Mitigating adversarial effects in machine learning systems

A machine learning and adversarial technology, applied in the field of machine learning, can solve problems such as impossible detection and difficult detection of resistance, and achieve the effect of maintaining accuracy and fidelity, reducing risks, and minimizing risks

Pending Publication Date: 2022-05-06
IBM CORP
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Often, these adversarial biases are difficult or impossible to detect

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mitigating adversarial effects in machine learning systems
  • Mitigating adversarial effects in machine learning systems
  • Mitigating adversarial effects in machine learning systems

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] Embodiments of the present disclosure provide techniques for sanitizing and / or repairing machine learning (ML) models in order to mitigate adversarial attacks. As used herein, adversarial data and adversarial models generally refer to data or models that are close to legitimate (or appear legitimate) in some spaces but exhibit unwanted or malicious behavior in other spaces. For example, an adversarial model can provide accurate and desired results with a certain set of input data. However, a model is adversarial if it contains some internal weights or biases that make it respond to some inputs in an adversarial or undesired way. For example, an infected or poisoned model may return incorrect results when certain triggers are present in the input. In many embodiments, these triggers may include patterns in the input data. Often, these triggers are hidden in the input data and are imperceptible to human observers.

[0024] An example of an adversarial model is a model ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

Techniques for cleaning a machine learning (ML) model are provided. A first ML model and clean training data are received. A path between the first ML model and the second ML model is trained using the clean training data. A scrubbed ML model is generated based on at least one point on the trained path. One or more ML functions are then facilitated using the purged ML model.

Description

technical field [0001] The present disclosure relates to machine learning, and more specifically, to mitigating adversarial effects in machine learning systems. Background technique [0002] Various machine learning models and techniques have been used in various applications and continue to show great potential. However, many models require large amounts of training data in order to return satisfactory results. Obtaining such data is often difficult, expensive and time-consuming. To reduce these burdens, many rely on pretrained models or prelabeled training data. However, these models and data are relatively unknown and could be contaminated or poisoned. For example, training data may be corrupted by specified trigger patterns associated with target labels. During training, these models incorporate this adversarial behavior such that when specified triggers are present, these models can be tricked or forced to misclassify input data into the target category. Other atta...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06N3/08G06F21/56
CPCG06N3/08G06N3/045G06N20/00G06N5/04
Inventor 陈品谕P·达斯K·纳特桑拉马穆尔蒂赵普
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap