Geometric vector-based adversarial sample generation method
A technology against samples and vectors, applied in the field of machine learning, can solve problems such as classification errors, difficulty in confronting samples, and increasing the complexity of establishing gradient information, so as to improve generation efficiency and reduce cost
Active Publication Date: 2020-06-26
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF7 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, these methods have the following problems: not any perturbation of the original sample will cause classification errors, only specific perturbations will cause classification errors, so by adding noise randomly, it is not easy to get adversarial samples
Although the gradient information gives the perturbation direction, for high-dimensional data and more complex neural network models, it will increase the complexity of establishing gradient information
Existing adversarial sample generation methods do not take into account the cost and efficiency of generating samples
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0048] A method for generating an adversarial example based on a geometric vector provided in this embodiment includes the following steps:
[0049] Step 1, perform data preprocessing on the legal domain name data set and the DGA domain name data set;
[0050] Step 2, perform model pre-training after data preprocessing: initialize the generation network and the target network, so that the generation network is pre-trained on the legal domain name data set, and the target network is pre-trained on the legal domain name data set and the DGA domain name data set;
[0051] Step 3, repeat steps (a)-(f) until convergence, and get the DGA domain name confrontation example:
[0052] (a) Enter legal domain names into the ATN network to generate legal domain name confrontation samples and obtain disturbance losses;
[0053] (b) Input the legal domain name and the legal domain name confrontation sample into the noise perturbation direction function to obtain noise;
[0054] (c) inputti...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a geometric vector-based adversarial sample generation method. The adversarial sample generation method comprises the steps of 1, data preprocessing; step 2, model pre-training; 3, repeating the steps (a)-(f) until convergence to obtain a DGA domain name confrontation sample: (a) inputting a legal domain name into the ATN to generate a legal domain name confrontation sample, and obtaining disturbance loss; (b) inputting the legal domain name and the legal domain name adversarial sample into a noise disturbance direction function to obtain noise; (c) inputting the noiseand the DGA domain name into a disturbance network to obtain a DGA domain name adversarial sample, wherein the disturbance network is a disturbance network based on a geometric vector; (d) inputting the DGA domain name adversarial sample into a target network to obtain target network loss; (e) obtaining a target loss function by using the disturbance loss and the target network loss; and (f) updating the ATN network by minimizing the target loss function. According to the invention, the adversarial sample can be generated for a specific DGA category.
Description
technical field [0001] The invention relates to the technical field of machine learning, in particular to a geometric vector-based confrontation sample generation method. Background technique [0002] Deep neural networks are excellent at handling complex tasks, but recent research has shown that they are vulnerable to adversarial attacks, which are attacks in the form of adding tiny perturbations to the input, causing the model to predict the wrong output. In practical applications, adversarial attacks pose a serious threat to the success of deep learning. For this reason, the researchers proposed a method of adversarial sample generation to deal with potential attacks and enhance the robustness and generalization ability of neural networks. [0003] At present, in the principle of adversarial sample generation, it is mainly divided into two categories, one is to randomly add noise to the original sample until it can deceive the neural network, and the other is in the dire...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): G06K9/62G06N3/04G06N3/08G06N20/00
CPCG06N3/08G06N20/00G06N3/045G06F18/241
Inventor 刘启和王媛媛周世杰谭浩
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA