Unlock instant, AI-driven research and patent intelligence for your innovation.

Adversarial text defense method and system based on attention mechanism

An attention and text technology, applied in the fields of natural language processing and machine learning, can solve the problems of limited effect when confronting attacks, poor generalization performance of defense methods, and attack methods cannot work normally, so as to reduce the degree of attention and generalization performance. Good results

Pending Publication Date: 2022-01-04
ZHEJIANG UNIV BINJIANG RES INST
View PDF1 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For example, spell checking is effective in detecting character-level adversarial attacks, but it is very limited in detecting word-level and sentence-level adversarial attacks. This limitation is caused by the principle of the detection method itself; while adversarial training is It is to participate in the training of the model with adversarial samples and normal samples, and let the model adapt to these adversarial samples. Therefore, the generalization performance of this defense method is poor, and it may not work properly in the face of new attack methods.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial text defense method and system based on attention mechanism
  • Adversarial text defense method and system based on attention mechanism
  • Adversarial text defense method and system based on attention mechanism

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] In conjunction with the accompanying drawings and the following embodiments of the present invention will be further described in detail, it is noted that the following embodiments are intended to facilitate the understanding of the present invention, and its has no defined role.

[0047] The present disclosure provides embodiments of a method of defense against a text based attention mechanism to achieve defense against text by introducing attention mechanisms. First, using the word in the text of the scoring function to calculate the importance score of each word, and taking the reciprocal obtain a reconstructed score vector; then calculate the weight of each hidden layer weight vectors according to the attention of the formula to give attention to weight vector; and finally after reconstruction parameter using ultra score vector multiplication way to balance these two vectors, the corresponding element of the two vectors by multiplying one by one, to obtain the final rec...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an adversarial text defense method and system based on an attention mechanism. The method comprises the following steps: inputting a to-be-recognized text into a natural language processing model which takes encoder-decoder as a basic structure, calculating an importance score of each word in the text through a word score function, and taking reciprocals of the importance scores to construct a reconstruction score vector; calculating a weight of each hidden layer vector according to an attention formula to obtain an attention weight vector; balancing the reconstruction score vector and the attention weight vector by using a mode of multiplying a hyper-parameter by the reconstruction score vector, and multiplying corresponding elements in the reconstruction score vector and the attention weight vector one by one to obtain a final reconstruction attention vector; and multiplying the reconstruction attention vector by a hidden layer feature vector to obtain a reconstruction semantic code, and performing decoding to obtain output. The invention is good in generalization performance, does not need to retrain a model when dealing with a new adversarial attack, and has a certain effect on character-level adversarial attacks and word-level adversarial attacks.

Description

Technical field [0001] The present invention relates to a machine learning, natural language processing, and more particularly, to a method and system for defense against text-based attentional mechanisms. Background technique [0002] With the rapid development of computer technology, the Internet has improved large data and neural network training methods, and artificial intelligence has developed rapidly. Machine learning is how a research in the field of artificial intelligence, or using a computer simulation to achieve scientific study of human activity, is the most intelligent artificial intelligence features, one of the most cutting-edge research. Since the 1980s, machine learning as a way to achieve artificial intelligence, artificial intelligence community has aroused widespread interest, especially in the last decade, research in machine learning has developed rapidly, it has become an important artificial intelligence one of the topics. Machine learning has been applie...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F40/279G06F40/216G06K9/62G06N3/04G06N3/08
CPCG06F40/279G06F40/216G06N3/08G06N3/045G06F18/241
Inventor 韩蒙林昶廷张旭鸿徐晓东纪守领
Owner ZHEJIANG UNIV BINJIANG RES INST
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com