Deep learning image adversarial sample defense method and device, equipment and storage medium
A deep learning and anti-sample technology, applied in the field of artificial intelligence, can solve problems such as adversarial sample attacks, negative impacts on reliability and security, and misleading image classification models, so as to improve model accuracy, improve defense effects, and increase diversity. Effect
Pending Publication Date: 2021-04-13
厦门易仕特仪器有限公司
View PDF0 Cites 2 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, deep learning models also face severe security issues, especially vulnerable to adversarial examples
Adversarial examples are a type of malicious images formed by artificially adding slight perturbations to normal images, which can mislead image classification models based on neural networks, causing the neural network to completely change its classification of images, and then be exploited by attackers. This will have a great negative impact on the reliability and security of the system
These adversarial examples are only slightly perturbed, so that the human visual system cannot detect this perturbation
Especially in the field of person re-identification, it is quite important to check its adversarial defense capabilities, because the insecurity of person re-identification models may cause serious losses, for example, criminals may use adversarial jamming to fool surveillance systems
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0048] Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many forms and should not be construed as limited to the examples set forth herein;
[0049] These embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided in order to give a thorough understanding of embodiments of the invention. However, those skilled in the art will appreciate that the technical solution of the present invention may be practiced without one or more of the specific details, or other methods, components, devices, steps, etc. may be adopted. In other instances, well-known technical solutions have not been shown...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention provides a deep learning image confrontation sample defense method, device and equipment and a readable storage medium. The method comprises the following steps of acquiring a deep learning model and an image training data set with a plurality of original images; randomly dividing the image training data set into a plurality of batches to obtain a plurality of small-batch samples, and performing random image transformation processing on part of the small-batch samples according to a random probability; training the deep learning model by using each small-batch sample until all the small-batch samples complete the training of the deep learning model; and repeating the training till the deep learning model completes the training. According to the defense method provided by the invention, rich difference changes can be brought to the input data through fusion and mixing of homogeneous images in different modes, so the confrontation space of the data set found by the attack method is difficult to align with the changes, equivalently, the original confrontation space is disturbed, and thus a relatively good defense effect is generated.
Description
technical field [0001] The present invention relates to the technical field of artificial intelligence, in particular to a deep learning image defense method, device, equipment and storage medium. Background technique [0002] With the rapid advancement of computer technology, deep learning has developed explosively. Especially in the field of computer vision, deep learning has been widely studied and has been fully applied in many fields such as pedestrian re-identification and traffic monitoring. However, deep learning models also face severe security issues, especially vulnerable to adversarial examples. Adversarial examples are a type of malicious images formed by artificially adding slight perturbations to normal images, which can mislead image classification models based on neural networks, causing the neural network to completely change its classification of images, and then be exploited by attackers. This will have a great negative impact on the reliability and secu...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/04G06N3/08
CPCG06N3/08G06N3/045G06F18/214
Inventor 龚云鹏
Owner 厦门易仕特仪器有限公司