Adversarial example purification method based on conditional diffusion model

What is AI technical title?
AI technical title is built by PatSnap AI team. It summarizes the technical point description of the patent document.
By using a conditional diffusion model-based approach and fine-tuning the Stable Diffusion model by pairing clean samples and adversarial samples, the problems of high computational cost and insufficient robustness in existing technologies are solved. This approach achieves efficient and stable adversarial sample cleanup, generating cleaner images of higher quality that can resist adaptive attacks.

WO2026123388A1PCT designated stage Publication Date: 2026-06-18SHANGHAI CHENGDIAN FUZHI TECH CO LTD

Patent Information

Authority / Receiving Office: WO · WO
Patent Type: Applications
Current Assignee / Owner: SHANGHAI CHENGDIAN FUZHI TECH CO LTD
Filing Date: 2024-12-16
Publication Date: 2026-06-18

AI Technical Summary

⚠Technical Problem

Existing techniques suffer from high computational overhead, insufficient robustness, unstable image semantics, and sensitivity to diffusion time steps and noise levels in adversarial sample cleanup, making it difficult to adapt to diverse and complex adversarial attacks.

⚗Method used

We employ a conditional diffusion model-based approach, combining a pre-trained Stable Diffusion model with a Unet neural network and a cross-attention layer. By fine-tuning clean and adversarial sample pairings, we generate clean adversarial samples, reducing computational steps and improving robustness.

🎯Benefits of technology

It improves computational efficiency, enhances the robustness and stability of adversarial sample cleanup, generates higher quality clean images, better preserves the semantic features of the original images, and can resist adaptive attacks.

✦ Generated by Eureka AI based on patent content.

Smart Images

Figure CN2024139514_18062026_PF_FP_ABST

Patent Text Reader

Abstract

Disclosed in the present application is an adversarial example purification method based on a conditional diffusion model, comprising the following steps: acquiring a clean example dataset containing clean examples; using a white-box attack algorithm to attack a classification model to generate an adversarial example for each clean example; pairing the clean examples and the adversarial examples in one-to-one correspondence to form a training dataset; acquiring a pre-trained Stable Diffusion model; designing a fine-tuning process and a fine-tuning loss function; S6, presetting the number of iterations and a batch size, and using the training dataset to fine-tune network parameters of a cross-attention layer in the Stable Diffusion model to obtain a fine-tuned conditional diffusion model for adversarial example purification. In the present invention, an adversarial example is inputted as condition information into a UNet neural network to guide model learning, enabling the model to learn features of an adversarial perturbation, and improving computational efficiency, robustness and stability.

Need to check novelty before this filing date? Find Prior Art