Title:
ADVERSARIAL INTERPOLATION BACKDOOR DETECTION
Document Type and Number:
WIPO Patent Application WO/2022/078062
Kind Code:
A1
Abstract:
One or more computer processors determine a tolerance value, and a norm value associated with an untrusted model and an adversarial training method. The one or more computer processors generate a plurality of interpolated adversarial images ranging between a pair of images utilizing the adversarial training method, wherein each image in the pair of images is from a different class. The one or more computer processors detect a backdoor associated with the untrusted model utilizing the generated plurality of interpolated adversarial images. The one or more computer processors harden the untrusted model by training the untrusted model with the generated plurality of interpolated adversarial images.
Inventors:
LUDWIG HEIKO H (US)
CHUBA EBUBE (US)
CHEN BRYANT (US)
EDWARDS BENJAMIN JAMES (US)
LEE TAESUNG (US)
MOLLOY IAN MICHAEL (US)
CHUBA EBUBE (US)
CHEN BRYANT (US)
EDWARDS BENJAMIN JAMES (US)
LEE TAESUNG (US)
MOLLOY IAN MICHAEL (US)
Application Number:
PCT/CN2021/113562
Publication Date:
April 21, 2022
Filing Date:
August 19, 2021
Export Citation:
Assignee:
IBM (US)
IBM CHINA CO LTD (CN)
IBM CHINA CO LTD (CN)
International Classes:
G06N3/02; G06F21/57
Foreign References:
| US20190130110A1 | 2019-05-02 | |||
| US20190188562A1 | 2019-06-20 | |||
| US20190138860A1 | 2019-05-09 | |||
| CN106920206A | 2017-07-04 | |||
| CN106296692A | 2017-01-04 |
Attorney, Agent or Firm:
KING & WOOD MALLESONS (CN)
Download PDF: