Unlock instant, AI-driven research and patent intelligence for your innovation.

Adversarial sample generation method and device based on surrogate model

A technology against samples and proxy models, applied in the field of neural networks, can solve problems such as vulnerability to attacks, and achieve strong migration performance and improved migration performance.

Active Publication Date: 2021-04-16
BEIJING REALAI TECH CO LTD
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, for some deep neural network models that can achieve a high accuracy recognition rate, they are also vulnerable to attacks in an adversarial environment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial sample generation method and device based on surrogate model
  • Adversarial sample generation method and device based on surrogate model
  • Adversarial sample generation method and device based on surrogate model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0065] The principle and spirit of the present invention will be described below with reference to several exemplary embodiments. It should be understood that these embodiments are given only to enable those skilled in the art to better understand and implement the present invention, rather than to limit the scope of the present invention in any way. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.

[0066] Those skilled in the art know that the embodiments of the present invention can be implemented as a system, device, device, method or computer program product. Therefore, the present disclosure may be specifically implemented in the form of complete hardware, complete software (including firmware, resident software, microcode, etc.), or a combination of hardware and software.

[0067] According to an embodiment of the present invention, a method, devi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method and device for generating an adversarial sample based on a proxy model. The method includes: providing a proxy model, original samples, and an iterative-based adversarial sample generation algorithm; iteratively generating adversarial samples based on the proxy model, original samples, and the adversarial sample generation algorithm until a preset termination condition is reached; in each iteration round : Obtain the loss result of the proxy model and the weight of each parameter itself when the adversarial sample is generated in the last round of iteration; calculate the gradient of each parameter itself based on the loss result of the proxy model and the weight of the parameter itself; The gradient of the parameter is used as the importance score of the corresponding parameter; some parameters of the proxy model are cut out according to the preset rules and the importance scores of each parameter of the proxy model; and the proxy model is updated according to the parameters retained after part of the parameters are cut off ; The adversarial example generated when the preset termination condition is reached is used as the final adversarial example.

Description

technical field [0001] Embodiments of the present invention relate to the technical field of neural networks, and more specifically, embodiments of the present invention relate to a method and device for generating an adversarial example based on a proxy model. Background technique [0002] This section is intended to provide a background or context for implementations of the invention that are recited in the claims. The descriptions herein are not admitted to be prior art by inclusion in this section. [0003] As an important task in computer vision, image recognition has also achieved tremendous development driven by deep neural networks. And image recognition systems have many applications in real-life scenarios such as finance / payment, public transportation, and criminal identification. Although image recognition systems have achieved great success and practical applications, these systems cannot fully ensure sufficient security. [0004] In recent years, deep learnin...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06N3/04G06N3/08G06K9/62
CPCG06N3/082G06N3/045G06F18/241
Inventor 萧子豪田天
Owner BEIJING REALAI TECH CO LTD