Mimicry defense method for deep learning model confrontation attack

A deep learning and model technology, applied in neural learning methods, biological neural network models, character and pattern recognition, etc., can solve problems such as not being universal, achieve good defense effects, reduce training time, and improve defense effects Effect

Active Publication Date: 2020-01-03
ZHEJIANG UNIV OF TECH
View PDF6 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These methods are highly targeted, but not universal, and there i...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mimicry defense method for deep learning model confrontation attack
  • Mimicry defense method for deep learning model confrontation attack
  • Mimicry defense method for deep learning model confrontation attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] The present invention will be further described below in conjunction with the accompanying drawings.

[0048] A mimetic defense method for deep learning model against attacks, including the following steps:

[0049] 1) Randomly take some normal pictures and input them to various attack models A to generate pictures with anti-disturbance, that is, anti-sample s. The present invention takes the cifa10 data set as an example, and the methods for generating adversarial examples include FGSM, JSMA, iterative calculation method, image rotation and the like. Save the adversarial samples generated by different attack methods in batches.

[0050] 2) Training the adversarial example detector, the process is as follows:

[0051] 2.1) Divide each adversarial sample into 8×8 image blocks (batches) that do not cross and overlap with each other, and extract resampling features for the patches, and then input the resampling features extracted from the image into the GRU network in se...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a mimicry defense method for deep learning model confrontation attack. The method comprises the following steps: 1) preparing a confrontation sample; 2) training a confrontation sample detector; 3) detecting the confrontation sample; 4) defensing confrontation disturbance, specifically actively defensing confrontation disturbance and deactively defensing confrontation disturbance. According to the method, the defects of manual feature extraction and pixel block division are avoided, the process is simplified, the training efficiency is improved, the data updating speedand accuracy are improved, and the data processing efficiency is improved.

Description

technical field [0001] The invention relates to a mimetic defense method against attack. Background technique [0002] Deep learning is a branch of artificial neural network, and artificial neural network with deep network structure is the earliest network model of deep learning. At present, deep learning has been widely used in machine vision, video recognition, image understanding, face recognition, somatosensory recognition, natural language processing, speech recognition, unsupervised learning, transfer learning and other business fields, and has achieved a series of breakthrough results . For example, machine vision has been successfully applied to industries such as automobiles, medicine, and aviation. Speech recognition has been used in industries such as UX / UI, automobiles, security, and the Internet of Things. In the future, whether in academia or industry, deep learning will be used as a research tool The focus goes further. [0003] However, with the wide appli...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06K9/62G06F21/55G06N3/04G06N3/08
CPCG06F21/552G06N3/08G06N3/045G06F18/241
Inventor 陈晋音王雪柯郑海斌林翔
Owner ZHEJIANG UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap