[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fFix8Vb9YXiGX0z4brSS6_DPtgbEIqEN_BCxgiR89ik4":3},{"answer":4,"createTime":5,"id":6,"options":7,"origin":12,"question":16,"related":17,"source":27,"type":28},[],"2026-02-02 13:09:18",318310908,[8,9,10,11],"它将复杂的优化问题简化为单步梯度计算,以追求极致的速度","它是第一个完全不需要模型信息的黑盒攻击方法","它放弃了对扰动大小的限制,允许生成任意强度的噪声","它重新设计了更有效的优化目标函数,并将扰动映射到tanh空间以使用如Adam等更先进的优化器",{"courseId":13,"courseImg":14,"courseName":15},"53e1d2ef4961cca8eea3e23969ad2cb9","https:\u002F\u002Ftihai-oss-cloud.itihey.com\u002Fimg\u002F03a579384a6dc297c89809b582fcc767.png","默认课程","C&amp;W攻击是对L-BFGS等早期优化攻击方法的重大改进.下列哪项是C&amp;W攻击的关键创新点? ( )",[18,29,38,47,50,59,68,77,86,95],{"answer":19,"createTime":5,"id":20,"options":21,"question":26,"source":27,"type":28},[],318310905,[22,23,24,25],"风格特征最简单、最容易被模型学习的风格","与原始风格在视觉上尽可能相似的风格","当前最流行、最广为人知的艺术风格","在特征空间中,与原始风格的特征质心距离尽可能大的风格","在选择目标风格以保护原始艺术图像时,为了达到最佳的防护效果,应当选择什么样的目标风格? ( )","v1",0,{"answer":30,"createTime":5,"id":31,"options":32,"question":37,"source":27,"type":28},[],318310906,[33,34,35,36],"无人驾驶","智能安防监控","人脸识别","个人智能助手","攻击者在身上穿着印有特定图案的T恤,可能导致智能监控系统无法检测到行人的存在.这种攻击主要威胁的是以下哪个AI应用领域? ( )",{"answer":39,"createTime":5,"id":40,"options":41,"question":46,"source":27,"type":28},[],318310907,[42,43,44,45],"人工智能内生安全","人工智能助力安全","人工智能衍生安全","深度伪造安全","由于自动驾驶技术在某些极端天气下识别错误前方物体,从而带来车毁人亡的事故.这属于哪一类人工智能安全问题? ( )",{"answer":48,"createTime":5,"id":6,"options":49,"question":16,"source":27,"type":28},[],[8,9,10,11],{"answer":51,"createTime":5,"id":52,"options":53,"question":58,"source":27,"type":28},[],318310909,[54,55,56,57],"噪声会为图像添加一个可见的、明确的版权声明","噪声会加密图像的内容特征,只保留风格特征供模型学习","噪声会彻底破坏图像文件,使其无法被任何模型加载","噪声会使受保护图像的风格特征,在AI模型看来,变得与一个预设的、完全不同的目标风格(如梵高风格)相似","在利用对抗性信息预防AI模型侵犯艺术作品版权时,一种被称为&quot;glaze&quot;的技术通过添加肉眼不可感的噪声来保护图像.其核心防护原理是? ( )",{"answer":60,"createTime":5,"id":61,"options":62,"question":67,"source":27,"type":28},[],318310910,[63,64,65,66],"模型的训练速度和推理速度","模型的性能(准确率)和可解释性","模型的能耗和硬件成本","模型的参数量和所需内存","当前人工智能技术发展面临的一个重要挑战是在哪两个方面进行权衡? ( )",{"answer":69,"createTime":5,"id":70,"options":71,"question":76,"source":27,"type":28},[],318310911,[72,73,74,75],"仅在模型训练的最后阶段注入后门,避免早期被发现","使用一个非常显眼的补丁,让模型优先学习补丁特征","强制模型大幅度修改决策边界以适应异常数据","使得中毒样本在数据分布上向目标类别区域迁移,减少对决策边界的剧烈扰动","&quot;对抗性后门&quot;(Adversarial Backdoor)方法之所以难以被检测,是因为它的触发器设计思路是? ( )",{"answer":78,"createTime":5,"id":79,"options":80,"question":85,"source":27,"type":28},[],318310912,[81,82,83,84],"所有深度学习模型的决策边界都是完全相同的","攻击黑盒模型的唯一方法是窃取其完整的网络参数","只要一个对抗样本能攻击成功一个模型,它就能攻击成功所有其他模型","如果一个对抗样本能够同时欺骗多个结构不同的已知模型,那么它有更高的概率迁移并成功攻击一个未知的目标模型","在黑盒攻击场景中,&quot;集成模型迁移攻击&quot;方法的核心假设是什么? ( )",{"answer":87,"createTime":5,"id":88,"options":89,"question":94,"source":27,"type":28},[],318310913,[90,91,92,93],"基于分数的攻击","基于优化的攻击","基于梯度的攻击","基于决策的攻击","哪一类黑盒攻击是在信息获取最受限的条件下进行的,它仅仅依赖模型最终输出的类别标签(如&quot;猫&quot;或&quot;狗&quot;),而不需要具体的置信度分数? ( )",{"answer":96,"createTime":5,"id":97,"options":98,"question":103,"source":27,"type":28},[],318310914,[99,100,101,102],"模型隐私","模型鲁棒性","算法公平性","数据隐私","一种攻击手段旨在通过利用模型的梯度等信息,反向推演出该模型的网络结构和具体参数,从而实现对模型的非法复制.这种攻击主要侵犯了什么? ( )"]