An image adversarial sample generation device and method based on migration

A technology against samples and generating devices, which is applied to biological neural network models, instruments, calculations, etc., can solve the problem of low mobility and achieve the effects of increasing calculation speed, increasing success rate, and reducing time overhead

Active Publication Date: 2022-03-29
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] For the above-mentioned black-box attack that requires a large number of inquiries, or the problem of low migration, the attack success rate of the adversarial samples is improved under the condition of a small number of inquiries

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An image adversarial sample generation device and method based on migration
  • An image adversarial sample generation device and method based on migration
  • An image adversarial sample generation device and method based on migration

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0039] In this experiment, multiple adversarial samples are generated according to the above framework and method, and the effectiveness of the adversarial samples is counted. The hardware environment and software environment of this experiment are shown in Table 1 below:

[0040] Table 1 Experimental environment configuration

[0041]

[0042] The parameter information used by the adversarial sample generation method is as follows:

[0043] Table 2 Algorithm parameter information

[0044] The maximum number of iterations 1000 PGD ​​iterations 1000 Training autoencoder module parameter p 1 -8

Training autoencoder module parameters λ 0.1 Training autoencoder module parameters β 0.01

[0045] The present invention provides a migration-based image adversarial sample generation device, including the following modules:

[0046] Self-encoder training module: use the image training data set for unsupervised training to obtain an autoenco...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention belongs to the field of computer software, and discloses a device and method for generating image confrontation samples based on migration. Aiming at the problem that a large number of inquiries are required for the above-mentioned black box attack, or the migration is not high, it can be realized under the condition of a small number of inquiries. The attack success rate of adversarial samples is improved. The main scheme is 1) input normal image samples; 2) the image samples are processed by the autoencoder to obtain the dimensionality-reduced data D; 3) sequentially pass into the filtered local image classifier and use the PGD adversarial sample generation algorithm to obtain different Disturb r i ; 4) Linearly integrate these perturbations according to the weight coefficients to obtain the final perturbation f(D); 5) Add the perturbation f(D) to the dimensionally reduced data D and decode it with an autoencoder to obtain the final adversarial samples.

Description

technical field [0001] The invention belongs to the field of computer software, and specifically relates to a migration-based adversarial sample generation framework and method, which can improve a certain degree of migration by querying a small amount of target models. Background technique [0002] In recent years, deep neural networks have been widely used in various aspects. It can even match human performance in image recognition, such as image classification systems, face recognition, etc., and can already achieve a recognition rate of more than 99%. However, most researchers care more about the performance of the model (such as the correct rate), but ignore the fragility and robustness of the model. Existing models are vulnerable to "adversarial examples", which can make the model misjudgment, and then allow the attacker to bypass the model detection, for example, in an image classification system, by adding a small perturbation to the original image information (the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06V10/774G06V10/764G06V10/77G06V10/82G06K9/62G06N3/04
CPCG06N3/045G06F18/213G06F18/214G06F18/241
Inventor 张小松牛伟纳丁康一孙逊朱航李信强蒋廉
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap