勾配を使用したニューラル・ネットワーク内のバックドアの検出

Japanese Patent JP7374545

B2

Mechanisms are provided for evaluating a trained machine learning model to determine whether the machine learning model has a backdoor trigger. The mechanisms process a test dataset to generate output classifications for the test dataset, and generate, for the test dataset, gradient data indicating a degree of change of elements within the test dataset based on the output generated by processing the test dataset. The mechanisms analyze the gradient data to identify a pattern of elements within the test dataset indicative of a backdoor trigger. The mechanisms generate, in response to the analysis identifying the pattern of elements indicative of a backdoor trigger, an output indicating the existence of the backdoor trigger in the trained machine learning model.

Lee, Taesun
Molloy, Ian, Michael
Carvalho, Wilka
Edwards, Benjamin, James
Chan, Jiaron
Chen, Bryant

JP2020554436A

November 07, 2023

April 10, 2019

Click for automatic bibliography generation  

INTERNATIONAL BUSINESS MACHINES CORPORATION

G06T7/00; G06N3/04; G06N3/08; G06N20/00

MUNOZ-GONZALEZ, Luis、他6名,Towards Poisoning of Deep Learning Algorithms with Back-gradient Optimization,Machine Learning,ARXIV.ORG,2017年08月29日,p.1-11,https://doi.org/10.48550/arXiv.1708.08689
CHEN, Xinyun、他4名,Targeted Backdoor Attacks on Deep Learning Systems Using Data Poisoning,Cryptography and Security,ARXIV.ORG,2017年12月15日,p.1-18,https://doi.org/10.48550/arXiv.1712.05526
GU,Tianyu、他2名,BadNets: Identifying Vulnerabilities in the Machine Learning Model Supply Chain,Cryptography and Security,ARXIV.ORG[オンライン],2017年08月22日,p.1-13,インターネット:

Tadashi Taneichi

Previous Patent: Pharmaceutical composition comprising a labeling moiety-anti-human antibody Fab fragment complex

Next Patent: vector string search instruction