Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Target attack adversarial sample generation method for deep learning model

A technology of deep learning and adversarial samples, applied in neural learning methods, ensemble learning, biological neural network models, etc., can solve problems such as deep learning models not being learned, counter-disturbance disorder, etc., to ensure the attack success rate and good attack effect , Calculate the effect of high timeliness

Inactive Publication Date: 2021-01-05
SICHUAN UNIV
View PDF3 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] (2) Generation method of general disturbance
[0008] More importantly, adversarial examples represent the blind spot of the model, which means that the deep learning model has not learned the real concept, so the information related to the real concept is likely to be reflected in the adversarial example. However, all current research generates Fighting disturbances is messy

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Target attack adversarial sample generation method for deep learning model
  • Target attack adversarial sample generation method for deep learning model
  • Target attack adversarial sample generation method for deep learning model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments.

[0041] The present invention will be further described in detail below in conjunction with the accompanying drawings and specific examples. The flow process of the method of the present invention when concrete implementation is as follows figure 1 As shown, it mainly includes the following steps:

[0042] A. Extract a set X from the deep learning model training set to calculate the anti-perturbation. For a point x in the set X 1 Solve an optimization problem computing the minimum perturbation required to send the point to the boundary of the target class region.

[0043] Specifically, extract a set X from the training set of the deep learning model, use the polyhedron to approximate the manifold corresponding to the deep network, and use the optimization technology to perform a single point x in the set X 1 Calculate the minimum p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a target attack adversarial sample generation method for a deep learning model, and belongs to the field of deep learning security. In order to detect blind spots of a deep learning model through a countermeasure attack method and focus on a specific area of the model, the invention designs a target attack countermeasure sample generation method for the deep learning model,which can extract a general mode which is suitable for most samples and contains semantic information missed by the model from a data set of a small number of samples. An adversarial sample capable of stably realizing high-success-rate adversarial attack can be quickly generated. A manifold represented by a polyhedral approximate deep learning model is used, an optimization technology is used tocalculate a minimum disturbance vector required for sending a certain point in a training set to a classification boundary of a region corresponding to a target class on the manifold, multi-point calculation is continuously aggregated, updated and projected, and the above steps are iteratively executed till the attacked target model reaches a preset attack success rate.

Description

technical field [0001] The invention relates to the field of deep learning security technology, in particular to a method for generating target attack adversarial samples for deep learning models. Background technique [0002] Deep learning models have shown excellent performance in many tasks and are widely used in many fields such as intelligent robots, autonomous driving, speech synthesis, natural language translation, and image processing. However, the actual application environment is often complex, highly uncertain, and there are situations such as incomplete information, information confrontation and interference. At the same time, the existing deep learning models rely too much on massive data or knowledge, and are vulnerable to confrontations that cannot be recognized by the human eye. The attack of the sample makes the model produce wrong output. Adversarial attack methods that generate adversarial examples have become an important tool for discovering potential p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/04G06N3/08G06N20/20
CPCG06N3/08G06N20/20G06N3/045G06F18/214
Inventor 陈兴蜀王丽娜王伟岳亚伟唐瑞朱毅曾雪梅
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com