Adversarial example defense system and method for artificial intelligence classification
An anti-sample and artificial intelligence technology, which is applied in the field of anti-sample defense system of artificial intelligence classification, can solve the problem of loss of clean sample classification accuracy and other problems, and achieve the effects of shortening training time, improving stability, and ensuring reliability
Active Publication Date: 2022-03-22
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF4 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, this method will lose a certain amount of clean sample classification accuracy
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0031] In this embodiment, adversarial training is performed on the handwritten character set MNIST data set.
[0032] The MNIST dataset comes from the National Institute of Standards and Technology (NIST).
[0033] The training set (training set) in this embodiment is made up of the number handwritten by 250 different people, wherein 50% are high school students, 50% is from the staff of the Census Bureau (the Census Bureau), and the testing set (test set) is also For the same proportion of handwritten digit data, there are 42,000 image samples in the training set and 28,000 image samples in the test set.
[0034] The MNIST data in the original dataset is a 28×28 black-and-white bitmap image, and the gray value of each pixel of each image is divided by 256 to compress it between 0 and 1.
[0035] Such as figure 1 The shown adversarial example defense system for artificial intelligence classification of the present invention includes a first conventional convolutional neural...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The present invention relates to an adversarial sample defense system and method for artificial intelligence classification, wherein the system includes a first conventional convolutional neural network, a defense model training module, a first downsampling convolutional neural network connected to a first downsampler; a defense model The data sets in the training module are respectively input to the first conventional convolutional neural network, and are input to the first downsampling convolutional neural network through the first downsampler; the adversarial sample training set acquisition module is input to the second In the conventional convolutional neural network and the second downsampler, the second downsampler outputs the defense model after inputting the fully connected model fuser through the second downsampling convolutional neural network together with the second conventional convolutional neural network; the first The conventional convolutional neural network and the first downsampled convolutional neural network correspond to output parameters to the second conventional convolutional neural network and the second downsampled convolutional neural network, respectively. The invention can effectively improve the accuracy and robustness of the classification of adversarial samples.
Description
technical field [0001] The invention relates to a system and method for data model learning, in particular to an adversarial example defense system and method for artificial intelligence classification. Background technique [0002] In recent years, under the background of big data, machine learning has received extensive attention and has achieved great progress in application development in many different fields. For example: financial and economic fields (quantitative analysis, risk control, etc.), unmanned driving fields (environment perception, human-vehicle interaction, route planning, etc.), medical fields (drug mining, disease analysis, medical imaging, etc.), network security fields, etc. (Filter spam, DNS malicious domain name analysis, etc.). However, while machine learning brings us great convenience, it also exposes great security problems. [0003] In the paper published by Christian Szegedy et al. in ICLR2014, the concept of adversarial samples was first pro...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): G06K9/62G06N3/04G06N3/063
CPCG06N3/063G06N3/045G06F18/214
Inventor 丁康一张小松牛伟纳谢科张瑾昀赵成洋
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA