Image security identification method based on adversarial sample defense

A technology against samples and security identification, applied in the direction of neural learning methods, character and pattern recognition, instruments, etc., can solve the problems of wrong results, easy to be tiny, etc., and achieve the effect of good defense ability, high security, and excellent defense ability

Pending Publication Date: 2020-07-14
SHANGHAI GOLDEN BRIDGE INFOTECH CO LTD
View PDF2 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In 2014, Szegedy et al. first proposed that the deep neural network is not perfect. Although it works well in the field of computer vision, it is easily disturbed by small vectors that are difficult for human eyes to detect, that is, such vectors are added to the image. , the image is difficult to see that there is a significant difference, but the deep neural network will get wrong results for such pictures

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Image security identification method based on adversarial sample defense
  • Image security identification method based on adversarial sample defense
  • Image security identification method based on adversarial sample defense

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only part of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0045] In order to better understand the present invention, some basic concepts are firstly explained.

[0046] Adversarial samples: Refers to samples with small deviations that make the model finally get wrong results.

[0047]Image recognition algorithm: A distinctive image recognition algorithm proposed by Google in 2015. This algorithm makes full use of the high aggregation of images, and the low coupling of different categories of images. Dif...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an image security identification method based on adversarial sample defense. The method comprises the following steps: 1, firstly, collecting an image data set; 2, generating anadversarial sample by using a pixel attack method, according to the attack method, utilizing a differential evolution algorithm to iteratively modify each pixel of a test set image to generate a sub-image, then testing the attack effect of each sub-image, and using the sub-image with the best attack effect as an adversarial sample; 3, generating an adversarial sample by using a general disturbance generation method; 4, generating an adversarial test set based on the adversarial sample; 5, taking the image data of the training set as training data, and carrying out the fine adjustment of an original pre-trained model; and 6, performing image recognition on the test set, and checking an image recognition effect. The method has a good defense capability for one pixel generation confrontationdisturbance, has an excellent defense capability for a confrontation sample generated by general disturbance, cannot generate any influence on a generated image recognition model by the general disturbance, and can be used for recognition and classification of electronic files and the like.

Description

technical field [0001] The invention is an image security recognition method based on defense against examples, which belongs to the field of machine vision. Background technique [0002] In recent years, with the increasingly widespread application of deep learning technology in the field of computer vision and its excellent performance in various tasks, deep learning technology has attracted a large number of scholars for further research. In 2014, Szegedy et al. first proposed that the deep neural network is not perfect. Although it works well in the field of computer vision, it is easy to be disturbed by small vectors that are difficult for human eyes to detect, that is, such vectors are added to the image. , the image is difficult to see the obvious difference, but the deep neural network will get wrong results for such pictures. This kind of small and imperceptible vector that can perturb the deep neural network is called an adversarial perturbation, and the picture w...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/04G06N3/08
CPCG06N3/08G06N3/045G06F18/217G06F18/241G06F18/2411
Inventor 汪昕金鑫黄横时超陈力蒋尚秀
Owner SHANGHAI GOLDEN BRIDGE INFOTECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap