Image recognition back door defense method and device based on swarm intelligence, and medium

A technology of image recognition and swarm intelligence, applied in the field of artificial intelligence, can solve problems such as limiting erasure efficiency, exploring and researching the efficiency of backdoor attack defense, and achieve the effect of improving defense efficiency

Pending Publication Date: 2022-02-15
CENT SOUTH UNIV
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] (1) The existing image recognition backdoor defense methods have not explored and studied the defense efficiency of backdoor attacks, making it difficult to effectively defend in a distributed cluster environment in a real environment
[0006] (2) In the traditional image recognition neural network, the image recognition model that has not been implanted into the backdoor trigger can be trained one by one by using the image data that has not been implanted into the backdoor trigger to erase the trigger of the backdoor attack, which greatly limits the eradication removal efficiency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Image recognition back door defense method and device based on swarm intelligence, and medium
  • Image recognition back door defense method and device based on swarm intelligence, and medium
  • Image recognition back door defense method and device based on swarm intelligence, and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The invention sets the defense scene as a multi-model distributed cluster environment. Among them, due to the incremental training of multiple models, multiple image recognition models in a cluster are infected by poisoned data produced by malicious attackers. The object of the present invention is to erase the backdoor triggers of the models in the cluster when the distributed clusters of multi-neural network models are respectively implanted with different types of backdoor triggers, while maintaining the image data without the implanted backdoor triggers performance. The connection diagram between the neural network image recognition models of the distributed clusters of the present invention, such as figure 1 shown.

[0037] The invention proposes a swarm intelligence algorithm and a neural distillation strategy to improve the erasure accuracy and efficiency of multiple neural network models in a distributed cluster for backdoor attacks.

[0038] Considering tha...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an image recognition backdoor defense method and device based on swarm intelligence, and a medium. The method comprises the following steps: selecting neural network models with dense connection as seed neural network models based on the incidence relation of a plurality of neural network image recognition models in a distributed cluster and according to the ranking of connection density; aiming at every two seed neural network models, performing distillation operation on the two seed neural network models by utilizing attention distillation representation, and extracting an attention activation graph Al which is invalid to the back door attack of the seed neural network models; and measuring the Euclidean distance and the cosine distance of activation attention maps Al of the two seed neural network models by designing a robust distillation loss function L, allowing the seed neural network models to calculate gradient values based on the L and to carry out back propagation, and updating the parameters of the seed neural network models. The performance and efficiency of an image recognition back door defense algorithm based on swarm intelligent under the image recognition back door defense task reach a current optimal level.

Description

technical field [0001] The invention relates to the field of artificial intelligence, in particular to an image recognition backdoor defense method, device, product and storage medium based on swarm intelligence. Background technique [0002] The application of neural network image recognition in automatic driving and medical diagnosis has been developed rapidly. However, since most neural network image recognition is optimized in a performance-driven manner, it does not pay much attention to whether the neural network will be attacked by malicious parties. tamper. There are growing concerns about the safety of neural networks in image recognition applications. Due to the opacity of neural networks, adversarial attacks and backdoor attacks have become the main factors threatening the security of neural networks. Adversarial attacks mislead the model to predict wrongly by crafting adversarial examples, however, crafting strong adversarial training examples is computationall...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06N3/04G06N3/08
CPCG06F21/56G06N3/084G06N3/045
Inventor 郭克华胡斌任盛奎晓燕赵颖
Owner CENT SOUTH UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap