Unlock instant, AI-driven research and patent intelligence for your innovation.

Multi-label backdoor attack detection and identification method for privacy protection neural network model

A neural network model and privacy protection technology, applied in the field of cryptography, machine learning and machine learning security, can solve problems such as not wanting the other party to know property

Inactive Publication Date: 2022-02-08
SHANGHAI OCEAN UNIV
View PDF1 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] We can consider a two-party example, the participants Alice and Bob want to compare who is richer, they own their own property x and y, but they don’t want the other party to know their specific property

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multi-label backdoor attack detection and identification method for privacy protection neural network model
  • Multi-label backdoor attack detection and identification method for privacy protection neural network model
  • Multi-label backdoor attack detection and identification method for privacy protection neural network model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings. Here, the exemplary embodiments and descriptions of the present invention are used to explain the present invention, but not to limit the present invention. This embodiment is implemented on the premise of the technical solution of the present invention.

[0036] The present invention first uses the SMPC technology to train the privacy protection model under the three-party ciphertext environment. as attached figure 1 As shown, the cloud server consists of P 1 ,P 2 and P 3 Compositions are referred to as participants in this invention. Holding private data shards shared by replicated secret sharing techniques, the three participants collaborate to train a DNN model. For the trained model, neither party can obtain specific parameters. In a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a multi-label backdoor attack detection and identification method for a privacy protection neural network model, and the method comprises the following steps: 1, carrying out the training of a privacy protection model through employing an SMPC technology in a three-party ciphertext environment, and generating an initialization function of a mask matrix Mask and a trigger matrix Pattern; 2, constructing an adversarial input TrojanInput function; 3, carrying out optimization training on a mask matrix and a trigger matrix, and optimizing a (mask, pattern) function; 4, constructing a trigger reverse engineering function; and 5, through a backdoor attack identification algorithm, carrying out an abnormal value detection function Backdoor Identificatio. The invention designs a backdoor attack detection scheme for detecting whether the model is attacked by the backdoor and which specific tag is attacked on the premise of protecting data and model parameter privacy.

Description

technical field [0001] The invention relates to the fields of cryptography, machine learning (deep learning) and machine learning security technology, in particular to the detection and identification of multi-label backdoor attacks on a neural network model with a privacy protection property that hides a backdoor. Background technique [0002] Deep neural networks (DNNs) have made amazing achievements in many fields, and applications based on DNNs are profoundly changing all aspects of our lives, such as medical diagnosis, autonomous driving, and image processing. The DNNs model can generally be obtained by training the training data set or retraining based on the pre-trained model. In order to obtain a more accurate model, it is usually necessary to obtain a large amount of data for model training. Due to the cost of time or money, it is difficult for users to complete DNN training on personal computers. Therefore, users want to outsource the model to cloud servers for t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F21/14G06F21/62
CPCG06F21/55G06F21/6245G06F21/14
Inventor 魏立斐张蕾陈聪聪
Owner SHANGHAI OCEAN UNIV