Black box image adversarial sample generation method with visual perception concealment

An adversarial sample, visual perception technology, applied in image enhancement, image analysis, image data processing and other directions, can solve the problems of poor concealment, low visual perception similarity, disturbed pixels can not represent concealment effect, etc., to achieve good concealment. Effect

Pending Publication Date: 2022-01-14
BEIJING INST OF COMP TECH & APPL
View PDF14 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the shortcomings of this method are: it belongs to the white-box adversarial sample generation method, and the calculation of the gradient needs to obtain the parameter information of the target model or the neural network structure
However,

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Black box image adversarial sample generation method with visual perception concealment
  • Black box image adversarial sample generation method with visual perception concealment

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0048] In order to make the objects, content, and advantages of the present invention, the specific embodiments of the present invention will be further described in further detail below with reference to the accompanying drawings and embodiments.

[0049] The present invention conducts a study of the image recognition system, providing a black box image confrontation method having visual sensing concealment, compared to other black box image confrontation method, the present invention can distinguish between visual perceptions in visual sensing samples In the case of an original image, the black box against the image recognition model is launched.

[0050] The following will be included figure 1 And specific embodiments to further introduce the methods of the invention:

[0051] Step 1, initialize the genetic algorithm parameters and counter the sample collection.

[0052] Initializing the genetic algorithm parameters, including: population size n = 100, elite individual number m...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a black box image adversarial sample generation method with visual perception concealment, and relates to the technical field of artificial intelligence safety. According to the main technical scheme, the method comprises the following steps: 1, initializing algorithm parameters and an adversarial sample set; 2, selecting a dominant adversarial sample subset according to adversarial attack effects; 3, judging whether an attack of an optimal adversarial sample is successful, and if yes, turning to step 6; 4, if not, generating a new adversarial sample set by using intersections of the adversarial sample subset; 5, adding concealed noise according to a certain probability; and 6, outputting the adversarial sample and performing testing. According to the method, the masking effect of visual perception is utilized, so that the visual perception similarity between a generated adversarial sample and an original image is high, good concealment is achieved, and black box adversarial attacks can be started unobserved.

Description

technical field [0001] The present invention relates to the field of artificial intelligence security technology, in particular to a black-box image adversarial sample generation method with visual perception concealment. Background technique [0002] With the emergence of big data and the improvement of large-scale computing power, artificial intelligence has been widely used in all aspects of society, especially in the field of image recognition. Artificial intelligence has achieved many excellent results in image classification, target detection, image segmentation, etc. results. However, with the in-depth research and wide application of artificial intelligence, its security issues are gradually exposed. Christian Szegedy proposed the concept of adversarial samples in 2014, that is, deliberately adding subtle disturbances to the input data, causing the model to give wrong outputs with high confidence in the input. Most convolutional neural networks are vulnerable to ad...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06T5/00G06N3/04G06N3/08G06N3/12
CPCG06T5/007G06N3/08G06N3/126G06T2207/20081G06T2207/20084G06N3/045
Inventor 王斌郭敏曾颖明卢宏业马书磊方永强马晓军桓琦
Owner BEIJING INST OF COMP TECH & APPL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap