DEVICE AND METHOD FOR DETERMINING ADVERSARIAL PERTURBATIONS OF A MACHINE LEARNING SYSTEM

A computer-implemented method for determining an adversarial perturbation for input signals, especially sensor signals or features of sensor signals, of a machine learning system. A best perturbation is determined iteratively, wherein the best perturbation is provided as adversarial perturbation aft...

Full description

Saved in:
Bibliographic Details
Main Authors Finnie, Nicole Ying, Hutmacher, Robin, Metzen, Jan Hendrik
Format Patent
LanguageEnglish
Published 28.12.2023
Subjects
CONTROL OR REGULATING SYSTEMS IN GENERAL
CONTROLLING
FUNCTIONAL ELEMENTS OF SUCH SYSTEMS
MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS ORELEMENTS
PHYSICS
REGULATING
Online AccessGet full text

Cover

More Information
Summary:A computer-implemented method for determining an adversarial perturbation for input signals, especially sensor signals or features of sensor signals, of a machine learning system. A best perturbation is determined iteratively, wherein the best perturbation is provided as adversarial perturbation after a predefined amount of iterations, wherein at least one iteration includes: sampling a perturbation; applying the sampled perturbation to an input signal thereby determining a potential adversarial example; determining an output signal from the machine learning system for the potential adversarial example, determining a loss value characterizing a deviation of the output signal to a desired output signal, wherein the desired output signal corresponds to the input signal, if the loss value is larger than a previous loss value setting the best perturbation to the sampled perturbation.
Bibliography:Application Number: US202318331044