Adversarial sample defense method and device based on robust structure search

An adversarial sample and robust technology, applied in the field of adversarial sample defense based on robust structure search, can solve the problems of DNN network adversarial sample attack and other problems, and achieve the effect of improving the adversarial robustness

Inactive Publication Date: 2022-05-13
HANGZHOU HIKVISION DIGITAL TECH
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] DNN networks are vulnerable to adversarial sample attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Adversarial sample defense method and device based on robust structure search
  • Adversarial sample defense method and device based on robust structure search
  • Adversarial sample defense method and device based on robust structure search

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with this application. Rather, they are merely examples of apparatuses and methods consistent with aspects of the present application as recited in the appended claims.

[0023] The terminology used in this application is for the purpose of describing particular embodiments only, and is not intended to limit the application. As used in this application and the appended claims, the singular forms "a", "the", and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise.

[0024] In order to enable those skilled ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an adversarial sample defense method and device based on robust structure search, and the method comprises the steps: carrying out the iteration alternating updating of an operation parameter and a structure parameter of a DNN network through a gradient descent algorithm for any epoch in a search process till the number of iterations reaches a first number of iterations; and utilizing a preset network vulnerability constraint condition to iteratively update the structure parameters of the DNN network to obtain the structure parameters meeting the preset network vulnerability constraint condition until the number of iterations in the epoch reaches a second number of iterations, and under the condition that the searched epoch number reaches the first epoch number, or the DNN network model converges, generating a target DNN network according to the obtained structure parameters. According to the method, the adversarial robustness of the DNN network can be improved.

Description

technical field [0001] The present application relates to the field of artificial intelligence security technology, in particular to a method and device for adversarial sample defense based on robust structure search. Background technique [0002] At present, Deep Neural Networks (DNN for short) have shown excellent performance in various applications, such as image classification, object detection, semantic segmentation, etc. [0003] DNN networks are vulnerable to adversarial sample attacks. That is, adding some carefully designed subtle disturbances that humans cannot perceive to the input samples will cause the network model to give a wrong output with a high degree of confidence. [0004] The current adversarial sample defense scheme mainly focuses on weight optimization, and optimizes the weight of the DNN network by inputting the adversarial samples generated by the attack method to improve the robustness of the DNN network to attacks. Contents of the invention ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06N3/08G06N3/063G06N3/04
CPCG06N3/08G06N3/063G06N3/045
Inventor 王滨张峰钱亚冠王伟王星李超豪
Owner HANGZHOU HIKVISION DIGITAL TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap