Adversarial sample generation method and device, medium and computing device

A technology against samples and sample images, applied in the field of computer vision, can solve problems such as difficult verification of system security and inability to know model structure and parameters

Active Publication Date: 2019-09-17
BEIJING REALAI TECH CO LTD
View PDF3 Cites 53 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, most of the image recognition systems on the market are integrated devices that are packaged in black boxes and only provide camera input. The specific model structure and parameters cannot be known, and the security of such systems is difficult to verify.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial sample generation method and device, medium and computing device
  • Adversarial sample generation method and device, medium and computing device
  • Adversarial sample generation method and device, medium and computing device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below in conjunction with the accompanying drawings. Obviously, the described embodiments are part of the embodiments of the present invention, not all of them. the embodiment. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0027] In this article, it is to be understood that the terminology involved

[0028] LFW (Labeled Faces in the Wild) represents an outdoor face detection dataset;

[0029] The white-box model means that the attacker can manipulate and obtain all the information of the model;

[0030] The black box model means that the attacker can only manipulate the input of the model and obtain ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an adversarial sample generation method, which comprises the following steps of obtaining a first sample image which is an image of an attack object; based on the first sample image, solving by taking the mathematical expectations of a similarity function of an identification object of a preset white box substitution model under different shooting conditions as an objective function, and generating an interference image of a specific area; and superposing the interference image on the first sample image to generate an adversarial sample. According to the present invention, the white box substitution model is used to generate the adversarial sample, so that the attack efficiency can be improved, whether the potential vulnerabilities exist in an image recognition model or not can be rapidly detected, the evaluation of the image recognition model is improved, and the safety of the image recognition model is improved. In addition, the embodiment of the invention provides an adversarial sample generation device, a medium and a computing device.

Description

technical field [0001] The present invention relates to the technical field of computer vision, in particular to a method, a device, a medium and a computing device for generating an adversarial sample. Background technique [0002] As an important task in computer vision, image recognition has also achieved tremendous development driven by deep neural networks. And image recognition systems have many applications in real-life scenarios such as finance / payment, public transportation, and criminal identification. Although image recognition systems have achieved great success and practical applications, these systems cannot fully ensure sufficient security. [0003] In recent years, deep learning has achieved breakthroughs in the fields of image, speech and natural language. However, for some deep neural network models that can achieve a high accuracy recognition rate, they are also vulnerable to attacks in an adversarial environment. In an adversarial environment, the deep...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/00G06N3/04
CPCG06V40/161G06N3/045
Inventor 萧子豪董胤蓬杨定澄
Owner BEIJING REALAI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap