Attack defense training method based on generative adversarial network

A training method and network technology, applied in biological neural network models, neural learning methods, instruments, etc., can solve problems such as the difference between the network boundary and the real decision boundary, modifying data and using additional networks to increase workload, etc.

Active Publication Date: 2020-06-19
星汉智能科技股份有限公司
View PDF8 Cites 18 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

From the perspective of effect and cost, modifying data and using additional networks are currently two methods that are widely used. This is because these two methods do not directly modify the target network model and can be directly used for multiple networks with similar functions. T

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack defense training method based on generative adversarial network
  • Attack defense training method based on generative adversarial network
  • Attack defense training method based on generative adversarial network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0085] figure 1 A flowchart showing a method for training defense against adversarial attacks based on generative adversarial networks, figure 2 Represents the training framework of adversarial attack defense based on generative adversarial networks, including generator G, discriminator D and target network F, attack algorithm library Ω attack .

[0086] Among them, in this example, the generator G uses the basic residual module of ResNet as a deconvolutional neural network to upsample tensors, random noise z and random condition vector c fake As the input of the generator G, the fake sample image x is obtained after deconvolution network upsampling fake ; The discriminator D uses ResNet as the network structure and receives the attack algorithm library Ω attack Taking the target network F as the attack target, the attack sample after processing and generate samples x fakeThe target network F uses VGG as the network structure, and finally retains the parameters of the d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an anti-attack defense training method based on a generative adversarial network, and the method comprises the steps: S1, carrying out the class definition of real sample imagedata xreal, and carrying out the standardization processing; s2, establishing a defense training framework; s3, generating random noise Z and generating a random condition vector Cfake; s4, inputtingthe random noise Z and the random condition vector Cfake into a generator in a defense training framework; s5, inputting the standardized real sample image data and the category creal of the standardized real sample image data into an attack algorithm library; s6, performing defense training on the defense training framework, and storing trained defense training framework parameters; and S7, completing training, abandoning the generator and the attack algorithm library, and reserving the discriminator. According to the method provided by the invention, the defect that the workload is increasedwhen an additional network is used in a traditional method for attack defense training is overcome, and the method provided by the invention has relatively high robustness.

Description

technical field [0001] The present invention relates to the technical field of deep learning anti-attack security defense, and more specifically, relates to a training method for anti-attack defense based on generative adversarial networks. Background technique [0002] Currently, deep learning is occupying a central position in the rapidly developing field of machine learning and artificial intelligence, and has achieved excellent performance in various visual and speech recognition tasks. However, due to the non-intuitive features and uninterpretable nature of the models, modern visual deep neural networks (DNNs) are vulnerable to attacks from adversarial examples designed according to some specific blind spots. Compared with noise samples, such aggressive adversarial samples are carefully designed, so they are not easy to detect. They can not only cause the target network to predict and classify errors, but also have transferability and can directly execute black-box atta...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06K9/62G06N3/04G06N3/08
CPCG06N3/084G06N3/045G06F18/24
Inventor 孔锐黄钢曹后杰
Owner 星汉智能科技股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap