An adversarial sample defense method, device, equipment and program product
By embedding backdoor traps into deep learning models, constructing backdoor models, and utilizing neuron activation differences and label offset filtering, we can achieve accurate detection of adversarial examples. This solves the problems of universality and computational resource consumption of existing defense methods, and improves detection efficiency and accuracy.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- GUANGZHOU UNIVERSITY
- Filing Date
- 2026-03-23
- Publication Date
- 2026-06-19
AI Technical Summary
Existing adversarial defense methods lack universality, rely on perturbation patterns of specific attacks, consume high computational resources, have low detection accuracy, are difficult to deal with unknown attacks, and are inefficient in real-time application scenarios.
By constructing backdoor samples to implant backdoor traps into the original model, a backdoor model is built. By using neuron activation differences and label offset screening, combined with neuron matching verification, accurate detection of adversarial examples is achieved.
It improves the accuracy and efficiency of adversarial example detection, reduces computational resource consumption, adapts to unknown attacks, and meets the needs of real-time applications.
Smart Images

Figure CN122241700A_ABST