Unlock instant, AI-driven research and patent intelligence for your innovation.

A Black-box Adversarial Sample Generation Algorithm Based on Hidden Space Clustering

A technology against samples and generating algorithms, applied in computing, computer components, neural learning methods, etc., can solve problems that have not been considered

Active Publication Date: 2022-05-10
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 3. Most algorithms only consider the classification between different categories, and do not consider the multimodal distribution of data within the same category.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Black-box Adversarial Sample Generation Algorithm Based on Hidden Space Clustering
  • A Black-box Adversarial Sample Generation Algorithm Based on Hidden Space Clustering
  • A Black-box Adversarial Sample Generation Algorithm Based on Hidden Space Clustering

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0130] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, and are not intended to limit the present invention, that is, the described embodiments are only some of the embodiments of the present invention, but not all of the embodiments. The components of the embodiments of the invention generally described and illustrated in the figures herein may be arranged and designed in a variety of different configurations. Accordingly, the following detailed description of the embodiments of the invention provided in the accompanying drawings is not intended to limit the scope of the claimed invention, but merely represents selected embodiments of the invention. Based on the embodiments of the present ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a black-box adversarial sample generation algorithm based on latent space clustering, comprising the following steps: step 1, using a convolutional self-encoder to extract the feature representation of an image sample; step 2, when the attacked model needs to be misclassified When , use the feature representation of the image sample to perform the generation algorithm of the misclassified adversarial sample to obtain the adversarial sample; step 3, when it is necessary to carry out target confrontation against the attacked model, use the feature representation of the image sample to perform the target adversarial sample generation algorithm to obtain the adversarial sample . The present invention uses a convolutional self-encoder to extract feature representations of image samples, thereby realizing hidden space clustering, and realizing a black-box confrontation sample generation algorithm without knowing the structure of a target model.

Description

technical field [0001] The invention relates to the fields of machine learning and pattern recognition, in particular to a black-box adversarial sample generation algorithm based on latent space clustering. Background technique [0002] In recent years, Deep Neural Network (DNN) has brought revolutionary changes in the field of machine learning and pattern recognition. DNN has achieved a lot of results on many pattern recognition tasks (especially visual classification problems), and its excellent performance has also attracted extensive attention in many other fields. In the field of adversarial sample attacks, researchers have also proposed many DNN-based adversarial sample generation algorithms. However, a large number of experiments have shown that there are some loopholes in the DNN-based algorithm, and there are currently three main problems: [0003] 1. Most algorithms need to obtain the classification boundaries in the feature space through training samples, which ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06K9/62G06N3/04G06N3/08
CPCG06N3/08G06N3/045G06F18/23213G06F18/241G06F18/214
Inventor 周世杰张准刘启和邱士林
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA