摘要： Attack Training的Loss:固定x,修改θ,使y0接近ytrue. Non-targeted Attack的Loss:固定θ,修改x,使y‘远离ytrue. Targeted Attack的Loss:固定θ,修改x,使y‘远离ytrue且接近yfalse. 4个pixel,(RGB每个 阅读全文