Method and device for protecting safety of neural network model

A neural network model and network model technology, applied in biological neural network models, neural learning methods, neural architectures, etc., can solve problems such as attackers or gray production attacks, stealing model sensitive information, etc., to reduce resource consumption and ensure normal operation Effects on operational performance and efficiency
CN112948836AActive Publication Date: 2021-06-11ALIPAY (HANGZHOU) INFORMATION TECH CO LTD
9 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN ยท China
Patent Type
Applications(China)
Current Assignee / Owner
ALIPAY (HANGZHOU) INFORMATION TECH CO LTD
Publication Date
2021-06-11

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The embodiment of the invention provides a method for protecting the safety of a neural network model, and the method comprises the steps: obtaining a neural network model which comprises a plurality of network layers obtained through training of training data; for any first network layer, under the condition that parameters of other network layers are fixed, performing first parameter adjustment on the first network layer by using the training data to obtain a first fine adjustment model; determining a first index value of a preset performance index corresponding to the first fine tuning model, wherein the index value of the preset performance index depends on the relative size of the corresponding model, the test loss on the test data and the training loss on the training data; similarly, performing second parameter adjustment on the first network layer by using the training data and the test data to obtain a second fine adjustment model, and determining a second index value; and based on the relative size of the first index value and the second index value, determining the information sensitivity corresponding to the first network layer, and when the information sensitivity is greater than a predetermined threshold, performing security processing on the first network layer.
Need to check novelty before this filing date? Find Prior Art

Description

[0001] This application is a divisional application, which is based on the patent application filed on November 16, 2020, entitled "Method and Device for Protecting Neural Network Model Security", and the application number is: 202011280172.0. technical field

[0002] The embodiment of this specification relates to the field of data security technology, and in particular to a method and device for protecting the security of a neural network model. Background technique

[0003] At present, it is a classic practice in the industry to use a large amount of data to train a neural network so that the neural network has a good prediction effect. The neural network memorizes the characteristics of the data to give accurate predictions when making predictions. However, when the training data is sensitive or private data such as user personal information, the trained neural network carries a large amount of sensitive and private information. If the model is directly exposed, it is ea...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More