Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A training method for adversarial attack defense based on generative adversarial networks

A training method and network technology, applied in biological neural network models, neural learning methods, instruments, etc., can solve problems such as modifying data and using additional networks to increase workload, differences between network boundaries and real decision boundaries, and avoid differences. , the effect of high robustness

Active Publication Date: 2021-09-17
星汉智能科技股份有限公司
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

From the perspective of effect and cost, modifying data and using additional networks are currently two methods that are widely used. This is because these two methods do not directly modify the target network model and can be directly used for multiple networks with similar functions. The model greatly saves resources in engineering, but modifying data and using additional networks also increases the workload to a certain extent, and the training samples are limited, resulting in differences between the network boundary of defense training and the real decision boundary

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A training method for adversarial attack defense based on generative adversarial networks
  • A training method for adversarial attack defense based on generative adversarial networks
  • A training method for adversarial attack defense based on generative adversarial networks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0085] figure 1 A flowchart representing a training method for adversarial attack defense based on generative adversarial networks, figure 2 Represents an adversarial attack defense training framework based on generative adversarial networks, including generator G, discriminator D, target network F, and attack algorithm library Ω attack .

[0086] where, in this example, the generator G uses the basic residual module of ResNet as a deconvolutional neural network to upsample the tensor, the random noise z and the random condition vector c fake As the input of the generator G, the fake sample image x is obtained after upsampling through the deconvolution network fake ; The discriminator D uses ResNet as the network structure and receives from the attack algorithm library Ω attack Take the target network F as the attack target, and process the attack samples after and generate sample x fakeThe target network F uses VGG as the network structure, and through the training of ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention proposes a kind of anti-attack defense training method based on generative confrontation network, comprising: S1. real sample image data x real Category definition and standardized processing; S2. Establish defense training framework; S3. Generate random noise Z and generate random condition vector C fake ; S4. Random noise Z and random condition vector C fake Input to the generator in the defense training framework; S5. The real sample image data and its category c after normalization processing real Input to the attack algorithm library; S6. Conduct defense training on the defense training framework, and save the trained defense training framework parameters; S7. After the training is completed, discard the generator and the attack algorithm library, and keep the discriminator. The method proposed by the invention overcomes the disadvantages of aggravating the workload of the traditional method for combating attack defense training such as using an additional network, and the method proposed by the invention has relatively high robustness.

Description

technical field [0001] The present invention relates to the technical field of security defense against deep learning against attacks, and more particularly, to a method for training methods for against attacks against attacks based on a generative confrontation network. Background technique [0002] Currently, deep learning is occupying a central position in the rapidly developing field of machine learning and artificial intelligence, achieving excellent performance in various vision and speech recognition tasks. However, due to the non-intuitive features and uninterpretability of the models, modern visual deep neural networks (DNNs) are vulnerable to attacks from adversarial examples designed according to some specific blind spots. Such aggressive adversarial samples, compared to noisy samples, are carefully designed and thus imperceptible, not only can cause the target network to predict classification errors, but also are transferable and can directly perform black-box a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06K9/62G06N3/04G06N3/08
CPCG06N3/084G06N3/045G06F18/24
Inventor 孔锐黄钢曹后杰
Owner 星汉智能科技股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com