Adversarial sample detection method and universal adversarial attack defense system

The invention discloses an adversarial sample detection method, and the method comprises the steps: obtaining a training data set for training a deep neural network model, and obtaining a prediction unit A; utilizing an adversarial sample generated based on the training data set to train a deep neur...

Full description

Saved in:
Bibliographic Details
Main Authors YE JIAQUAN, WU HEFENG, LIN JING, WANG QING
Format Patent
LanguageChinese
English
Published 23.02.2021
Subjects
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
HANDLING RECORD CARRIERS
PHYSICS
PRESENTATION OF DATA
RECOGNITION OF DATA
RECORD CARRIERS
Online AccessGet full text

Cover

More Information
Summary:The invention discloses an adversarial sample detection method, and the method comprises the steps: obtaining a training data set for training a deep neural network model, and obtaining a prediction unit A; utilizing an adversarial sample generated based on the training data set to train a deep neural network model through an adversarial training method to obtain a prediction unit B; inputting thetraining data set and the adversarial sample into prediction units A and B for reasoning, respectively extracting feature maps output by the same convolution layer and splicing the feature maps, andtaking the spliced map as a classification training data set; training a deep neural network binary classification model by adopting the classification training data set to obtain an adversarial sample detection module; and respectively inputting input samples to be detected into the prediction units A and B for reasoning, respectively extracting feature maps output by the same convolution layer and splicing the feature ma
Bibliography:Application Number: CN202011425771