Deep neural network attack method and device, medium and computing equipment

A deep neural network and attack model technology, applied in the field of deep learning, can solve problems such as poor transfer performance, difficulty in success, and sensitivity of the attacked model, and achieve the effect of reducing costs, reducing sensitivity, and improving transfer performance

Pending Publication Date: 2019-08-02
TSINGHUA UNIV
View PDF0 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, in the actual application process, it is very difficult to attack a black-box model, especially for a model with certain defense measures, it is more difficult for a black-box attack to succeed
For example, integrated adversarial training can improve the robustness of the trained deep neural network by adding adversarial samples into the train

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Deep neural network attack method and device, medium and computing equipment
  • Deep neural network attack method and device, medium and computing equipment
  • Deep neural network attack method and device, medium and computing equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0073] The principle and spirit of the present invention will be described below with reference to several exemplary embodiments. It should be understood that these embodiments are given only to enable those skilled in the art to better understand and implement the present invention, but not to limit the scope of the present invention in any way. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.

[0074] Those skilled in the art know that the embodiments of the present invention can be implemented as a deep neural network attack system, device, device, method or computer program product. Therefore, the present disclosure can be embodied in the following forms, namely: complete hardware, complete software (including firmware, resident software, microcode, etc.), or a combination of hardware and software.

[0075] According to an embodiment of the present i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a deep neural network attack method. The method comprises the steps that an attack model is established, and the attack model at least comprises transformationinformation of an original sample and the weight of a loss function, transformed by a picture of the original sample according to the transformation information, of an identification model; an adversarial sample is generated based on an original sample using the attack model. According to the method, the confrontation sample is generated for the real picture and the group of pictures after translation, and the transfer performance of the generated confrontation sample is greatly improved, so that the sensitivity of the confrontation sample to the attacked model is remarkably reduced, and thegeneration cost of the confrontation sample is reduced. In addition, the embodiment of the invention provides a deep neural network attack device, a medium and computing equipment.

Description

technical field [0001] Embodiments of the present invention relate to the field of deep learning, and more specifically, embodiments of the present invention relate to a deep neural network attack method, device, medium, and computing device. Background technique [0002] This section is intended to provide a background or context for implementations of the invention that are recited in the claims. The descriptions herein are not admitted to be prior art by inclusion in this section. [0003] As a type of machine learning method, deep neural network has gained widespread attention in recent years due to its remarkable effects in many fields such as speech recognition, image classification, and object detection. However, deep neural network models that can achieve high accuracy on many tasks are vulnerable to attacks in adversarial environments. In an adversarial environment, the deep neural network will be input with some maliciously constructed adversarial samples based o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/10G06N3/04G06N3/08
CPCG06F21/10G06N3/08G06N3/044G06N3/045
Inventor 朱军董胤蓬苏航
Owner TSINGHUA UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap