Intelligent model information leakage degree evaluation method and system, medium and equipment

An information leakage and degree of technology, applied in the field of network security, can solve the problems of limited attack types, model construction equivalent proxy models, and few models, and achieve the effect of rapid feedback and high evaluation accuracy

Active Publication Date: 2021-01-26
XIDIAN UNIV
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006](1) Existing methods are difficult to construct equivalent proxy models for more complex models, the scope of application is small, and it is necessary to ensure that the attack distribution and the proxy model training data set remain the same distribution, higher requirements
[0007](2) Existing methods can be applied to very few models (currently only applied to DNN models), and the types of attacks that can be detected are also limited. At the same time, the degree of leakage The description is not accurate and timely enough, which is not conducive to promotion in actual use
[0008]The difficulty in solving the above problems and defects is: most of the current detection schemes rely on the proxy model or distribution, and do not directly solve the problem from the model, and the detection results cannot accurately reflect the The degree of information leakage of the model cannot accurately judge the attack and help the model to defend
At the same time, the structural complexity and inexplicability of the intelligent model make it difficult to directly understand its decision logic, judgment basis and method, which makes it impossible to fundamentally design and implement the construction of the detection scheme, further increasing the information leakage of the intelligent model Difficulty of detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intelligent model information leakage degree evaluation method and system, medium and equipment
  • Intelligent model information leakage degree evaluation method and system, medium and equipment
  • Intelligent model information leakage degree evaluation method and system, medium and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0066] In order to make the object, technical solution and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0067] Aiming at the problems existing in the prior art, the present invention provides a method, system, medium, and equipment for assessing the degree of information leakage of an intelligent model. The present invention will be described in detail below in conjunction with the accompanying drawings.

[0068] Such as figure 1 As shown, the intelligent model information leakage degree evaluation method provided by the present invention includes the following steps:

[0069] S101: Define an indicator representing the amount of information contained in a specific data set;

[0070] S102: Use the chain rule in information t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of network security, and discloses an intelligent model information leakage degree evaluation method and system, a medium and equipment, and the method comprises the steps: defining an index representing the amount of information contained in a specific data set; utilizing a chain rule in an information theory to unfold the indexes and then calculate the indexes; defining an attack query and a model reply received by splicing query vectors; adding the vector to a query matrix; calculating the amount of information stolen from the training data set by single query; and calculating model information leakage degree. The invention designs the calculation method for evaluating the information amount leakage degree of the model, and the information leakage degree when the current model is attacked can be accurately calculated in real time. And meanwhile, the method can also be used for evaluating the common information amount between two types ofdata sets. According to the method, the index for evaluating the information amount leakage degree of the model is defined, the index is not influenced by the type, complexity and information leakagemode of the model to be evaluated, and the method can be applied to all intelligent models and data sets.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a method, system, medium and equipment for evaluating the degree of information leakage of an intelligent model. Background technique [0002] At present: in the information age, the amount of data is growing exponentially. The rapid development of big data technology has brought great progress and wide application to artificial intelligence technology. A large number of intelligent models have been applied to natural language processing, image recognition, recommendation systems and other fields. While bringing convenience to these production areas, it also magnifies the safety problems of the model itself. A large number of attacks against the model, such as model extraction attacks, poisoning attacks, inference attacks, etc., not only damage the model, but also cause serious model information leakage. Attackers usually use the leaked information to steal t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F21/62G06K9/62G06F17/16
CPCG06F21/6227G06F21/6245G06F21/55G06F17/16G06F18/214
Inventor 李晖王瑞李效光闫皓楠王靖仁萧明炽赵兴文李凤华
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products