Backdoor attack defense system for artificial intelligence model

An attack defense system, artificial intelligence technology, applied in the field of backdoor attack defense system, can solve the problem of unable to identify the model and so on

Pending Publication Date: 2022-02-08
SHANGHAI JIAO TONG UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

After testing, mainstream antivirus software such as Norton, Kaspersky, McAfee, etc. cannot identify whether the model contains a backdoor

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Backdoor attack defense system for artificial intelligence model
  • Backdoor attack defense system for artificial intelligence model
  • Backdoor attack defense system for artificial intelligence model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] Such as figure 1 As shown, it is a schematic diagram of a deep learning backdoor model attack. After the malicious code layer is inserted into the normal model, it becomes a model with a backdoor. When the model inputs a picture that can trigger the backdoor, it outputs classification results and tampers with the local system files.

[0031] Such as Figure 2 to Figure 5 As shown, it is a backdoor attack defense system for artificial intelligence models involved in this embodiment, including: a model pre-detection module and a real-time defense module, wherein: the model pre-detection module detects whether the image classification model to be tested is The operation behavior of reading or modifying a local file is used to determine whether it contains a backdoor; the real-time defense module invalidates the backdoor in the image classification model by adding a filter to the image containing the trigger.

[0032] The pre-inspection is aimed at whether the operation be...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A backdoor attack defense system for an artificial intelligence model comprises a model pre-detection module and a real-time defense module, the model pre-detection module scans an operation behavior of reading or modifying a local file and data output by each layer in a to-be-detected image classification model so as to judge whether the model contains a backdoor; and the real-time defense module adds a filter to the picture containing the trigger, so that the back door in the image classification model is invalid. The method can be applied to models in the fields of image classification and image recognition, defense is enhanced for the models, and then the safety performance in the field of deep learning is improved.

Description

technical field [0001] The invention relates to a technology in the field of information security, in particular to a backdoor attack defense system for artificial intelligence models. This technology can be applied to the protection of artificial intelligence models in the image field in the industrial field, such as image classification, face recognition, automatic driving, etc. Background technique [0002] Adding or changing neurons to a normal artificial intelligence model can turn it into a model with a backdoor. Once the input image contains a trigger that triggers the backdoor, the deep learning model will not only output classification results, but also execute the malicious neurons of the model, causing damage to the local system. There is currently no effective defense against this type of backdoor attack. After testing, mainstream antivirus software such as Norton, Kaspersky, McAfee, etc. cannot identify whether the model contains a backdoor. Contents of the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/56G06F21/54G06V10/96G06V10/764G06V10/82G06K9/62G06N3/04
CPCG06F21/566G06F21/562G06F21/54G06F2221/033G06N3/045G06F18/24
Inventor 闫续易平谢宸琪
Owner SHANGHAI JIAO TONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap