Black box confrontation sample generation method and device, equipment and storage medium

The invention discloses a black box confrontation sample generation method and device, equipment and a storage medium, and relates to the technical field of deep learning security, and the method comprises the steps: training an initial target detection model through employing a pre-obtained data se...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	DAI HAORENG, MI JIANXUN, XIANG FEI, ZHONG JIAYONG, ZHAO XIANGJIN, CHEN YONGTAO, LYU XIAOHONG, LI SONGNONG, KUANG PENGYAN, CHENG XIAO, TIAN PENG, PENG WENXIN, XU KAI, JIANG JINYANG, CHEN TAO, LI ZEPING, ZHANG ZHEYU
Format:	Patent
Sprache:	chi ; eng
Schlagworte:	CALCULATING COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS COMPUTING COUNTING PHYSICS
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

Beschreibung
Zusammenfassung:	The invention discloses a black box confrontation sample generation method and device, equipment and a storage medium, and relates to the technical field of deep learning security, and the method comprises the steps: training an initial target detection model through employing a pre-obtained data set, and determining the trained target detection model as a black box target detection model; inputting the target image into a black box target detection model, obtaining a plurality of prediction results, and generating a heat map based on the prediction results and a preset heat map generation algorithm; generating a target mask based on the heat map, generating adversarial disturbance by using a target technology, limiting a disturbance area of the adversarial disturbance by using the target mask, and determining an adversarial sample according to the corresponding limited adversarial disturbance. Therefore, according to the application, the coverage area of the confrontation disturbance can be limited to the ef