Black box adversarial sample generation method based on microbial genetic algorithm

A technology against samples and genetic algorithms, applied in the field of artificial intelligence security, which can solve problems such as many queries

Active Publication Date: 2020-10-20
WUHAN UNIV
View PDF6 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention mainly solves the problem of too many queries required for successfully attacking the neural network model to generate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Black box adversarial sample generation method based on microbial genetic algorithm
  • Black box adversarial sample generation method based on microbial genetic algorithm
  • Black box adversarial sample generation method based on microbial genetic algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] In order to make the technology of the present invention easier to understand and grasp, the present invention will be further described below with specific implementation in conjunction with accompanying drawings and examples:

[0040] The present invention provides a method for generating black-box confrontation samples based on microbial genetic algorithm, comprising the following steps:

[0041] Step 1, load the image data that needs to generate adversarial samples;

[0042] Step 2, use migration attack to generate candidate adversarial samples;

[0043] Adversarial examples generated by one model can make another model wrong. The adversarial examples generated by the white-box attack on the local model can be used to attack the unknown model, which is called transfer-based attack. The present invention uses the basic iterative method MI-FGSM based on momentum as the method of migration attack, and the specific realization is as follows:

[0044] use x and y tru...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a black box adversarial sample generation method based on a microbial genetic algorithm, and belongs to the technical field of artificial intelligence safety. The method mainly solves the problem of excessive number of times of query required for successfully attacking a neural network model to generate an adversarial sample under the condition of a black box, combines twotypical methods in black box attacks, namely migration attacks and output-based attacks, and solves the discretization problem by using a simple microbial genetic algorithm.

Description

technical field [0001] The invention belongs to the technical field of artificial intelligence security, and in particular relates to a method for generating a black-box confrontation sample based on a microbial genetic algorithm. Background technique [0002] Deep learning has made significant progress in image classification, speech recognition, machine translation, face recognition, and object detection. However, deep learning is easily fooled by adversarial examples. Adversarial examples are generated by adding some interference that humans cannot detect in the normal input. For example, we input a picture of a cat. Under normal circumstances, the image classification model will classify it into the category of cat, but if we are in Add some carefully crafted noise to this image, and the image classification model is likely to classify it into a different class. Since the discovery of adversarial examples, serious security problems have emerged in many critical domains...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06N3/04G06N3/08G06N3/12
CPCG06N3/126G06N3/08G06N3/045
Inventor 王丽娜杨康王文琦叶傲霜柯剑鹏
Owner WUHAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap