A step size self-adaptive attack resisting method based on model extraction
An adaptive, step-size technology, applied to biological neural network models, character and pattern recognition, instruments, etc., to achieve strong non-black box attack capabilities and good attack effects
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Embodiment Construction
[0035] Embodiments of the present invention will be further described in detail below in conjunction with the accompanying drawings.
[0036] Here, Inception-v3 is selected as the target model, and the target model is attacked by an adversarial sample construction method that adaptively adjusts the noise step size.
[0037]Step 1. Form the collected pictures and label information into pairs, where the categories are 0~n-1, that is, there are n categories in all images, specifically including the following processing:
[0038] (1-1) Use the ImageNet large-scale image classification dataset to form the image collection IMG:
[0039]
[0040] where x i represents an image, N d Indicates the total number of images in the image collection IMG;
[0041] (1-2) Construct the image description set GroundTruth corresponding to each image in the image set IMG:
[0042]
[0043] Among them, y i Indicates the category number corresponding to each image, N d Indicates the total...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com