Adversarial sample attack method for voice keyword classification network

An adversarial sample, classification network technology, applied in speech analysis, speech recognition, biological neural network model and other directions, can solve the problem of time-consuming and computer resources, low-quality and low-efficiency adversarial sample speech, etc.

Pending Publication Date: 2021-01-12
东南数字经济发展研究院
View PDF0 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Method 1 uses a large number of iterations to find adversarial samples, which consumes a lot of time and computer resources, while Method 2 needs to train a gen

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial sample attack method for voice keyword classification network
  • Adversarial sample attack method for voice keyword classification network
  • Adversarial sample attack method for voice keyword classification network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052]The present invention is further described below through specific examples, but the present invention is not limited only to the following examples. Within the scope of the present invention or without departing from the content, spirit and scope of the present invention, changes, combinations or substitutions to the present invention are obvious to those skilled in the art and are included in the scope of the present invention Inside.

[0053] Such as figure 1 As shown, the proposed conditional generative adversarial network consists of three parts: the generator G, the discriminator D, and the target victimization model. Among them, the generator G is a model that needs to be saved after training, and it is also the key of the present invention; the function of the discriminator D is to make the distribution of the constructed adversarial samples and normal samples as similar as possible, if the adversarial samples can fool the discriminator D, then It shows that the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an adversarial sample attack method for a voice keyword classification network. The adversarial sample attack method comprises the following steps: (1) selecting training dataand a target tag of trained batch sizes according to a training strategy; (2) inputting the data and the tags into a generator G, generating adversarial disturbance, and constructing a corresponding adversarial sample; (3) respectively inputting the generated adversarial samples into a discriminator D and a target victim model to obtain corresponding losses, calculating the corresponding losses, and updating parameters of the network; (4) repeating steps (1) to (4) until a training stop condition is met, and finally obtaining a trained model; and (5) using the model, loading model parameters,and inputting a voice sample and the target tag to quickly generate an adversarial sample. By using the method provided by the invention, the adversarial sample attack based on the voice keyword classification network application in a real-time scene can be realized.

Description

technical field [0001] The invention relates to the technical field of adversarial sample generation based on a conditional generative adversarial network, in particular to an adversarial sample attack method for a voice keyword classification network. Background technique [0002] As the core function of the voice wake-up function, the voice keyword classifier based on deep learning is widely used in smart devices, such as smart phones, smart speakers and smart voice-activated door locks. Since speech keyword classifiers are vulnerable to adversarial sample attacks, this type of application poses a potential security risk. In order to eliminate these security risks, the research on adversarial samples is very necessary. Adversarial examples refer to in-depth learning where subtle and purposeful modifications to the input of the network cause the network to make erroneous outputs, or even the output specified by the attacker. In general, adversarial samples need to meet th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G10L15/06G06N3/04
CPCG10L15/063G06N3/045
Inventor 董理黄其娟杭小树余水王让定
Owner 东南数字经济发展研究院
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap