Unlock instant, AI-driven research and patent intelligence for your innovation.

Method for resisting attacks and generating confrontation samples

A technology against samples and samples, applied in the field of artificial intelligence, can solve problems such as misleading the attacked model

Pending Publication Date: 2021-12-21
ALIPAY (HANGZHOU) INFORMATION TECH CO LTD
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Adversarial attack is one of the hot topics in the field of artificial intelligence. Taking machine vision as an example, adversarial attack refers to the task of classifying a photo, adding tiny noise specially made by the attacker, without affecting the correct judgment of humans situation, but it can mislead the attacked model to give an answer that is different or diametrically opposed to the correct result

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for resisting attacks and generating confrontation samples
  • Method for resisting attacks and generating confrontation samples
  • Method for resisting attacks and generating confrontation samples

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] In order to more clearly illustrate the technical solutions of the embodiments of the present specification, the following briefly introduces the drawings that need to be used in the description of the embodiments. Apparently, the accompanying drawings in the following description are only some examples or embodiments of this specification, and those skilled in the art can also apply this specification to other similar scenarios. Unless otherwise apparent from context or otherwise indicated, like reference numerals in the figures represent like structures or operations.

[0020] It should be understood that "system", "device", "unit" and / or "module" as used herein is a method for distinguishing different components, elements, parts, parts or assemblies of different levels. However, the words may be replaced by other expressions if other words can achieve the same purpose.

[0021] As indicated in the specification and claims, the terms "a", "an", "an" and / or "the" are...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the field of artificial intelligence, in particular to a method for resisting attacks and generating confrontation samples. The method for generating the confrontation sample comprises the following steps: based on an initial sample, a label of the initial sample and a to-be-attacked model, carrying out one-round or multi-round iteration to construct the confrontation samples; wherein one round of iteration comprises the following steps: acquiring a to-be-adjusted sample of the current round; when the current round is the first round of iteration, indicating that the to-be-adjusted sample is the initial sample, and otherwise, the to-be-adjusted sample is a confrontation sample of the previous round; processing the to-be-adjusted sample by using a to-be-attacked model to obtain a first output; determining disturbance data based on the difference between the first output and the label and a disturbance coefficient; adding the disturbance data into the to-be-adjusted sample to obtain a confrontation sample of the current round; wherein the disturbance coefficient can be adjusted, so that the difference between the confrontation samples and the initial sample approaches but does not exceed a preset disturbance boundary value.

Description

technical field [0001] This specification relates to the field of artificial intelligence, in particular to a method and system for adversarial attacks and generation of adversarial samples. Background technique [0002] Adversarial attack is one of the hot topics in the field of artificial intelligence. Taking machine vision as an example, adversarial attack refers to the task of classifying a photo, adding tiny noise specially made by the attacker, without affecting the correct judgment of humans However, it will mislead the attacked model to give answers that are different or diametrically opposed to the correct results. In many scenarios that require high reliability, such as autonomous driving systems and biometric authentication, adversarial attacks pose a high threat. [0003] Therefore, a method that can achieve a higher attack success rate is needed to test or optimize the model and enhance its ability to resist adversarial attacks. Contents of the invention [...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06N20/00G06N3/04G06N3/08G06K9/62
CPCG06N20/00G06N3/08G06N3/045G06F18/25
Inventor 范洺源陈岑王力
Owner ALIPAY (HANGZHOU) INFORMATION TECH CO LTD