A defensive distillation model construction method and device

A technology for constructing methods and models, applied in the field of neural networks, can solve the problems of enhanced anti-attack, low robustness, and limited application scope of defensive distillation, so as to improve robustness, expand application scope, and prevent overfitting. Effect

Inactive Publication Date: 2019-06-18
ZHONGXIANGBOQIAN INFORMATION TECH CO LTD
View PDF0 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the object of the present invention is to provide a method and device for constructing a defensive distillation model to solve the problem of requiring the original model and the distillation model to have a certain framework structure in the prior art, which limits the scope of application of the defensive distillation, and Adversarial attacks continue to increase, and the problem of low robustness against adversarial samples

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A defensive distillation model construction method and device
  • A defensive distillation model construction method and device
  • A defensive distillation model construction method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] In order to make the purpose, technical solution and advantages of the present invention clearer, the technical solution of the present invention will be described in detail below. Apparently, the described embodiments are only some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other implementations obtained by persons of ordinary skill in the art without making creative efforts fall within the protection scope of the present invention.

[0052] figure 1 It is a flowchart of Embodiment 1 of the construction method of the defensive distillation model of the present invention, such as figure 1 As shown, the construction method of the defensive distillation model in this embodiment may specifically include the following steps:

[0053] S101. Obtain the original training data in the training set and the real labels of the original training data;

[0054] During the process of building a defensive ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a defensive distillation model construction method and device. The method comprises the steps of obtaining original training data in a training set and a real label of the original training data; Performing knowledge distillation on the deep neural network according to the original training data and the real label, migrating knowledge of the deep neural network to the decision tree model, and generating a soft decision tree model; And performing countermeasure training on the soft decision tree model through the original training data to generate a defensive distillation model. The technical scheme of the invention is adopted; the decision tree model has good interpretability; the limitation of a defensive distillation technology on the framework requirement is broken through; the defensive distillation technology can be applied among different model structures, the application range of defensive distillation is expanded, and the scheme performs adversarial training on the soft decision tree model, so that not only is the problem of overfitting of the soft decision tree model prevented, but also the robustness of the model for adversarial samples can be improved.

Description

technical field [0001] The invention relates to the technical field of neural networks, in particular to a method and device for constructing a defensive distillation model. Background technique [0002] Deep learning has become one of the most active computer research fields, and the deep neural network model is favored due to its excellent performance. Deep neural networks have good application performance in many fields, such as face recognition, image classification, object tracking, etc. However, deep neural networks are vulnerable to adversarial examples, which can greatly degrade the performance of the model. Studies have shown that knowledge distillation technology can not only compress the model, but also improve the robustness of the deep learning model. Based on this, someone proposed the concept of defensive distillation to defend against the attack of adversarial samples. [0003] However, the existing defensive distillation techniques require the original mod...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/04G06N3/08
Inventor 张跃进喻蒙胡勇王猛杜飞
Owner ZHONGXIANGBOQIAN INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap