Deep learning system robustness enhancement method and device based on particle swarm optimization

A technology of system robustness and particle swarm algorithm, applied in the field of deep learning security, can solve problems such as expensive formal verification technology and limited improvement of deep learning model robustness

Pending Publication Date: 2021-09-10
ZHEJIANG UNIV OF TECH
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, formal verification techniques are usually expensive and only applicable to limited model structures and properties
[0006] System testing aims to generate test samples that can expose the vulnerabilities of deep learning models, and then, the test samples can improve the robustness of the model by retraining the model; The test sample is not directly related to the robustness of the model, which will limit the robustness improvement of the retrained deep learning model

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Deep learning system robustness enhancement method and device based on particle swarm optimization
  • Deep learning system robustness enhancement method and device based on particle swarm optimization
  • Deep learning system robustness enhancement method and device based on particle swarm optimization

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0062] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.

[0063] The robustness enhancement method of the deep learning system based on the particle swarm optimization algorithm establishes a relationship between the first-order loss function and the robustness of the model, and uses the particle swarm optimization algorithm to find the particle with the largest fitness function to generate a test sample, and compares the sample with the real The class labels together re-update the model parameters for the poisoning model. By measuring the sensitivity of the robustly enhanced defense model to adversarial samples, it is judged whether the model ideally repairs potential defects and realizes a self-defense mechanism.

[0064] figure 1 The block diagram of the method for enhancing the robustness of the deep learning system based on the particle swarm optimization algorithm provided in this embodiment, t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a deep learning system robustness enhancement method and device based on a particle swarm algorithm. The method comprises the following steps: acquiring an image data set and sorting and classifying the image data set into a training set and a test set; performing adversarial attack pre-training on a clean deep learning model by using the training set; constructing a robust evaluation index to evaluate the trained deep learning model; constructing zero-order and first-order loss function measurement for evaluating the relationship between the test set and the trained deep learning model; taking the first-order robustness measurement index as an optimization objective function, collecting a part of benign images from the test set as initial particles, initializing the positions and speeds of the particles, taking the optimization objective function as a maximum target, and carrying out iterative updating on the positions and speeds of the initial particles by adopting a particle swarm optimization algorithm to generate a test sample; retraining the deep learning model by using the generated test sample and the test data set to obtain a robust defense model; and evaluating the attack sensitivity of the model after defense.

Description

technical field [0001] The invention relates to the field of deep learning security, in particular to a method and device for enhancing the robustness of a deep learning system based on a particle swarm algorithm. Background technique [0002] With the rapid development of deep learning, deep learning is the core driving force behind the unprecedented breakthroughs in many real-world problems. [0003] Although deep learning has made great progress, deep learning systems are vulnerable to adversarial attacks. The adversarial examples of adversarial attacks are slightly perturbed on the basis of the original samples, which are slightly different from the normal input of human observers. , but it is easy to trick a deep learning system into making wrong decisions. The existence of adversarial attacks not only damages the reliability and robustness of deep learning systems, but also leads to security problems in countless deep learning systems in applications such as face reco...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/00G06N3/04G06N3/08
CPCG06N3/006G06N3/08G06N3/045G06F18/24G06F18/214
Inventor 陈晋音金海波陈若曦
Owner ZHEJIANG UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap