Unlock instant, AI-driven research and patent intelligence for your innovation.

Adversarial sample detection method based on deep learning model neural pathway activation features

An adversarial sample, deep learning technology, applied in neural learning methods, biological neural network models, character and pattern recognition, etc., can solve problems such as research on neuron activation transmission without model layer

Pending Publication Date: 2021-09-14
ZHEJIANG UNIV OF TECH
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] For the detection of adversarial samples, at present, the size of the neuron activation value and the neuron coverage rate under a fixed neuron activation threshold have been detected, and through quantitative analysis, the detection of adversarial samples and the protection of the deep learning model have been achieved. purpose, but no further studies have been conducted on the transmission of neuron activations between model layers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial sample detection method based on deep learning model neural pathway activation features
  • Adversarial sample detection method based on deep learning model neural pathway activation features
  • Adversarial sample detection method based on deep learning model neural pathway activation features

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be noted that the following embodiments are intended to facilitate the understanding of the present invention, but do not limit it in any way.

[0034] refer to figure 1 , figure 2 and image 3 , the present invention proposes an adversarial sample detection method based on neural pathway activation features of a deep learning model, the steps are as follows:

[0035] 1) Data processing

[0036] In the present invention, image data sets are used for performance verification, including small data sets MNIST data set and CIFAR-10 data set, and large data sets use ImageNet data set. The specific introduction of the data set: the training set of the MNIST data set has a total of ten categories, 6000 samples in each category, ten categories in the training set, 1000 samples in each category, the pixel of each sample is 28×28, and each sam...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an adversarial sample detection method based on neural pathway activation features of a deep learning model. The method comprises the following steps: (1) acquiring an image data set; (2) constructing a detection model based on a deep learning network and performing training; (3) representing the maximum k neurons of a given input sample in the ith layer by Top-k (x, i), and defining a Top-k neural pathway for a set of the k neurons with the maximum activation value in each layer; (4) randomly selecting k samples in the test set of each category of the image data set, inputting the k samples into the trained detection model, and sequentially connecting Top-k neurons of each layer as a neural pathway of the sample in the model; (5) counting neural pathways of a large number of benign samples as comparison pathways of the neural pathways of the adversarial samples; and (6) inputting a to-be-tested sample, and if the generated neural pathway does not meet the benign sample pathway range, determining that the to-be-tested sample is an attack sample. According to the invention, the purpose of confrontation sample detection and rejection is achieved, and the detection rate is high.

Description

technical field [0001] The invention belongs to the field of artificial intelligence security, and in particular relates to an adversarial sample detection method based on neural pathway activation characteristics of a deep learning model. Background technique [0002] Deep neural network (DNN) is a machine learning technology, which is the key to the rapid development of artificial intelligence technology. With its powerful feature extraction ability, deep neural network has been widely used. In recent years, DNNs have achieved great success in various generative and discriminative learning tasks in fields including image processing, speech recognition, natural language processing, drug discovery, and biogenetic science. [0003] We have seen widespread applications of DNNs in many safety-critical scenarios. However, numerous studies have shown that state-of-the-art deep learning systems have various vulnerabilities that can lead to severe consequences when applied to prac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06K9/62G06N3/08
CPCG06N3/08G06F18/2415G06F18/214
Inventor 陈晋音吴长安金海波
Owner ZHEJIANG UNIV OF TECH
PatSnap Eureka logo

PatSnap Eureka turns technology decisions into work you can execute. Powered by our Innovation Knowledge Graph, it runs expert workflows across engineering, life sciences, materials and intellectual property. Get your review-ready output in minutes.

X (Twitter)LinkedInYouTubeSubstack

© 2026 PatSnap. All rights reserved. 

Terms of Service

 | 

Privacy policy

 | 

Modern Slavery Act Transparency Statement