A poisoning attack method for electromagnetic signal modulation type identification based on a pure label

An electromagnetic signal, modulation type technology, applied in neural learning methods, character and pattern recognition, biological neural network models, etc., can solve problems such as poisoning, classifier performance impact, and difficulty in implementation

Pending Publication Date: 2021-09-10
ZHEJIANG UNIV OF TECH
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Second: Model poisoning, the attacker directs the model structure and model parameters, the modified model can achieve user requirements with a very high accuracy rate, but it will show poisoning behavior for specific target samples
This method not only requires the attacker to have a good understanding of the original data, but also the performance of the entire classifier will be affected during the poisoning training process, which is difficult to achieve in many cases

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A poisoning attack method for electromagnetic signal modulation type identification based on a pure label
  • A poisoning attack method for electromagnetic signal modulation type identification based on a pure label
  • A poisoning attack method for electromagnetic signal modulation type identification based on a pure label

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] The present invention will be further described below with reference to the accompanying drawings.

[0019] Refer Figure 1 ~ 3 An electromagnetic signal modulation identification of pure poisoning attacks based label, comprising the steps of:

[0020] 1) for electromagnetic data signal preprocessing

[0021] The signal is divided into a training data set and test set, and the data signal is normalized, the normalized data signal with its modulation type tag samples by X and Z, respectively, X = {x 1 , X 2 , ..., x n }, The following normalized equation:

[0022]

[0023] Where X i The normalized signal sample representation, Represents the original signal samples, n-represents the total number of signal samples, signal i is the i-th data set samples, It represents the minimum value of the signal samples, It represents the maximum value of the signal samples.

[0024] 2) Set up an electromagnetic signal classification model

[0025] Signal classification model used in t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A poisoning attack method for electromagnetic signal modulation type identification based on a pure label comprises the following steps: firstly, building an electromagnetic signal classification model, and enabling an electromagnetic signal data set to predict and identify a modulation type with high precision; adopting a pure label poisoning attack method, generating a poisoning sample by searching a sample similar to the feature space of the target sample; finally, using a forward and backward splitting iteration method for optimization, and after an optimal poisoning sample is generated, using transfer learning for retraining the classification network; finally, enabling the classification model to generate misclassification, so that a poisoning attack effect is achieved. According to the poisoning attack method for electromagnetic signal modulation type identification based on a pure label, the poisoning attack can be carried out under the condition that training data does not need to be known and only a training model and parameters thereof need to be known, and a poisoning defense measure measured based on the training data is invalid.

Description

Technical field [0001] The present invention belongs to the field safety study depth, relates to an attack poisoning pure electromagnetic tag signal modulation type recognition. Background technique [0002] With the continuous development of artificial intelligence, depth research study has been widely used in image recognition, voice recognition, radio modulation type classification and other fields. Although the neural network has a high accuracy rate, but very fragile. Therefore, by attacks on deep learning model, and then we found the holes in the model was extremely important. Poisoning attacks occurred in the model training phase, the attacker through the back door triggers embedded in deep learning model. Further, the input sample poisoning in the testing phase, the goalkeeper is triggered to attack. [0003] Poisoning attacks against deep learning model includes two aspects: First: data poisoning, the attacker first get poisoned poisoned data to the training part of the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06K9/62G06N3/04G06N3/08
CPCG06N3/08G06N3/047G06N3/045G06F18/2415
Inventor 徐东伟陈林罗康房若尘卢润春顾淳涛
Owner ZHEJIANG UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap