Digital image confrontation sample defense method based on truncated singular values and pixel interpolation

A pixel interpolation, adversarial sample technology, applied in the field of computer science, can solve problems such as deep learning error determination

Pending Publication Date: 2021-01-29
BEIHANG UNIV
View PDF7 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In order to solve the above-mentioned problems, the present invention conducts in-depth research on the adversarial perturbation problem faced by the deep learning model. The digital image adversarial example defense method, which is based on the singular value decomposition of the pixel matrix

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Digital image confrontation sample defense method based on truncated singular values and pixel interpolation
  • Digital image confrontation sample defense method based on truncated singular values and pixel interpolation
  • Digital image confrontation sample defense method based on truncated singular values and pixel interpolation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] In order to make the purpose of the present invention, technical scheme and advantage expression more clearly, below in conjunction with accompanying drawing ( Figure 1-Figure 6 ) and specific implementation steps describe the present invention in detail, but not as a limitation of the present invention.

[0046] The digital image adversarial sample defense method based on truncated singular value and pixel interpolation proposed by the present invention is based on matrix singular value and pixel interpolation processing in matrix theory. The singular value of a certain threshold is discarded at the same time as the singular value smaller than the threshold, so as to retain as much important information in the image as possible. We also consider increasing the robustness and unpredictability of the defensive model, i.e. adding a step of pixel interpolation to defend against black-box attacks. Finally, after the gradient retains the singular value and performs pixel i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Research on resistance machine learning shows that a deep learning architecture is easily attacked by an adversarial sample. The carefully designed small disturbance can cause wrong classification ofnormal images by the neural network, but cannot cause recognition errors to a human vision system. The invention provides a digital image adversarial sample defense method based on truncated singularvalues and pixel interpolation, and the method is based on pixel matrix analysis and image pixel interpolation processing, so as to achieve the purpose of restoring the normal recognition of an imagein a deep learning model. Under the condition of ensuring that normal pictures are not mistakenly classified by the deep learning model due to the operation, countermeasure attacks can be effectivelydefended. According to the method, matrix analysis and singular value decomposition are effectively utilized, an optimal approximation image highly similar to an adversarial sample is reconstructed byreserving a large singular value, and the reconstructed image can be correctly recognized by a deep learning model after pixel interpolation processing. In addition, the unpredictability of the defense model can be improved through pixel interpolation, and therefore the purpose of defending against black box attacks is achieved.

Description

technical field [0001] The invention belongs to the technical field of computer science, and in particular relates to a digital image defense method against samples based on truncated singular values ​​and pixel interpolation. Background technique [0002] Deep learning is at the heart of the current rise of artificial intelligence. In the field of computer vision, deep learning has become the focus of attention. In a challenging large-scale visual recognition task in 2012, Krizhevsky et al. Excellent performance of the Convolutional Neural Network (CNN) model. Thanks to this seminal work, deep learning owes its popularity to a workhorse in applications ranging from self-driving cars to surveillance and security. Although deep neural networks have shown excellent performance in solving complex problems, and have saved a lot of manpower in many fields, they can also achieve higher budget and processing power than manpower. With the rise of technologies such as facial recog...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06K9/62G06T3/40
CPCG06T3/4007G06T3/4023G06F18/213G06F18/241
Inventor 肖利民吴非杨文雪朱金彬
Owner BEIHANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap