Dual-threshold confrontation sample detection method based on image transformation

Dual-threshold confrontation sample detection method based on image transformation

The invention provides a double-threshold confrontation sample detection method based on image transformation, and relates to the field of deep learning security, and the detection method comprises the steps: firstly, enabling an original sample X to generate a transformation sample X 'through...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: DING LING, CHEN JIAGENG, LIU HUI, WEN FUJU
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention provides a double-threshold confrontation sample detection method based on image transformation, and relates to the field of deep learning security, and the detection method comprises the steps: firstly, enabling an original sample X to generate a transformation sample X 'through a series of image transformation operations; respectively inputting the original sample X and the transformation sample X'into a classification model for prediction to obtain corresponding prediction probability distribution arrays A and A '; and then calculating the distance d between the two probability distribution arrays, and finally judging whether the distance d is in a dual-threshold region or not. According to the method provided by the invention, adversarial sample detection is carried out through a double-threshold detection method based on image transformation, both strong and weak parties are considered, the defects of a traditional single-threshold detection method are effectively overcome, the detection ef