Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Recurrent Neural Network Backdoor Attack Detection Method Based on Interpretable Model

A technology of cyclic neural network and model, applied in the direction of neural learning method, biological neural network model, neural architecture, etc., can solve problems such as no RNN interpretation method, no RNN backdoor detection method, and explanation method is difficult to achieve good results, etc., to achieve Security Further Effects

Active Publication Date: 2022-05-20
XI AN JIAOTONG UNIV
View PDF13 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1) There is no interpretation method for RNN;
[0006] 2) Due to the unique nature of RNN neurons, general explanation methods are difficult to achieve good results;
[0007] 3) Currently there is no backdoor detection method for RNN

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Recurrent Neural Network Backdoor Attack Detection Method Based on Interpretable Model
  • Recurrent Neural Network Backdoor Attack Detection Method Based on Interpretable Model
  • Recurrent Neural Network Backdoor Attack Detection Method Based on Interpretable Model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0084] The specific implementation of the method for detecting a backdoor attack of a recurrent neural network based on an interpretable model of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0085] figure 1 It is the overall flow chart of the method for detecting backdoor attack of cyclic neural network based on explainable model in the present invention;

[0086] The invention discloses a method for detecting a backdoor attack of a cyclic neural network based on an interpretable model, comprising the following steps:

[0087] Step S101: For the text dataset D and the RNN model M to be abstracted, input each piece of text in D into M, and extract the hidden layer vector and output layer vector of each time step in M; for the text dataset D, generate Hidden layer vector set H and output layer vector set O for all texts.

[0088] Specifically, step S101 extracts the intermediate variables of the RNN model M, and the s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an interpretable model-based cycle neural network backdoor attack detection method, which abstracts the RNN model and performs backdoor detection on the text in three steps: firstly, a machine learning algorithm is used to cluster the RNN hidden layer vectors, and construct an uncertain Finite automaton; secondly, according to the constructed uncertain finite automata, the state transition path of the text is obtained, so as to calculate the weight of each word in the text; finally, based on the idea of ​​mutation testing, the backdoor in the text is detected. Through the above method, it is possible to accurately explain the decision of RNN on the text and accurately detect the backdoor text.

Description

technical field [0001] The invention relates to the technical field of interpretability of machine learning, in particular to the interpretability of a recurrent neural network (Recurrent Neural Network, RNN) and a backdoor detection method for text. Background technique [0002] In recent years, with the rapid development of artificial intelligence-related technologies, deep neural networks have been widely used in many fields. However, its security has also aroused concerns from all walks of life, especially the research on adversarial samples and backdoor attack technology points out that deep neural networks are vulnerable to attacks, which also limits the further development of deep neural networks in safety-related fields such as autonomous driving and national defense. application. [0003] In order to explain the decision-making of the deep neural network and discover problems in the network, researchers at home and abroad have conducted a lot of research on the int...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06N3/04G06N3/08G06K9/62
CPCG06N3/08G06N3/045G06F18/23213G06F18/2415
Inventor 范铭司梓良刘烃魏闻英魏佳利
Owner XI AN JIAOTONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com