Check patentability & draft patents in minutes with Patsnap Eureka AI!

Adversarial sample generation method for limiting disturbance noise by using mask

A technology against samples and noise, applied in neural learning methods, computing models, biological neural network models, etc., can solve problems such as abnormal input images, and achieve strong anti-aggression and undetectable effects

Pending Publication Date: 2021-10-01
ARMY ENG UNIV OF PLA
View PDF2 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The adversarial examples generated by existing methods usually add perturbation noise to the full image of clean samples. These noises are usually not noticeable, but people will still notice the perturbation noise on the image, especially for images with simple backgrounds or in order to implement stronger The attack requires a large amount of disturbance against the image, the noise is more obvious, and it is easy to find the abnormality of the input image

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial sample generation method for limiting disturbance noise by using mask
  • Adversarial sample generation method for limiting disturbance noise by using mask
  • Adversarial sample generation method for limiting disturbance noise by using mask

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0019] 1. Summary of the inventive method

[0020] The existing methods to generate adversarial samples basically add noise to the whole image, while ignoring the content structure of the image itself, such as figure 1 are the adversarial samples and their noise generated by existing methods. They are obtained by attacking the Inception-v3 model with the multiple-input method (DIM). As can be seen from the figure, the disturbance noise spreads all over the picture, including the background area with almost no semantic content. Human vision has different perceptions of noise for the same amount of disturbance in different areas, and the noise in areas with rich image details and colors is not easy to detect, while for such as figure 1 In the background area with simple colors shown, the disturbance noise generated is easy to be found.

[0021] Studies ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an adversarial sample generation method for limiting disturbance noise by using a mask, and relates to the field of adversarial machine learning. According to the method, the noise in the confrontation image background is removed, the noise is limited in the image saliency target area, and the obtained confrontation sample can still effectively attack the depth model. An image saliency map obtained by a saliency target detection technology is converted into a binary mask to obtain a saliency target or region of the image, a region in a boundary of the binary mask is a saliency target region, and a region outside the boundary is an image background. And the binary mask is multiplied by the adversarial disturbance noise so as to limit the added disturbance noise in the saliency target area. According to the method, the noise is limited in the salient target area, the generated adversarial sample not only is more difficult to perceive, but also has the capability of effectively attacking the deep neural network, and has universality, that is, the method can be combined with any existing adversarial sample generation method, and the attack concealment of the adversarial sample is enhanced.

Description

technical field [0001] The invention relates to the field of adversarial machine learning, and studies a method for limiting the noise of image adversarial samples, so that the noise is less likely to be detected by human eyes while maintaining the adversarial attack, and the concealment of the adversarial sample attack is enhanced. Background technique [0002] Studies have shown that deep neural networks are easily misled by adversarial samples to obtain wrong prediction results. Adversarial samples refer to samples that add imperceptible adversarial noise to input samples, which can make the deep neural network model misjudge. The adversarial samples generated by existing methods usually add perturbation noise to the whole image of clean samples. These noises are usually not noticeable, but people will still notice the perturbation noise on the image, especially for images with simple backgrounds or in order to implement stronger Attacking the adversarial image that requi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06T7/00G06T7/11G06T3/00G06N3/04G06N3/08G06N20/00
CPCG06T7/0002G06T7/11G06N3/08G06N20/00G06T2207/20081G06T2207/20084G06T2207/20104G06N3/045G06T3/04
Inventor 段晔鑫潘志松邹军华周星宇贺正芸崔廷玉陶蔚
Owner ARMY ENG UNIV OF PLA
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com