Adversarial sample defense algorithm based on local disturbance

A technology against samples and local perturbations, applied in neural learning methods, biological neural network models, semantic analysis, etc., can solve problems such as migration of offensive and defensive algorithms to the text field

Pending Publication Date: 2021-03-19
成都易书桥科技有限公司
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the significant difference between text and image data, it is difficult for existing

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial sample defense algorithm based on local disturbance
  • Adversarial sample defense algorithm based on local disturbance
  • Adversarial sample defense algorithm based on local disturbance

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] The present invention will be further described below in conjunction with the accompanying drawings. It should be noted here that the descriptions of these embodiments are only used to help understanding of the present invention, and are not intended to limit the present invention.

[0019] Such as figure 1 The algorithm is mainly divided into two important parts: cold start algorithm and local confrontation training.

[0020] The local perturbation adversarial training method is divided into the following stages:

[0021] 1. Adversarial training method

[0022] figure 2 Demonstrated a basic process of adversarial training, where the solid line part is a common step in conventional model training. For any model f(x), the purpose of training is to gradually confirm the value of θ in the model through sample x and label y . Each batch of training corpus x is put into the initialization model, and the loss value is obtained by comparing the model output value with th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an adversarial sample defense method DATLP based on local disturbance. The algorithm belongs to the type of adversarial training and is used for improving the robustness of themodel to resist attacks of adversarial texts and maintaining credible processing of a text classification model. The algorithm provides improvement and training skills based on adversarial training,and is used for further improving the effect of adversarial training. The method is mainly summarized as follows: global disturbance of a previous adversarial training method is changed into local disturbance, and definition of local region disturbance is to shield vocabularies with obvious classification tendency in training data. The DATLP enables the model to learn more information from the overall semantics of the text, and prevents some vocabularies from playing an overweight role in model training so as not to generate negative effects on the performance of the model.

Description

technical field [0001] The invention belongs to the field of natural language processing, and relates to a defense algorithm in the face of a text-type adversarial sample attack. The algorithm improves the adversarial training method, changes from global disturbance to targeted local disturbance, and uses the adversarial sample to determine the local area. Improve the ability of the model to deal with adversarial examples. Background technique [0002] Since the concept of Artificial Intelligence (AI) was proposed, researchers have been exploring its theoretical basis and its application in transportation, medical care, education, etc., while Machine Learning (ML) and Deep Learning (Deep Learning) , DL) is the most important AI technology today. Among them, the research of Deep Neural Network (DNN) in DL has developed rapidly in recent years, and has achieved excellent results in many fields, such as automatic driving, face recognition, text tasks, smart buildings and so on...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F40/30G06N3/08
CPCG06N3/084G06F40/30
Inventor 陈彦如石静牟志王浩魏亮雄邹可欣张媛媛梁刚许春张磊陈良银
Owner 成都易书桥科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap