Supercharge Your Innovation With Domain-Expert AI Agents!

Iterative fast gradient descent anti-attack method based on Adam

A gradient descent and gradient technology, applied in neural learning methods, instruments, biological neural network models, etc., can solve problems such as failure to successfully attack the target deep neural network model, bad local maximum value of the adversarial sample, poor attack effect, etc., to achieve shortening Effects on training time, improved transferability, and attack success rate

Active Publication Date: 2022-04-15
YUNNAN UNIV
View PDF7 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] As far as the FGSM algorithm is concerned, it uses a linear assumption when calculating adversarial samples, but in practice, when the distortion is large (such as blurred pictures), the linear assumption may not be true, which makes the adversarial samples generated by FGSM unable to succeed. Attack the target deep neural network model, thus limiting the efficiency of its attack
Although the I-FGSM algorithm has been improved, it will greedily move towards the direction of generating adversarial samples in the sign direction of the gradient in each iteration
Therefore, adversarial samples tend to fall into bad local maximums and "overfit" the model. Although the adversarial samples generated in this way are stronger in attack strength, the attack effect reflected on the black box model will be worse

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Iterative fast gradient descent anti-attack method based on Adam
  • Iterative fast gradient descent anti-attack method based on Adam
  • Iterative fast gradient descent anti-attack method based on Adam

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0034] figure 1 It is a specific implementation flow chart of the Adam-based iterative fast gradient descent counter-attack method of the present invention. Such as figure 1 As shown, the specific steps of the Adam-based iterative fast gradient descent confrontation attack method of the present invention include:

[0035] S101: Set up counter attack parameters:

[0036] Set up an image classification model based on a deep neural network for adversarial attacks, and determine several input images x k , k=1,2,...,K, K represents the number of input images, record the input image x k The corresponding type label is y k . Set the disturbance amount ε of the input image and the maximum number of iterations T as required, and calculate the step size λ=ε / T.

[0037] S102: Initialize iteration parameters:

[0038] Initialize the gradient mean v 0 = 0, gradient variance s 0 =0. Each input image x k as initial image

[0039] S103: Let the number of iterations t=0.

[0040...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an Adam-based iterative fast gradient descent adversarial attack method, which comprises the following steps: setting a deep neural network-based image classification model used for adversarial attack and other adversarial attack parameters, then initializing iteration parameters, inputting a current image into the image classification model to obtain a classification result during each iteration, and finally obtaining an adversarial attack result. And calculating the loss function gradient of the current image classification, updating the gradient mean value and the gradient variance according to the loss function gradient, updating each image after correcting the gradient mean value and the gradient variance, repeating the steps until the maximum number of iterations is reached, and taking the image obtained by the last iteration as an adversarial sample. According to the invention, the Adam algorithm is introduced to improve the I-FGSM algorithm, so that the training time can be shortened, and the mobility and attack success rate of the generated confrontation sample can be improved.

Description

technical field [0001] The invention belongs to the technical field of confrontation attacks, and more specifically relates to an Adam-based iterative rapid gradient descent confrontation attack method. Background technique [0002] In recent years, the contribution of deep neural network in various fields is quite significant. Convolutional Neural Network (CNN) has been successfully applied in the fields of self-driving cars, surveillance, malicious code detection, drones, etc., and plays a role in it. Therefore, the importance of deep neural network model security is more prominent. [0003] Adversarial attack is one of the main types of attacks that threaten deep learning models. Its purpose is to add small noise perturbations to the input samples, so that the prediction results of the model will be wrong (also known as untargeted attacks), and it can even be based on specific noise. The perturbed output predicts what the attacker expects (called a targeted attack). On ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06V10/774G06V10/764G06V10/82G06K9/62G06N3/04G06N3/08
CPCY02T10/40
Inventor 董云云张锦涛周维蔡莉
Owner YUNNAN UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com