Invention Grant
- Patent Title: Method and apparatus for heuristically defending against local adversarial attack
-
Application No.: US18506123Application Date: 2023-11-09
-
Publication No.: US12013973B1Publication Date: 2024-06-18
- Inventor: Xiaoxuan Ma , Sihan Shan , Boyang Sun , Fengfang Hua , Hantao Zhang , Kuncheng Lian , Xianlong Meng , Zeyu Feng
- Applicant: BEIJING UNIV CIVIL ENGN & ARCHITECTURE
- Applicant Address: CN Beijing
- Assignee: BEIJING UNIV CIVIL ENGN & ARCHITECTURE
- Current Assignee: BEIJING UNIV CIVIL ENGN & ARCHITECTURE
- Current Assignee Address: CN Beijing
- Priority: CN 2310363416.9 2023.04.07
- Main IPC: G06T5/00
- IPC: G06T5/00 ; G06F21/64 ; G06T5/20 ; G06T5/50

Abstract:
The present disclosure relates to a method and apparatus for heuristically defending against a local adversarial attack through gradient optimization. The method includes: processing an original image to obtain a gradient image; selecting a noise region in the gradient image and suppressing the noise region to form a defense patch; performing gradient enhancement on the original image to form a gradient-enhanced image; and projecting the defense patch onto the gradient-enhanced image to form a defense-processed image. The present disclosure can suppress high-frequency noise and prevent a deep neural network from being attracted by the high-frequency noise to make misjudgment, to suppress an adversarial patch. In addition, a contour and texture of the original image are enhanced by performing gradient enhancement on the original image, recognition by a classifier is facilitated, and image recognition accuracy is improved.
Information query