Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Adversarial sample defense method based on Bayesian convolutional neural network

A convolutional neural network and adversarial sample technology, applied in the direction of biological neural network models, neural architectures, instruments, etc., can solve the problem of not being robust, unable to have robust image recognition systems, unable to achieve accurate image recognition and classification, etc. problem, to achieve the effect of improving robustness and image recognition accuracy

Active Publication Date: 2020-10-16
NAT INNOVATION INST OF DEFENSE TECH PLA ACAD OF MILITARY SCI
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in the existing adversarial training methods, the neural network model only uses the adversarial samples generated under a specific set of disturbance values ​​for training. When facing adversarial samples generated with different disturbance values, it does not have good robustness and cannot achieve Accurate recognition and classification of images, that is, the use of existing confrontation training methods cannot make the image recognition system of the automotive automatic driving system have good robustness to defend against malicious attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial sample defense method based on Bayesian convolutional neural network
  • Adversarial sample defense method based on Bayesian convolutional neural network
  • Adversarial sample defense method based on Bayesian convolutional neural network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] In order to make the purpose, technical solution and advantages of the present invention clearer, the technical solution of the present invention will be clearly and completely described below in conjunction with specific embodiments of the present invention and corresponding drawings. Apparently, the described embodiments are only some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts fall within the protection scope of the present invention.

[0030] The technical solutions provided by the embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0031] as attached figure 1 As shown, an embodiment of the present invention provides a method for defending against samples based on Bayesian convolutional neural network, the method is used to t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an adversarial sample defense method based on a Bayesian convolutional neural network. The method comprises the following steps: selecting a plurality of traffic signal board pictures as a picture training set and an initial training set according to a traffic signal recognition task of an automobile automatic driving image recognition system; constructing a Bayesian convolutional neural network model of the automobile automatic driving image recognition system, and training the model to determine model parameters; setting a disturbance value and a disturbance value increasing step length, and generating a plurality of adversarial samples; taking the adversarial sample as training set data, and training the model in combination with the initial training set to update model parameters; and improving the automobile automatic driving image recognition system based on the updated model parameters. According to the method, adversarial training is performed on the neural network model by mixing the adversarial samples generated under different disturbance values so that the model is enabled to learn more features, the robustness of the model can be effectively enhanced and thus the recognition precision of the automobile automatic driving image recognition system can be enhanced.

Description

technical field [0001] The invention relates to the technical field of image intelligent recognition, in particular to an adversarial sample defense method based on a Bayesian convolutional neural network. Background technique [0002] With the development of deep learning, deep neural network (DNN) has many applications in computer vision and natural language processing. Neural networks are very complex and fragile. For example, in image recognition tasks, when small noise is added to a picture, the model can misclassify it with a high probability. [0003] At present, the pictures with added perturbations are called adversarial samples. In order to defend against the attacks of adversarial samples, adversarial training methods are mainly used to improve the robustness of neural network models to ensure accurate recognition and classification of images; existing adversarial training methods use The adversarial samples are used as the training set to train the neural networ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/00G06K9/62G06N3/04
CPCG06V20/56G06N3/045G06F18/24155G06F18/214Y02T10/40
Inventor 张俊周炜恩常强
Owner NAT INNOVATION INST OF DEFENSE TECH PLA ACAD OF MILITARY SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com