Adam algorithm-based adversarial sample generation method and system

A technology against samples and algorithms, applied in neural learning methods, calculations, computer components, etc., can solve unrealistic problems, achieve the effects of ensuring accuracy and efficiency, improving migration, and improving generation quality

Pending Publication Date: 2021-11-02
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF2 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The first two black-box attack methods require a large number of queries to the model, which is impractical for large-scale datasets like ImageNet

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adam algorithm-based adversarial sample generation method and system
  • Adam algorithm-based adversarial sample generation method and system
  • Adam algorithm-based adversarial sample generation method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] In order to make the purpose, technical solution and advantages of the present invention more clear and understandable, the present invention will be further described in detail below in conjunction with the accompanying drawings and technical solutions.

[0028] The convolutional neural network has reached a level beyond human beings in image recognition tasks, but it is still vulnerable to the attack of adversarial samples. Since adversarial samples are noise invisible to human vision added on the basis of the original image, its existence will give Deep learning systems pose potential security threats. Adversarial examples with strong attack performance can also be used as an important tool to evaluate the robustness of models. However, in the case of black boxes, the attack success rate of adversarial samples needs to be improved. An embodiment of the present invention provides a method for generating an adversarial example based on the Adam algorithm, see figure ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of computer vision image recognition, and particularly relates to an adversarial sample generation method and system based on an Adam algorithm. Sample data used for vision image classification recognition are collected, and the sample data comprise an input image and label data corresponding to the input image; a neural network model used for adversarial sample generation is constructed; and, for sample data, adversarial disturbance between an input image in the sample data and a generated adversarial sample is limited by using an infinite norm, a neural network model loss function is optimized, an optimization model is iteratively solved by using an Adam algorithm, and the adversarial samples are generated by maximizing the target loss function of the model using the attenuation step size in the iterative solution of the adversarial samples. The migration of the adversarial samples between the models is increased by using the attenuation step length, so that the adversarial samples with relatively high quality are obtained, the robustness of the deep learning classification model is improved, and the quality and efficiency of visual image classification and recognition can be effectively guaranteed.

Description

technical field [0001] The invention belongs to the technical field of computer vision image recognition, in particular to a method and system for generating an adversarial sample based on an Adam algorithm. Background technique [0002] In the field of image recognition, convolutional neural networks are able to classify images with human accuracy, however, researchers have found that neural networks are vulnerable to attack. In existing research, by adding a small amount of perturbation, the neural network model can give a wrong output with high confidence, and the perturbed image is an adversarial example. Usually, the adversarial perturbation is invisible to the naked eye, that is, there is no obvious difference between the adversarial sample and the original sample in the perception of the human eye. According to the degree of understanding of the model, adversarial attacks can be divided into white-box attacks and black-box attacks. Given the model structure and para...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/04G06N3/08
CPCG06N3/08G06N3/045G06F18/24
Inventor 张恒巍尹衡刘小虎张玉臣王衡军王晋东谭晶磊
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap