CN113297571A - 面向图神经网络模型后门攻击的检测方法和装置 - Google Patents
面向图神经网络模型后门攻击的检测方法和装置 Download PDFInfo
- Publication number
- CN113297571A CN113297571A CN202110598321.6A CN202110598321A CN113297571A CN 113297571 A CN113297571 A CN 113297571A CN 202110598321 A CN202110598321 A CN 202110598321A CN 113297571 A CN113297571 A CN 113297571A
- Authority
- CN
- China
- Prior art keywords
- graph
- sub
- neural network
- network model
- similarity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/22—Matching criteria, e.g. proximity measures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/241—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- Software Systems (AREA)
- Evolutionary Computation (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Biology (AREA)
- Bioinformatics & Computational Biology (AREA)
- Computer Security & Cryptography (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Biomedical Technology (AREA)
- Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Biophysics (AREA)
- Computational Linguistics (AREA)
- General Health & Medical Sciences (AREA)
- Molecular Biology (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Complex Calculations (AREA)
Abstract
Description
Claims (7)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110598321.6A CN113297571B (zh) | 2021-05-31 | 2021-05-31 | 面向图神经网络模型后门攻击的检测方法和装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110598321.6A CN113297571B (zh) | 2021-05-31 | 2021-05-31 | 面向图神经网络模型后门攻击的检测方法和装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113297571A true CN113297571A (zh) | 2021-08-24 |
CN113297571B CN113297571B (zh) | 2022-06-07 |
Family
ID=77326155
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110598321.6A Active CN113297571B (zh) | 2021-05-31 | 2021-05-31 | 面向图神经网络模型后门攻击的检测方法和装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113297571B (zh) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113868671A (zh) * | 2021-12-01 | 2021-12-31 | 支付宝(杭州)信息技术有限公司 | 数据处理方法、神经网络模型的后门防御方法及装置 |
CN114299365A (zh) * | 2022-03-04 | 2022-04-08 | 上海观安信息技术股份有限公司 | 图像模型隐蔽后门的检测方法及系统、存储介质、终端 |
CN114338147A (zh) * | 2021-12-28 | 2022-04-12 | 中国银联股份有限公司 | 一种口令爆破攻击的检测方法及装置 |
CN114742129A (zh) * | 2022-03-15 | 2022-07-12 | 尚蝉(浙江)科技有限公司 | 基于模体的图网络的后门攻击防御方法、系统、终端和存储介质 |
CN114897161A (zh) * | 2022-05-17 | 2022-08-12 | 中国信息通信研究院 | 一种基于掩码的图分类后门攻击防御方法、系统、电子设备及存储介质 |
CN115186816A (zh) * | 2022-09-08 | 2022-10-14 | 南京逸智网络空间技术创新研究院有限公司 | 一种基于决策捷径搜索的后门检测方法 |
CN115659171A (zh) * | 2022-09-26 | 2023-01-31 | 中国工程物理研究院计算机应用研究所 | 一种基于多元特征交互的模型后门检测方法、装置及存储介质 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160012228A1 (en) * | 2013-03-08 | 2016-01-14 | The Trustees Of Columbia University In The City Of New York | Identification of backdoors and backdoor triggers |
CN110909868A (zh) * | 2019-12-04 | 2020-03-24 | 支付宝(杭州)信息技术有限公司 | 基于图神经网络模型的节点表示方法和装置 |
CN112100369A (zh) * | 2020-07-29 | 2020-12-18 | 浙江大学 | 结合语义的网络故障关联规则生成方法和网络故障检测方法 |
CN112150338A (zh) * | 2020-09-21 | 2020-12-29 | 清华大学 | 一种神经网络模型图像水印的去除方法 |
US20200410098A1 (en) * | 2019-06-26 | 2020-12-31 | Hrl Laboratories, Llc | System and method for detecting backdoor attacks in convolutional neural networks |
-
2021
- 2021-05-31 CN CN202110598321.6A patent/CN113297571B/zh active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160012228A1 (en) * | 2013-03-08 | 2016-01-14 | The Trustees Of Columbia University In The City Of New York | Identification of backdoors and backdoor triggers |
US20200410098A1 (en) * | 2019-06-26 | 2020-12-31 | Hrl Laboratories, Llc | System and method for detecting backdoor attacks in convolutional neural networks |
CN110909868A (zh) * | 2019-12-04 | 2020-03-24 | 支付宝(杭州)信息技术有限公司 | 基于图神经网络模型的节点表示方法和装置 |
CN112100369A (zh) * | 2020-07-29 | 2020-12-18 | 浙江大学 | 结合语义的网络故障关联规则生成方法和网络故障检测方法 |
CN112150338A (zh) * | 2020-09-21 | 2020-12-29 | 清华大学 | 一种神经网络模型图像水印的去除方法 |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113868671A (zh) * | 2021-12-01 | 2021-12-31 | 支付宝(杭州)信息技术有限公司 | 数据处理方法、神经网络模型的后门防御方法及装置 |
CN114338147A (zh) * | 2021-12-28 | 2022-04-12 | 中国银联股份有限公司 | 一种口令爆破攻击的检测方法及装置 |
CN114338147B (zh) * | 2021-12-28 | 2023-08-11 | 中国银联股份有限公司 | 一种口令爆破攻击的检测方法及装置 |
CN114299365A (zh) * | 2022-03-04 | 2022-04-08 | 上海观安信息技术股份有限公司 | 图像模型隐蔽后门的检测方法及系统、存储介质、终端 |
CN114299365B (zh) * | 2022-03-04 | 2022-07-05 | 上海观安信息技术股份有限公司 | 图像模型隐蔽后门的检测方法及系统、存储介质、终端 |
CN114742129A (zh) * | 2022-03-15 | 2022-07-12 | 尚蝉(浙江)科技有限公司 | 基于模体的图网络的后门攻击防御方法、系统、终端和存储介质 |
CN114897161A (zh) * | 2022-05-17 | 2022-08-12 | 中国信息通信研究院 | 一种基于掩码的图分类后门攻击防御方法、系统、电子设备及存储介质 |
CN114897161B (zh) * | 2022-05-17 | 2023-02-07 | 中国信息通信研究院 | 一种基于掩码的图分类后门攻击防御方法、系统、电子设备及存储介质 |
CN115186816A (zh) * | 2022-09-08 | 2022-10-14 | 南京逸智网络空间技术创新研究院有限公司 | 一种基于决策捷径搜索的后门检测方法 |
CN115659171A (zh) * | 2022-09-26 | 2023-01-31 | 中国工程物理研究院计算机应用研究所 | 一种基于多元特征交互的模型后门检测方法、装置及存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN113297571B (zh) | 2022-06-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113297571A (zh) | 面向图神经网络模型后门攻击的检测方法和装置 | |
JP7183385B2 (ja) | ノード分類方法、モデル訓練方法並びに、その装置、機器及びコンピュータプログラム | |
Moon et al. | Parsimonious black-box adversarial attacks via efficient combinatorial optimization | |
US10785241B2 (en) | URL attack detection method and apparatus, and electronic device | |
WO2019109743A1 (zh) | Url攻击检测方法、装置以及电子设备 | |
US20190034830A1 (en) | Methods and systems for evaluating training objects by a machine learning algorithm | |
US20210182613A1 (en) | Image aesthetic processing method and electronic device | |
JP2022141931A (ja) | 生体検出モデルのトレーニング方法及び装置、生体検出の方法及び装置、電子機器、記憶媒体、並びにコンピュータプログラム | |
CN104869126B (zh) | 一种网络入侵异常检测方法 | |
CN113297572A (zh) | 基于神经元激活模式的深度学习样本级对抗攻击防御方法及其装置 | |
CN110827330B (zh) | 一种时序集成的多光谱遥感图像变化检测方法及系统 | |
WO2021095176A1 (ja) | 学習装置、学習方法、及び、記録媒体 | |
CN115017511B (zh) | 一种源代码漏洞检测方法、装置以及存储介质 | |
US12205349B2 (en) | System and method for improving robustness of pretrained systems in deep neural networks utilizing randomization and sample rejection | |
CN116743493A (zh) | 网络入侵检测模型构建方法及网络入侵检测方法 | |
CN114821237A (zh) | 一种基于多级对比学习的无监督船舶再识别方法及系统 | |
WO2024027068A1 (zh) | 评估目标检测模型鲁棒性的攻击方法和装置 | |
WO2020057283A1 (zh) | 无监督模型评估方法、装置、服务器及可读存储介质 | |
CN114003900A (zh) | 变电站二次系统网络入侵检测方法、装置及系统 | |
CN114494771A (zh) | 一种可防御后门攻击的联邦学习图像分类方法 | |
CN112613032B (zh) | 基于系统调用序列的主机入侵检测方法及装置 | |
CN119484065A (zh) | 基于深度神经网络的网络安全态势感知方法 | |
CN110457155A (zh) | 一种样本类别标签的修正方法、装置及电子设备 | |
CN111783088B (zh) | 一种恶意代码家族聚类方法、装置和计算机设备 | |
CN114091019B (zh) | 数据集构建、恶意软件识别、识别模型构建方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
OL01 | Intention to license declared | ||
OL01 | Intention to license declared | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20210824 Assignee: Shandong Yimeng Tools Co.,Ltd. Assignor: JIANG University OF TECHNOLOGY Contract record no.: X2024980037113 Denomination of invention: Detection method and device for backdoor attacks in graph neural network models Granted publication date: 20220607 License type: Open License Record date: 20241220 Application publication date: 20210824 Assignee: SHANDONG YINGUANG YUYUAN LIGHT METAL PRECISION MOLDING Co.,Ltd. Assignor: JIANG University OF TECHNOLOGY Contract record no.: X2024980037112 Denomination of invention: Detection method and device for backdoor attacks in graph neural network models Granted publication date: 20220607 License type: Open License Record date: 20241220 Application publication date: 20210824 Assignee: Tancheng hongbaoyuan Machinery Co.,Ltd. Assignor: JIANG University OF TECHNOLOGY Contract record no.: X2024980037111 Denomination of invention: Detection method and device for backdoor attacks in graph neural network models Granted publication date: 20220607 License type: Open License Record date: 20241220 Application publication date: 20210824 Assignee: Linyi CITIC Information Technology Co.,Ltd. Assignor: JIANG University OF TECHNOLOGY Contract record no.: X2024980035587 Denomination of invention: Detection method and device for backdoor attacks in graph neural network models Granted publication date: 20220607 License type: Open License Record date: 20241218 Application publication date: 20210824 Assignee: Shandong Qianchen Network Technology Co.,Ltd. Assignor: JIANG University OF TECHNOLOGY Contract record no.: X2024980035573 Denomination of invention: Detection method and device for backdoor attacks in graph neural network models Granted publication date: 20220607 License type: Open License Record date: 20241218 Application publication date: 20210824 Assignee: SHANDONG TIANYI ENVIRONMENTAL PROTECTION MEASUREMENT AND CONTROL CO.,LTD. Assignor: JIANG University OF TECHNOLOGY Contract record no.: X2024980037115 Denomination of invention: Detection method and device for backdoor attacks in graph neural network models Granted publication date: 20220607 License type: Open License Record date: 20241220 Application publication date: 20210824 Assignee: Pingyi Fuhua gypsum products Co.,Ltd. Assignor: JIANG University OF TECHNOLOGY Contract record no.: X2024980037114 Denomination of invention: Detection method and device for backdoor attacks in graph neural network models Granted publication date: 20220607 License type: Open License Record date: 20241220 |
|
EE01 | Entry into force of recordation of patent licensing contract | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20210824 Assignee: Linyi ainengzhe energy saving equipment Co.,Ltd. Assignor: JIANG University OF TECHNOLOGY Contract record no.: X2024980038362 Denomination of invention: Detection method and device for backdoor attacks in graph neural network models Granted publication date: 20220607 License type: Open License Record date: 20241225 |
|
EE01 | Entry into force of recordation of patent licensing contract | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20210824 Assignee: Zhejiang Sende Electric Motor Co.,Ltd. Assignor: JIANG University OF TECHNOLOGY Contract record no.: X2025980008120 Denomination of invention: Detection method and device for backdoor attacks in graph neural network models Granted publication date: 20220607 License type: Open License Record date: 20250506 |
|
EE01 | Entry into force of recordation of patent licensing contract |