Adversarial defense method of image classification network and related devices

A technology for classifying networks and images, applied to biological neural network models, instruments, character and pattern recognition, etc., can solve problems such as noise perturbation neural network classification, errors, etc., to achieve the effect of guaranteeing the effect and improving the defense ability

Pending Publication Date: 2020-01-21
PING AN TECH (SHENZHEN) CO LTD
View PDF0 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] With the in-depth application in the fields of image, voice and video, the requirements for information security of deep neural network are getting higher and higher. Although deep neural network can have very high accuracy in the process of image classification, However, adding slight noise perturbation to the samples will often cause the classification error of the neural network.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial defense method of image classification network and related devices
  • Adversarial defense method of image classification network and related devices
  • Adversarial defense method of image classification network and related devices

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048]Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this application will be thorough and complete, and will fully convey the concepts of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided in order to give a thorough understanding of embodiments of the present application. However, those skilled in the art will appreciate that the technical solutions of the present application can be practiced without one or more of the specific details, or other methods, components, devices, steps, etc. can be used. In other instances, well-known technical solutions have not be...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an adversarial defense method of an image classification network and a related devices and belongs to the technical field of image classification, and the method comprises thesteps: inputting an original image sample and an adversarial attack sample into a deep neural network, so as to extract the input features of a target layer, higher than a preset number of layers, ofthe deep neural network; generating a loss function of the deep neural network according to the input features to serve as an adversarial defense denoising device; utilizing the adversarial defense denoiser to denoise the adversarial attack sample to obtain a denoised adversarial attack sample; regularizing the loss function of the deep neural network to obtain a regularized deep neural network;and inputting the original image sample and the denoised countermeasure attack sample into the regularized deep neural network to obtain a classification result of the original image. According to thescheme, the defense capability of the image classification deep neural network can be effectively improved.

Description

technical field [0001] The present application relates to the technical field of image classification, in particular, to an image classification network confrontation defense method and related devices. Background technique [0002] With the in-depth application in the fields of image, voice and video, the requirements for information security of deep neural network are getting higher and higher. Although deep neural network can have very high accuracy in the process of image classification, However, adding slight noise perturbation to the samples will often cause the classification error of the neural network. Due to its vulnerability to adversarial samples, it is required that deep neural networks improve their defense capabilities and reduce the possibility of adversarial samples deceiving the network. [0003] It should be noted that the information disclosed in the above background technology section is only used to enhance the understanding of the background of the ap...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/04
CPCG06N3/045G06F18/241
Inventor 王健宗孔令炜黄章成
Owner PING AN TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap