Adversarial sample generation method and device

A technology against samples and samples, applied in the field of artificial intelligence, can solve problems such as increasing the disturbance amplitude, and achieve the effect of increasing the disturbance noise amplitude and noise information energy intensity, more robustness, and increasing aggressiveness

Pending Publication Date: 2022-03-11
INSPUR BEIJING ELECTRONICS INFORMATION IND
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This type of anti-sample noise is essentially a small, high-frequency disturbance, which is easily defended by high-frequency filtering and other defense methods to eliminate noise, and it is easy to be detected by the naked eye by simply increasing the disturbance amplitude.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial sample generation method and device
  • Adversarial sample generation method and device
  • Adversarial sample generation method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] Next, the technical solutions in the embodiments of the present invention will be described in connection with the drawings of the embodiments of the present invention, and it is understood that the described embodiments are merely the embodiments of the present invention, not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art are in the range of the present invention without making creative labor premise.

[0047] Essentially conventional method of combating noise generation added samples generated a minute, high-frequency disturbance is easily high frequency noise filtering method eliminates defense defense and simply adding the disturbance amplitude is very easily perceived visually found. For the above technical defects, the present application provides a program generated against a sample by a small perturbation in the target area, the non-target region of high turbulence and the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an adversarial sample generation method and device. The adversarial sample generation method comprises the steps of dividing a region in an original sample into a target region and a non-target region; the target area is an area with high attention of a visual system, and the non-target area is an area with low attention of the visual system; determining gradient noise of the original sample, and dynamically distributing different step lengths for the target area and the non-target area respectively; respectively adding interference noise to the target area and the non-target area based on the step length and the gradient noise to obtain an adversarial sample corresponding to the original sample; the interference intensity of the non-target area is higher than that of the target area. According to the method, the disturbance noise amplitude and the noise information energy intensity can be increased under the condition that human eyes are not easy to perceive through small disturbance in the target area and high disturbance in the non-target area, so that the aggressiveness of the adversarial sample is improved, and the trained network model has higher robustness.

Description

Technical field [0001] The present invention relates to the field of artificial intelligence, and Background technique [0002] In the field of computer visual technology, deep neural network technology is widely used in target identification applications, with representative face recognition, automatic driving recognition, and the like. With the continuous development of target identification technology and the introduction of more and more production and life fields, the security issues of target identification technology are also gradually exposed, and it is increasingly attracted attention to the safety of deep neural network models, facing many challenges. Conflict sample attack For depth neural network defects, the antibody samples are generated by adding naked eye, making the network model to generate miscrosis, misleading target recognition system behavior, and deductive or target recognition results to misleading Effect. [0003] In the prior art, confrontation-resistant...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62G06N3/08G06V10/774
CPCG06N3/08G06F18/214
Inventor 史宏志赵坤鲁璐葛沅温东超崔星辰
Owner INSPUR BEIJING ELECTRONICS INFORMATION IND
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap