Unlock instant, AI-driven research and patent intelligence for your innovation.

Robustness training defense method based on sensitivity under neural network

A neural network and neural network model technology, applied in neural learning methods, biological neural network models, neural architectures, etc., can solve problems such as confusing neural network methods, achieve high defense capabilities, improve defense capabilities, and ingenious effects.

Pending Publication Date: 2021-06-18
SOUTH CHINA UNIV OF TECH
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Some studies have shown that adding small samples of adversarial noise can confuse neural network methods

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Robustness training defense method based on sensitivity under neural network
  • Robustness training defense method based on sensitivity under neural network
  • Robustness training defense method based on sensitivity under neural network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] The present invention will be further described in detail below in conjunction with the embodiments and the accompanying drawings, but the embodiments of the present invention are not limited thereto.

[0042] like Figure 1 to Figure 2 As shown, the sensitivity-based robustness training defense method under the neural network provided in this embodiment needs to use relevant computers, programming languages ​​and neural network architectures as the objective conditions for the method to operate, which includes the following steps:

[0043] 1) Select the neural network model used for robustness training and its corresponding classification data set and loss function, wherein the classification data set refers to the specific task targeted by the neural network; the model information refers to the selected Specific neural network models for robust training, including but not limited to VGG series, RestNet series, efficientNet series, the selection of classification data ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a robustness training defense method based on sensitivity under a neural network, and the method comprises the steps of: constructing a Gaussian neighborhood around a sample to generate a sensitivity sample, enabling the neural network to pay attention to model classification loss and model sensitivity measurement at the same time, and carrying out the balance of the model classification loss and the model sensitivity measurement through a weighing coefficient. Therefore, the resistance of the neural network model to escape attacks is remarkably improved, a sensitivity sample is constructed around an original sample to combine a classification error and sensitivity measurement of the model as a final error for back propagation, and the model not only pays attention to the classification error, but also pays attention to the sensitivity of the model. The sensitivity training enables the model to obtain a more reliable decision boundary, and the decision boundary after the sensitivity training is farther from a sample, so that the attack cost of an attacker is increased, and the defense capability of the model is effectively improved.

Description

technical field [0001] The invention relates to the technical field of neural network model security, in particular to a sensitivity-based robustness training defense method under a neural network. Background technique [0002] Due to its powerful learning ability, neural network models have achieved excellent results in many applications, such as computer vision, natural language processing, and control. However, many studies have shown that neural network approaches are vulnerable in adversarial settings. In an adversarial environment, the attacker deliberately creates samples to mislead the target system's decision-making. Like other machine learning methods, neural network methods also assume that the training and test sets follow the same (or similar) distribution. Since this assumption is broken by adversarial attacks, the performance of neural network methods can be greatly degraded. Some studies have shown that adding small samples of adversarial noise can confuse...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06N3/08G06N3/04G06F21/54
CPCG06N3/084G06F21/54G06N3/045
Inventor 陈百基李伟
Owner SOUTH CHINA UNIV OF TECH