Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Rotation-robust image adversarial example generation in the physical world

A technology against samples and the physical world, applied in the field of image confrontation sample generation, can solve the problems of low attack success rate, lack of generated image confrontation samples, etc., and achieve the effect of ensuring rotation robustness

Active Publication Date: 2022-07-12
BEIJING INST OF COMP TECH & APPL
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the disadvantage of this method is that this method can only process images in the digital world to generate image adversarial samples, and lacks the ability to generate image adversarial samples in the physical world
However, the disadvantage of this method is that the attack success rate of this method is relatively low after the image is added with the anti-perturbation after rotation.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Rotation-robust image adversarial example generation in the physical world
  • Rotation-robust image adversarial example generation in the physical world
  • Rotation-robust image adversarial example generation in the physical world

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] In order to make the purpose, content, and advantages of the present invention clearer, the specific embodiments of the present invention will be described in further detail below with reference to the accompanying drawings and embodiments.

[0039] The invention studies the image confrontation sample generation technology based on the image processing neural network model, and provides an image confrontation sample generation method with rotation invariance in the physical world. The method loads the original image in the physical world and uses adaptive weighting. , Mean filtering strategy produces image adversarial perturbation with rotation robust effect. Compared with other white-box adversarial sample generation algorithms, the adversarial samples generated by this method are rotationally robust in the physical world, and have a high attack success rate against image signals in the physical world. There is a problem that the attack fails after the rotation, which ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an image confrontation sample generation method with rotational robustness in the physical world, and relates to the technical field of artificial intelligence security. The main steps include: 1. Initialize the algorithm parameters and image preprocessing to obtain the current adversarial sample; 2. Use the current adversarial sample to rotate to obtain the rotated adversarial sample; 3. Determine whether the iteration termination condition is met, if yes, output the final adversarial sample and perform step 7 , otherwise go to step 4; 4. Calculate the rotation-invariant joint gradient matrix; 5. Perform mean filtering on the rotation-invariant joint gradient matrix; 6. Update the current adversarial sample, and return to step 23; 7. Use the final result in the real physical world Test against adversarial samples and observe the effect of adversarial attacks under different rotation angles. The confrontation sample generated by the invention has rotation robustness in the physical world, solves the situation that the attack of the confrontation sample fails after rotation, and further improves the attack success rate.

Description

technical field [0001] The present invention relates to the technical field of artificial intelligence security, in particular to an image adversarial sample generation method with rotational robustness in the physical world. Background technique [0002] In the field of image recognition, the experimental results on some standard test sets show that the recognition ability of deep models has reached or even exceeded the level of human intelligence. While deep learning brings great convenience to people, it also has some security problems. For an abnormal input, whether the deep model can still obtain satisfactory results. The hidden security issues have gradually attracted attention, and many scholars have begun to pay attention to the anti-interference ability of the deep model. Among them, the adversarial sample refers to the sample that is misclassified and misidentified by the deep learning algorithm after the malicious attacker adds a small perturbation to the origina...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06V10/24G06V10/774G06V10/764G06V10/82G06K9/62G06N3/04G06N3/08
Inventor 方永强郭敏王斌张顺陈志浩曾颖明许文睿马晓军桓琦
Owner BEIJING INST OF COMP TECH & APPL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com