Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Text backdoor attack method and device

A backdoor and text technology, applied in the computer field, can solve problems such as the inability to control the risks of the actual application of natural language processing models in advance

Pending Publication Date: 2022-02-08
TSINGHUA UNIV
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In the prior art, there is a lack of research on the security and robustness of natural language processing models by backdoor attacks, resulting in the inability to control the risks of putting natural language processing models into practical applications in advance

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Text backdoor attack method and device
  • Text backdoor attack method and device
  • Text backdoor attack method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] In order to make the purpose, technical solutions and advantages of the present invention clearer, the technical solutions in the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the present invention. Obviously, the described embodiments are part of the embodiments of the present invention , but not all examples. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0048] Combine below figure 1 A text backdoor attack method provided by the present invention is described, including:

[0049] Step 100: Obtain a test sample;

[0050] Specifically, because the present invention detects the security and robustness of the natural language processing model by studying the text backdoor attack technology, and controls the risk of putting the natural language ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a text backdoor attack method and device, and the method comprises the steps: obtaining a test sample; and inputting the test sample into a damage model of an injection back door to obtain a judgment result of the test sample, wherein the victim model of the inserted backdoor is obtained by the following method: determining a specific text style as a triggering feature of the backdoor attack, performing text style migration on a to-be-poisoned sample to obtain a training sample with the trigger feature, and training a damage model according to the training sample to obtain the damage model of the injection back door. Through the steps, the text backdoor attack technology can be researched, the safety and robustness of the natural language processing model can be detected, and the risk that the natural language processing model is put into practical application is managed and controlled.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a text backdoor attack method and device. Background technique [0002] Backdoor attacks are an emerging security threat to machine learning, especially deep learning models. Backdoor attacks usually inject the backdoor into the victim model during the training process, so that the victim model works normally when faced with normal input in the test phase, which is no different from the normal model without the backdoor, but when faced with the input containing pre-designed trigger features , which can be output according to the pre-design. For example, a face recognition system that has been attacked by a backdoor can correctly recognize general face images after deployment, but when it encounters a face wearing glasses of a preset specific color, it will be recognized as a specific face. person, regardless of which person the face with glasses corresponds to. [0003] Sinc...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06K9/62
CPCG06F21/554G06F18/24G06F18/214
Inventor 孙茂松岂凡超刘知远
Owner TSINGHUA UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com