Adversarial sample defense method and system for image classification task

Adversarial sample defense method and system for image classification task

The invention discloses an adversarial sample defense method and system for an image classification task, and the method comprises the steps: constructing an image adversarial sample purifier of a deep convolution auto-encoder with a residual structure, and training the image adversarial sample puri...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: SUN QINDONG, SHANG JIN, YANG RUI, DING MINGKAI
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses an adversarial sample defense method and system for an image classification task, and the method comprises the steps: constructing an image adversarial sample purifier of a deep convolution auto-encoder with a residual structure, and training the image adversarial sample purifier through employing image training data added with Gaussian noise; minimizing the training loss of the image confrontation sample purifier to obtain a pre-trained image confrontation sample purifier; according to the method, a pre-trained image confrontation sample purifier is adopted to purify a pre-processed image sample, and the purified image sample is utilized to train a low-image classification model, so that the image training data added with Gaussian noise is used to train the image confrontation sample purifier; according to the method, the classification accuracy of the purified normal image sample and the image confrontation sample on the pre-trained image classification model is improved, then the di