A deep learning classification method with the function of defending against sample attack

A technology against samples and classification methods, applied in neural architecture, biological neural network models, etc., can solve problems such as single attack, lack of universality, etc., to achieve the effect of improving performance robustness

Active Publication Date: 2019-03-12
ZHEJIANG UNIV OF TECH
View PDF4 Cites 47 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In addition, adversarial examples are a solution to nonlinear and non-convex optimization problems of deep neural network models, and it is necessary to have a good method to describe these complex optimization problems; from the perspective of defense, most defense research focuses on the defense of a single attack, through Capture the attacker's adversarial samples and start the adversarial learning of the deep neural network to defend against the attack. Therefore, adversarial training that relies on a small number of existing adversarial samples is not universal

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A deep learning classification method with the function of defending against sample attack
  • A deep learning classification method with the function of defending against sample attack
  • A deep learning classification method with the function of defending against sample attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0058] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, and do not limit the protection scope of the present invention.

[0059] The device for realizing the classification method of the present invention is a three-party game model based on a generative confrontation network, and its structure is as follows: figure 1 As shown, it mainly includes three modules: 1) The function of the attack generation model (Attack Generator, AG) is to automatically generate an adversarial sample x with as little disturbance as possible and as strong attack capability as possible adv , whose input consists of normal samples x nor , the real class label y of the sample, and the noise z; 2) The function of t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a depth learning classification method with the function of defending against sample attack, The device for realizing the classification method comprises: an attack generationmodel AG, a confrontation sample discrimination model D and a classification model DNN. The specific methods are as follows: (1) training the DNN by using a normal data set, the classification accuracy is higher than a preset value, and the training of the DNN is stopped; (2) Alternatively training the parameters of AG and D until AG-D realizes Nash equilibrium; (3) The parameters of AG and DNN were alternately trained until AG-DNN realizes Nash equilibrium; 4) judging whether that discrimination model D and the classification model DNN of the antagonism sample reach the Pareto optimality, ifso, the DNN training is complete and the step 5 is executed; otherwise, the step 2) is returned; (5) Inputting the samples to be classified into the trained classification model DNN to obtain the classification result. The invention can effectively solve the vulnerability of the classification model when confronted with the confrontation sample in the actual classification application, and improvethe robustness of the model performance.

Description

technical field [0001] The invention belongs to the research field of deep learning algorithms and models in the field of artificial intelligence, and specifically relates to a deep learning classification method with the function of defending against adversarial sample attacks. Background technique [0002] At present, deep learning has attracted the attention of a large number of scholars and research institutions. Through the continuous improvement of hardware performance, deep learning has been widely used in object detection, image semantic segmentation and understanding, knowledge graph, data generation and other fields. Deep learning is one of the most commonly used technologies for artificial intelligence machine learning, and adversarial attacks on deep neural networks are a serious security risk. Adversarial attack is defined as a malicious attack in which an attacker obtains an adversarial sample by adding carefully designed small perturbations to the original dat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06N3/04
CPCG06N3/045
Inventor 陈晋音郑海斌熊晖沈诗婧苏蒙蒙
Owner ZHEJIANG UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap