A black-box adversarial example generation method based on low query image data

A technology of adversarial samples and image data, applied in the field of adversarial sample generation, can solve problems such as low success rate and high number of iterations of adversarial samples, and achieve the effect of improving randomness, increasing the possibility of adversarial resistance, and improving evaluation efficiency

Active Publication Date: 2022-04-26
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of the above-mentioned research problems, the purpose of the present invention is to provide a method for generating black-box adversarial samples based on low-inquiry image data, which solves the problem of many iterations and low success rate of effective black-box adversarial samples in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A black-box adversarial example generation method based on low query image data
  • A black-box adversarial example generation method based on low query image data
  • A black-box adversarial example generation method based on low query image data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.

[0038] In related applications of image recognition, the present invention combines the advantages of migration-based and optimization-based generation methods, and reduces the number of iterations, that is, the number of inquiries while ensuring the success rate of generating black-box confrontation samples. The main improvement method of the present invention is to modify the random vector added in each iteration in the traditional method into an adversarial vector, and at the same time, increase the randomness in the process of generating the adversarial vector to avoid falling into local optimum and further improve production efficiency.

[0039]The image data set used in this experiment is from http: / / www.image-net.org / , and the data set uses ImageNet. The data of this experiment is randomly obtained from this data set. Each time the input...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for generating black-box adversarial samples based on low-query image data, belongs to the technical field of adversarial sample generation methods, and solves the problem that existing effective black-box adversarial samples have many iterations. In the application of image recognition, the present invention obtains the current image data; randomly selects any known model, sets the white-box confrontation sample generation parameters based on the known model, and then generates the effective white box of the known model based on the white-box generation method and the current image data. Box confrontation samples; subtract the current image data from the white box confrontation samples, and perform a normalization operation to generate the confrontation vector; send the current image data and the current image data with the confrontation vector into the unknown model respectively, After the output is obtained, use the ADAM algorithm to update the current image data. After the update, if the requirements are met, a black-box adversarial sample is obtained. If the requirements are not met, the updated image data is repeatedly executed. The present invention is used to generate black-box adversarial samples.

Description

technical field [0001] A black-box adversarial sample generation method based on low query image data is used for generating black-box adversarial samples, and belongs to the technical field of adversarial sample generation methods. Background technique [0002] In recent years, artificial intelligence technology represented by deep learning has developed rapidly and has been widely used in various fields. Unmanned and intelligent is bound to be an important trend in the future. At the same time, deep learning is also facing serious reliability problems. Recent studies have found that artificial intelligence algorithms represented by deep learning may be attacked maliciously, whether in the experimental environment or in the real physical world. Today, with the increasing application of artificial intelligence, the threat of security vulnerabilities is becoming increasingly severe. Therefore, the security of artificial intelligence algorithms is a key issue to be solved in...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06K9/62G06V10/774G06V10/82G06N3/08
CPCG06N3/08G06F18/214
Inventor 张小松丁康一牛伟纳孙逊周杰彭钰杰
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap