&quot;限速80公里\u002F小时&quot;的标志.这种攻击方式属于? ( )","v1",0,{"answer":30,"createTime":5,"id":31,"options":32,"question":37,"source":27,"type":28},[],318189982,[33,34,35,36],"它需要在模型训练前对数据进行大规模的清洗和去噪","它侧重于修改神经网络的内部架构和训练方式以增强鲁棒性","它在不改变原有模型或其训练过程的前提下,对模型的输出结果进行额外的处理或验证","它只能用于防御物理世界的对抗补丁攻击","后处理防御方法的主要特点是什么? ( )",{"answer":39,"createTime":5,"id":40,"options":41,"question":46,"source":27,"type":28},[],318189983,[42,43,44,45],"语义触发器","静态触发器","动态触发器","非语义触发器","在数据投毒攻击中,将图像中固有的&quot;绿色车身&quot;或文本中的特定短语作为触发器,这种触发器属于? ( )",{"answer":48,"createTime":5,"id":49,"options":50,"question":55,"source":27,"type":28},[],318189984,[51,52,53,54],"它是一种专门为有目标攻击设计的算法,能迫使模型输出一个特定的错误类别","它是一种单步攻击方法,以其计算效率高、速度快但攻击强度相对较弱而著称","它是一种多步迭代方法,以其极高的攻击强度而闻名","它是一种黑盒攻击方法,完全依赖于模型的预测分数来生成扰动","下列哪项最准确地描述了快速梯度符号法(FGSM)攻击的特点? ( )",{"answer":57,"createTime":5,"id":58,"options":59,"question":64,"source":27,"type":28},[],318189985,[60,61,62,63],"噪声会加密图像的内容特征,只保留风格特征供模型学习","噪声会使受保护图像的风格特征,在AI模型看来,变得与一个预设的、完全不同的目标风格(如梵高风格)相似","噪声会彻底破坏图像文件,使其无法被任何模型加载","噪声会为图像添加一个可见的、明确的版权声明","在利用对抗性信息预防AI模型侵犯艺术作品版权时,一种被称为&quot;glaze&quot;的技术通过添加肉眼不可感的噪声来保护图像.其核心防护原理是? ( )",{"answer":66,"createTime":5,"id":67,"options":68,"question":73,"source":27,"type":28},[],318189986,[69,70,71,72],"从一个已经能够成功欺骗模型的对抗样本出发,然后逐步优化","从一个与目标模型结构相似的代理模型开始训练","从原始的、未被修改的干净图像开始","从一个完全随机的噪声图像开始","边界攻击(Boundary Attack)在执行其攻击算法时,有一个独特的起始(初始化)方式,它是如何开始的? ( )",{"answer":75,"createTime":5,"id":76,"options":77,"question":82,"source":27,"type":28},[],318189987,[78,79,80,81],"每次攻击都需要从头开始训练一个全新的网络,以保证安全","只能对特定类型的数据集(如手写数字)生效","具有普适性,在某数据集上训练好的网络可以复用于其他图像大小相同的数据集","生成的触发器信息可以被任何解码器轻松读取","ISSBA攻击中使用的图像隐写网络(Encoder\u002FDecoder)具有一个显著的优点,即? ( )",{"answer":84,"createTime":5,"id":6,"options":85,"question":16,"source":27,"type":28},[],[8,9,10,11],{"answer":87,"createTime":5,"id":88,"options":89,"question":94,"source":27,"type":28},[],318189989,[90,91,92,93],"要求所有模型在输出结果时,必须附带一个由所有者签发的数字证书","每个深度学习模型因其训练过程的独特性,会形成独一无二的决策边界","对所有疑似盗版的模型进行性能惩罚,使其无法正常工作","在模型中植入一个外部的、可见的版权标签","模型指纹技术用于模型溯源和验证的核心思想是基于什么? ( )",{"answer":96,"createTime":5,"id":97,"options":98,"question":103,"source":27,"type":28},[],318189990,[99,100,101,102],"生成的解释与模型的最终决策无关","只能应用于线性模型和决策树","需要对原始模型进行大量的修改和重新训练","可以在不改变模型、只使用已训练好权重的情况下生成解释","Grad-CAM是一种生成显著性图的有效方法,它的一个重要优势是? ( )"]