Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Adversarial sample generation method based on generative adversarial network

An adversarial example and generative technology, applied in the field of machine learning, can solve problems such as low attack success rate, low attack efficiency, and poor transferability, and achieve the effect of wide applicability, strong versatility, and improved attack success rate

Pending Publication Date: 2019-10-15
GUANGDONG POLYTECHNIC NORMAL UNIV
View PDF0 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In summary, although existing studies have proved that existing attack methods have certain transferability between neural networks with the same structure trained on different data, and between neural networks with different structures trained on the same task, such as [1] Goodfellow I J, Shlens J, Szegedy C, et al. Explaining and Harnessing Adversarial Examples [J]. International Conference on Learning Representations, 2015, Literature [2] Kurakin A, Goodfellow I J, Bengio S, et al. Adversarial examples in the physical world [J ].arXiv:Computer Vision and Pattern Recognition,2017, literature [3]Moosavidezfooli S,Fawzi A,Frossard P,et al.DeepFool:A Simple and Accurate Method to Fool Deep Neural Networks[J].Computer Vision and Pattern Recognition,2016: 2574-2582 and literature [4] Xiao C, Li B, Zhu J Y, et al. Generating Adversarial Examples with Adversarial Networks [J]. 2018; but there are still adversarial examples that rely too much on the target model, which leads to poor transferability of adversarial examples and successful attacks Low rate, low attack efficiency and other issues

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial sample generation method based on generative adversarial network
  • Adversarial sample generation method based on generative adversarial network
  • Adversarial sample generation method based on generative adversarial network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0043] A method for generating adversarial samples based on generative adversarial networks, such as Figures 1 to 2 , including the following steps:

[0044] S1: Input the original sample x into the generator G, the generator G outputs a disturbance G(x), and the loss function of the generator G is L G, the perturbation G(x) is superimposed on the original sample x to obtain an adversarial sample x'=x+G(x), unlike the general GAN, the goal of the generator is to generate perturbations rather than the final image, that is, the output image is equal to the input image Adding the output image of the generator G, the details and texture of the generated adversarial samples are copied from the input image, which greatly preserves the details of the original image. The loss function of the generator G uses the L2 norm as the distance metric loss, specifically expressing as follows:

[0045] L G =max(0,||G(x)|| 2 -c)

[0046] Among them, c is a custom constant;

[0047] S2: In...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an adversarial sample generation method based on a generative adversarial network. The adversarial sample generation method comprises a generator G, a discriminator D, a spacetransformation module ST and a target classification network F, wherein the generator G generates disturbance, superposes the disturbance to an original sample to generate an adversarial sample, thentrains the generator G according to the discriminator D and a loss function of the target classification network F to finally obtain a trained generator G, and generates adaptive adversarial samples for different input samples by using the trained generator G. According to the adversarial sample generation method, the generative adversarial network is utilized, and the enhancement module based onspatial transformation is embedded, and adversarial training is carried out in an unsupervised mode, and the generalization ability and robustness of an attack model are improved, and then the mobility and robustness of adversarial samples are enhanced.

Description

technical field [0001] The present invention relates to the field of machine learning, and more specifically, to a method for generating an adversarial example based on a generative adversarial network. Background technique [0002] Adversarial attacks are a hot topic in the field of machine learning. The principle of adversarial attack is to deceive the deep neural network to make wrong judgments by adversarial samples (new samples obtained by adding carefully trained tiny perturbations that are imperceptible to the human eye to the original data samples). [0003] Most of the current attack algorithms based on deep neural networks (such as gradient-based and optimization-based methods) are aimed at the test process or test data set, and require white-box access to the model's architecture and parameters all the time (such as getting and input The associated gradient requires knowledge of the weights of the target network). However, current deep learning systems usually d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06N3/08G06K9/62
CPCG06N3/08G06F18/241
Inventor 贾西平陈桂君方刚陈道鑫
Owner GUANGDONG POLYTECHNIC NORMAL UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com