Adversarial sample attack method for voice keyword classification network

An adversarial sample, classification network technology, applied in speech analysis, speech recognition, biological neural network model and other directions, can solve the problem of time-consuming and computer resources, low-quality and low-efficiency adversarial sample speech, etc.

What is AI technical title?
AI technical title is built by PatSnap AI team. It summarizes the technical point description of the patent document.
An adversarial sample, classification network technology, applied in speech analysis, speech recognition, biological neural network model and other directions, can solve the problem of time-consuming and computer resources, low-quality and low-efficiency adversarial sample speech, etc.

CN112216273APending Publication Date: 2021-01-12东南数字经济发展研究院

0 Cites 8 Cited by

Image

Smart Image Click on the blue labels to locate them in the text.

Viewing Examples

Smart Image

Examples

Experimental program

Comparison scheme

Effect test

Embodiment Construction

[0052]The present invention is further described below through specific examples, but the present invention is not limited only to the following examples. Within the scope of the present invention or without departing from the content, spirit and scope of the present invention, changes, combinations or substitutions to the present invention are obvious to those skilled in the art and are included in the scope of the present invention Inside.

[0053] Such as figure 1 As shown, the proposed conditional generative adversarial network consists of three parts: the generator G, the discriminator D, and the target victimization model. Among them, the generator G is a model that needs to be saved after training, and it is also the key of the present invention; the function of the discriminator D is to make the distribution of the constructed adversarial samples and normal samples as similar as possible, if the adversarial samples can fool the discriminator D, then It shows that the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

PUM

Login to View More

Abstract

The invention discloses an adversarial sample attack method for a voice keyword classification network. The adversarial sample attack method comprises the following steps: (1) selecting training dataand a target tag of trained batch sizes according to a training strategy; (2) inputting the data and the tags into a generator G, generating adversarial disturbance, and constructing a corresponding adversarial sample; (3) respectively inputting the generated adversarial samples into a discriminator D and a target victim model to obtain corresponding losses, calculating the corresponding losses, and updating parameters of the network; (4) repeating steps (1) to (4) until a training stop condition is met, and finally obtaining a trained model; and (5) using the model, loading model parameters,and inputting a voice sample and the target tag to quickly generate an adversarial sample. By using the method provided by the invention, the adversarial sample attack based on the voice keyword classification network application in a real-time scene can be realized.

Description

technical field [0001] The invention relates to the technical field of adversarial sample generation based on a conditional generative adversarial network, in particular to an adversarial sample attack method for a voice keyword classification network. Background technique [0002] As the core function of the voice wake-up function, the voice keyword classifier based on deep learning is widely used in smart devices, such as smart phones, smart speakers and smart voice-activated door locks. Since speech keyword classifiers are vulnerable to adversarial sample attacks, this type of application poses a potential security risk. In order to eliminate these security risks, the research on adversarial samples is very necessary. Adversarial examples refer to in-depth learning where subtle and purposeful modifications to the input of the network cause the network to make erroneous outputs, or even the output specified by the attacker. In general, adversarial samples need to meet th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine

Login to View More

Application Information

Patent Timeline

12 Jan 2021

Publication

CN112216273A

IPC: G10L15/06; G06N3/04

CPC: G10L15/063; G06N3/045

Inventors: 董理; 黄其娟