Method for training privacy protection model and privacy protection method and device

A privacy protection and model technology, applied in the field of training privacy protection models, can solve problems such as no defense methods

Pending Publication Date: 2021-03-12
ALIPAY (HANGZHOU) INFORMATION TECH CO LTD
View PDF0 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The second type of attack has no effective defense method yet

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for training privacy protection model and privacy protection method and device
  • Method for training privacy protection model and privacy protection method and device
  • Method for training privacy protection model and privacy protection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0074] The solution provided by the present invention will be described below in conjunction with the accompanying drawings.

[0075] As mentioned earlier, by accessing the artificial intelligence system multiple times to obtain a large amount of "input-output" data, and then using the input-output pair for model training to obtain a substitute model, it is possible to obtain a substitute model without knowing the structure and weight of the target model. Obtain an alternative model with similar performance to the target model to achieve the purpose of cracking the model.

[0076] Considering the above problems, in the embodiments of this specification, a method for training a privacy-preserving model, a privacy-preserving method and a device thereof are proposed. The method and the device thereof can protect the privacy of the deep learning model whose output result is an image. The basic idea is to superimpose "toxin" on the output image of the original model by training a ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Embodiments of the invention provide a privacy protection model training method, a privacy protection method and a privacy protection device. The privacy protection model is used for providing model privacy protection for a pre-trained deep learning model, an output result of the deep learning model is an image, and the training method comprises the steps of obtaining first data, and a first imagegenerated by the deep learning model for the first data; inputting the first image into the privacy protection model to generate a second image; determining an image difference loss based on the first image and the second image; inputting the first data into a substitution model for simulating a deep learning model, determining a first gradient by taking the first image as a label, and determining a second gradient by taking the second image as a label; determining gradient difference loss according to the first gradient and the second gradient; and updating the privacy protection model by taking image difference loss tending to be reduced and gradient difference loss tending to be increased as targets.

Description

technical field [0001] One or more embodiments of this specification relate to the fields of machine learning and data security, and in particular, to a method for training a privacy protection model, a privacy protection method, and a device. Background technique [0002] In recent years, artificial intelligence systems have developed rapidly and quickly entered people's production and life. At the same time, the security of artificial intelligence systems has also received unprecedented attention. The core of the artificial intelligence system is the deep learning model, so the privacy and security of the deep learning model determines the privacy and security level of the entire artificial intelligence system. Therefore, how to prevent the model from being stolen - model privacy protection has become a hot topic in recent years. [0003] The methods of stealing models can be roughly divided into two categories. The first category starts with analyzing the code of the art...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/62G06K9/62G06N3/04G06N3/08
CPCG06F21/6245G06N3/084G06N3/045G06F18/214
Inventor 曹佳炯丁菁汀
Owner ALIPAY (HANGZHOU) INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap