Alternative model automatic selection method, storage medium and terminal for black-box attack

An alternative model and black box technology, applied in the field of deep learning, can solve the problems of unfavorable neural network models, low attack success rate of attack samples, etc., and achieve the effect of high attack success rate and excellent alternative performance.

Active Publication Date: 2022-08-05
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to overcome the low attack success rate of the attack samples generated by the alternative model selected in the prior art, which is not conducive to the development of the current neural network model security research work, and provides an automatic selection of alternative models for black-box attacks Method, storage medium and terminal

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Alternative model automatic selection method, storage medium and terminal for black-box attack
  • Alternative model automatic selection method, storage medium and terminal for black-box attack
  • Alternative model automatic selection method, storage medium and terminal for black-box attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] The technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are part of the embodiments of the present invention, but not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

[0043] In the description of the present invention, it should be noted that "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc. The indicated direction or positional relationship is based on the direction or positional relationship described in the drawings, which is only for the convenience of describing the present invention and simplifying the description, rather than indicating or implying that the indicated device or element must have a specific orientation ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method, a storage medium and a terminal for automatically selecting an alternative model for black-box attack, belonging to the technical field of deep learning. The method includes: selecting an alternative model in a neural network model according to original sample attribute information, and / or, according to Attack Feedback Updates currently use alternative models. The present invention selects an alternative model with a high degree of matching with the current black-box model according to the original sample attribute information that is related to the complexity of the black-box model, and / or updates the currently used alternative model through attack feedback information, so as to ensure that after the selection or update The surrogate model can exert excellent surrogate performance, and the generated adversarial samples have a high attack success rate in black-box attacks, which is conducive to promoting the current research on neural network model security.

Description

technical field [0001] The present invention relates to the technical field of deep learning, and in particular, to a method, a storage medium and a terminal for automatic selection of an alternative model for black-box attacks. Background technique [0002] In recent years, deep learning models have been widely used in various fields. Although the accuracy of the model is getting higher and higher, it is also more vulnerable to malicious attacks. Among them, adversarial attacks are the most common attack methods. By adding human eyes to the original samples Imperceptible small perturbations can cause the target model to output incorrect predictions or even predictions expected by the attacker. Since the existing technology proposed that adding tiny perturbations to the input data can affect the model classification results, many scholars have joined the research on model adversarial attacks, and many attack algorithms have also been born. [0003] Through the research on a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56G06K9/62G06N3/04G06N3/08
CPCG06F21/566G06N3/04G06N3/08G06F18/285G06F18/2431
Inventor 刘晓磊李晓瑜郑德生彭宇白佳雨
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap