Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Black box image adversarial sample generation method with visual perception concealment

An adversarial sample, visual perception technology, applied in image enhancement, image analysis, image data processing and other directions, can solve the problems of poor concealment, low visual perception similarity, disturbed pixels can not represent concealment effect, etc., to achieve good concealment. Effect

Pending Publication Date: 2022-01-14
BEIJING INST OF COMP TECH & APPL
View PDF14 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the shortcomings of this method are: it belongs to the white-box adversarial sample generation method, and the calculation of the gradient needs to obtain the parameter information of the target model or the neural network structure
However, the disadvantage of this method is that the number of perturbed pixels cannot represent the concealment effect of visual perception, so the generated adversarial samples have low visual similarity with the original image, and the concealment is poor.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Black box image adversarial sample generation method with visual perception concealment
  • Black box image adversarial sample generation method with visual perception concealment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] In order to make the purpose, content, and advantages of the present invention clearer, the specific implementation manners of the present invention will be described in further detail below in conjunction with the accompanying drawings and examples.

[0049] The present invention studies the image recognition system and provides a black-box image adversarial sample generation method with visual perception concealment. Compared with other black-box image adversarial sample generation methods, the present invention can hardly distinguish the adversarial samples in visual perception In the case of the original image, launch a black-box adversarial attack on the image recognition model.

[0050] The following will be combined with figure 1 and specific embodiments to further introduce the method of the present invention:

[0051] Step 1, initialize genetic algorithm parameters and adversarial sample set.

[0052] Initialize genetic algorithm parameters, including: popula...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a black box image adversarial sample generation method with visual perception concealment, and relates to the technical field of artificial intelligence safety. According to the main technical scheme, the method comprises the following steps: 1, initializing algorithm parameters and an adversarial sample set; 2, selecting a dominant adversarial sample subset according to adversarial attack effects; 3, judging whether an attack of an optimal adversarial sample is successful, and if yes, turning to step 6; 4, if not, generating a new adversarial sample set by using intersections of the adversarial sample subset; 5, adding concealed noise according to a certain probability; and 6, outputting the adversarial sample and performing testing. According to the method, the masking effect of visual perception is utilized, so that the visual perception similarity between a generated adversarial sample and an original image is high, good concealment is achieved, and black box adversarial attacks can be started unobserved.

Description

technical field [0001] The present invention relates to the field of artificial intelligence security technology, in particular to a black-box image adversarial sample generation method with visual perception concealment. Background technique [0002] With the emergence of big data and the improvement of large-scale computing power, artificial intelligence has been widely used in all aspects of society, especially in the field of image recognition. Artificial intelligence has achieved many excellent results in image classification, target detection, image segmentation, etc. results. However, with the in-depth research and wide application of artificial intelligence, its security issues are gradually exposed. Christian Szegedy proposed the concept of adversarial samples in 2014, that is, deliberately adding subtle disturbances to the input data, causing the model to give wrong outputs with high confidence in the input. Most convolutional neural networks are vulnerable to ad...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06T5/00G06N3/04G06N3/08G06N3/12
CPCG06N3/08G06N3/126G06T2207/20081G06T2207/20084G06N3/045G06T5/90
Inventor 王斌郭敏曾颖明卢宏业马书磊方永强马晓军桓琦
Owner BEIJING INST OF COMP TECH & APPL
Features
  • Generate Ideas
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com