WO2020195826A1 - 評価装置、評価方法、および、評価プログラム - Google Patents
評価装置、評価方法、および、評価プログラム Download PDFInfo
- Publication number
- WO2020195826A1 WO2020195826A1 PCT/JP2020/010520 JP2020010520W WO2020195826A1 WO 2020195826 A1 WO2020195826 A1 WO 2020195826A1 JP 2020010520 W JP2020010520 W JP 2020010520W WO 2020195826 A1 WO2020195826 A1 WO 2020195826A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- evaluation
- classifier
- learning
- input
- resistance
- Prior art date
Links
- 238000011156 evaluation Methods 0.000 title claims abstract description 86
- 238000000034 method Methods 0.000 claims description 16
- 238000002372 labelling Methods 0.000 claims description 11
- 238000012549 training Methods 0.000 claims description 2
- 238000004891 communication Methods 0.000 description 23
- 230000005856 abnormality Effects 0.000 description 13
- 238000001514 detection method Methods 0.000 description 13
- 238000010586 diagram Methods 0.000 description 7
- 230000007123 defense Effects 0.000 description 6
- 230000002159 abnormal effect Effects 0.000 description 5
- 230000010365 information processing Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000013135 deep learning Methods 0.000 description 2
- 238000010801 machine learning Methods 0.000 description 2
- 238000013528 artificial neural network Methods 0.000 description 1
- 230000006866 deterioration Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
- G06N3/088—Non-supervised learning, e.g. competitive learning
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/045—Combinations of networks
- G06N3/0455—Auto-encoder networks; Encoder-decoder networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/047—Probabilistic or stochastic networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
- G06N3/094—Adversarial learning
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Definitions
- the present invention relates to an evaluation device, an evaluation method, and an evaluation program.
- VAE Very Auto Encoder, variational autoencoder
- Adversarial Attack is an attack method that intentionally creates vulnerabilities in machine learning to cause deterioration in learning quality and misclassification in classification problems.
- supervised classification problems by deep learning a method of misidentifying data using an Adversarial Example with a minute noise that cannot be recognized by humans has become a threat, and research is underway.
- Adversarial Attack using Adversarial Example is also a big threat to VAE, which is unsupervised learning.
- VAE compresses the input data into latent variables and reconstructs the input data from the latent variables.
- noise is added to the input data to this VAE by Adversarial Attack, the reconstruction destination is operated.
- an abnormality detection system using VAE may determine communication data that is originally abnormal as normal communication data. Therefore, it is an important issue to evaluate how the existing VAE application has resistance to Adversarial Attack.
- Tolerance evaluation against VAE is performed, for example, by training a classifier to classify the intermediate output (latent variable) of VAE based on the label of the input data to VAE, and performing an Adversarial Attack on the learned classifier. Will be done.
- an object of the present invention is to solve the above-mentioned problems so that the resistance evaluation of Adversarial Attack can be performed even in the case of VAE using unlabeled data as input data.
- the present invention clusters the input unit that accepts the input of the latent variable of the variable autoencoder and the input latent variable by a predetermined clustering method, and each cluster belongs to the latent variable.
- Adversarial Attack on the labeling unit that assigns the label of the cluster to the variable the learning unit that learns the classifier using the latent variable with the label as teacher data, and the classifier after learning. It is characterized by including an evaluation unit for performing resistance evaluation and an output unit for outputting the result of resistance evaluation of the Adversarial Attack.
- FIG. 1 is a diagram illustrating an outline of VAE.
- FIG. 2 is a diagram illustrating an outline of operation of the evaluation device.
- FIG. 3 is a diagram showing a configuration example of the evaluation device.
- FIG. 4 is a diagram showing an example of resistance evaluation of Adversarial Attack using the defense success rate.
- FIG. 5 is a diagram showing an example of a processing procedure of the evaluation device.
- FIG. 6 is a diagram illustrating an example of a communication abnormality detection system using VAE.
- FIG. 7 is a diagram showing an example of a computer that executes an evaluation program.
- VAE uses a neural network called an encoder to drop input data into low-dimensional latent variables, and then learns to reconstruct the input data with a decoder.
- the latent variables of VAE store the information necessary to reconstruct the input data. That is, latent variables represent the essential characteristics of the input data.
- the VAE after learning receives the input of the data group shown by reference numeral 201 in FIG. 2, the data group is reconstructed and the data group shown by reference numeral 202 is output.
- the VAE may not be able to reconstruct the data group of reference numeral 201 (see reference numeral 203).
- the evaluation device clusters the latent variables learned by VAE and assigns labels (S1). In other words, if the input data is essentially similar, the latent variables will be the same, so the evaluation device will generate clusters among the latent variables learned by VAE that have similar characteristics. Then, the evaluation device assigns a label (for example, label 1, label 2, label 3, etc.) to the latent variable belonging to the generated cluster for each generated cluster.
- a label for example, label 1, label 2, label 3, etc.
- the evaluation device learns the classifier so as to accurately classify the labels given to the latent variables in S1 (S2). Then, the evaluation device applies the existing attack method to the classifier learned in S2 and evaluates the resistance (S3).
- the evaluation device applies the Adversarial Attack to the classifier learned in S2 to evaluate the resistance. Then, the evaluation device outputs the result of the resistance evaluation for the classifier as the resistance evaluation of the Adversarial Attack of VAE. That is, since the classifier learned in S2 classifies the data based on the features (latent variables) learned by VAE, it is not possible to apply an attack to the classifier so that the classifier cannot accurately classify the data. , It can be considered that the VAE itself was indirectly attacked. Therefore, the result of the resistance evaluation of Adversarial Attack to the classifier learned in S2 can be considered as the result of the resistance evaluation of Adversarial Attack to VAE.
- the evaluation device 10 includes, for example, as shown in FIG. 3, an input / output unit (input unit and output unit) 11, a control unit 12, and a storage unit 13.
- the input / output unit 11 controls the input / output of various data.
- the input / output unit 11 accepts the input of the latent variable of the VAE to be evaluated, and outputs the result of the resistance evaluation of the Adversarial Attack to the VAE.
- the control unit 12 controls the entire evaluation device 10.
- the storage unit 13 stores various information referred to when the control unit 12 executes the process and the processing result by the control unit 12.
- the control unit 12 includes, for example, a labeling unit 121, a classification unit 122, a learning unit 123, and an evaluation unit 124.
- the labeling unit 121 clusters the latent variables of VAE by a predetermined clustering method, and assigns a label (pseudo-label) indicating the cluster to the latent variables belonging to the cluster for each cluster.
- the labeling unit 121 receives the input of the latent variable of VAE via the input / output unit 11, the latent variable is clustered by X-means or the like. Then, the labeling unit 121 assigns the cluster number as a label (pseudo-label) to the latent variable belonging to the cluster for each cluster. Then, the labeling unit 121 stores the labeled latent variable (labeled latent variable 131) in the storage unit 13.
- the classification unit 122 is provided with a predetermined classifier and classifies data by the classifier.
- the learning of the classifier is performed by the learning unit 123.
- the classifier (classifier 122) will be described as being installed inside the evaluation device 10, it may be installed outside the evaluation device 10.
- the learning unit 123 learns the classifier using the labeled latent variable as teacher data. For example, the learning unit 123 uses the labeled latent variable 131 stored in the storage unit 13 to learn the classifier so as to accurately classify the latent variable according to the label.
- the evaluation unit 124 evaluates the resistance of the Adversarial Attack to the classifier after learning by the learning unit 123.
- the result of the resistance evaluation is output to an external device via, for example, the input / output unit 11.
- the evaluation index in the resistance evaluation of Adversarial Attack here, for example, the defense success rate against Adversarial Attack is used.
- the defense success rate uses, for example, the probability that the classifier classifies the noisy data into the same label as the original data.
- the evaluation unit 124 measures the defense success rate of the classifier after learning when the strength of the noise that generates the Adversarial Example is changed, thereby evaluating the resistance of the Adversarial Attack to the classifier after learning. Do.
- ⁇ in the above equation (1) is a parameter representing the strength of noise.
- FIG. 4 shows an example of resistance evaluation of Adversarial Attack against VAE.
- FIG. 4 shows the defense success rate when ⁇ is increased from 0 to 0.1. The larger the area of the hatched portion of the graph shown on the left of FIG. 4, the higher the resistance to attack (that is, robust) VAE can be evaluated.
- the labeling unit 121 of the evaluation device 10 receives the input of the latent variable of the VAE to be evaluated via the input / output unit 11, the input latent variable of the VAE is clustered and a label is given (S11).
- the learning unit 123 learns the classifier so as to accurately classify the labels given to the latent variables in S1 (S12).
- the evaluation unit 124 evaluates the resistance of the classifier after learning to Adversarial Attack (S13). After that, the evaluation unit 124 outputs the result of the resistance evaluation via the input / output unit 11.
- the evaluation device 10 can evaluate the resistance of Adversarial Attack even if it is a VAE that uses unlabeled data as input data.
- the VAE that the evaluation device 10 targets for resistance evaluation has been described as being outside the evaluation device 10, but it may be installed inside the evaluation device 10.
- the anomaly detection system learns the characteristics of normal communication (normal communication between the Internet and the system to be protected from attacks) by VAE. After that, the abnormality detection system monitors the communication between the Internet and the system to be protected from attacks, and detects the communication of the characteristics different from the learned characteristics as an abnormality.
- the characteristics of the communication are, for example, the destination address, the source address, the protocol, the port number, the http parameter, the packet length, the number of packets, and the like of the communication.
- the evaluation device 10 assigns a label to the latent variable of VAE after the above learning and learns the classifier in order to evaluate the resistance of the abnormality detection system.
- the anomaly detection system VAE compresses various communication data including both normal communication and abnormal communication into latent variables.
- the evaluation device 10 clusters the above latent variables by using a clustering method such as X-means, and assigns a label of the cluster to the latent variables belonging to the cluster for each cluster. After that, the evaluation device 10 learns the classifier so as to accurately classify the data based on the given label.
- the evaluation device 10 applies the Adversarial Attack to the classifier after learning.
- the evaluation device 10 prepares abnormal communication data to be detected by the abnormality detection system and normal communication data used for camouflage by the abnormal communication data, and assigns a label to each communication data.
- the evaluation device 10 indirectly applies the Adversarial Attack to the VAE of the abnormality detection system by adding noise such that the classifier after learning misclassifies the abnormal communication data to the same label as the normal communication data.
- the evaluation device 10 puts noise on the communication data input to the abnormality detection system so as to falsify only a part of the communication data that is not related to the malware function.
- the evaluation device 10 puts noise of various intensities on the communication data based on the above-mentioned index of resistance evaluation against Adversarial Attack, and evaluates whether or not the abnormality detection system can detect the abnormality. As a result, the evaluation device 10 can evaluate the resistance of the abnormality detection system to Adversarial Attack.
- the information processing device can function as the evaluation device 10 by causing the information processing device to execute the above program provided as package software or online software.
- the information processing device referred to here includes a desktop type or notebook type personal computer, a rack-mounted server computer, and the like.
- the information processing device includes smartphones, mobile phones, mobile communication terminals such as PHS (Personal Handyphone System), and PDA (Personal Digital Assistants).
- the evaluation device 10 may be mounted on the cloud server.
- the computer 1000 has, for example, a memory 1010, a CPU 1020, a hard disk drive interface 1030, a disk drive interface 1040, a serial port interface 1050, a video adapter 1060, and a network interface 1070. Each of these parts is connected by a bus 1080.
- the memory 1010 includes a ROM (Read Only Memory) 1011 and a RAM (Random Access Memory) 1012.
- the ROM 1011 stores, for example, a boot program such as a BIOS (Basic Input Output System).
- BIOS Basic Input Output System
- the hard disk drive interface 1030 is connected to the hard disk drive 1090.
- the disk drive interface 1040 is connected to the disk drive 1100.
- a removable storage medium such as a magnetic disk or an optical disk is inserted into the disk drive 1100.
- a mouse 1110 and a keyboard 1120 are connected to the serial port interface 1050.
- a display 1130 is connected to the video adapter 1060, for example.
- the hard disk drive 1090 stores, for example, OS1091, application program 1092, program module 1093, and program data 1094.
- the various data and information described in the above-described embodiment are stored in, for example, the hard disk drive 1090 or the memory 1010.
- the CPU 1020 reads the program module 1093 and the program data 1094 stored in the hard disk drive 1090 into the RAM 1012 as needed, and executes each of the above-described procedures.
- the program module 1093 and program data 1094 related to the above evaluation program are not limited to the case where they are stored in the hard disk drive 1090, for example, are stored in a removable storage medium and are stored by the CPU 1020 via the disk drive 1100 or the like. It may be read out.
- the program module 1093 and program data 1094 related to the above program are stored in another computer connected via a network such as LAN or WAN (Wide Area Network), and read by the CPU 1020 via the network interface 1070. May be done.
- Evaluation device 10 Evaluation device 11 Input / output unit 12 Control unit 13 Storage unit 121 Labeling unit 122 Classification unit 123 Learning unit 124 Evaluation unit
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Artificial Intelligence (AREA)
- Mathematical Physics (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Biophysics (AREA)
- General Health & Medical Sciences (AREA)
- Computational Linguistics (AREA)
- Biomedical Technology (AREA)
- Life Sciences & Earth Sciences (AREA)
- Health & Medical Sciences (AREA)
- Molecular Biology (AREA)
- Computer Security & Cryptography (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Medical Informatics (AREA)
- Computer Hardware Design (AREA)
- Probability & Statistics with Applications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Computer And Data Communications (AREA)
Abstract
Description
11 入出力部
12 制御部
13 記憶部
121 ラベル付与部
122 分類部
123 学習部
124 評価部
Claims (5)
- 変分オートエンコーダの潜在変数の入力を受け付ける入力部と、
入力された前記潜在変数を所定のクラスタリング手法によりクラスタリングし、クラスタごとに当該クラスタに属する潜在変数に前記クラスタのラベルを付与するラベル付与部と、
前記ラベルが付与された潜在変数を教師データとして用いて分類器の学習を行う学習部と、
学習後の前記分類器に対し、Adversarial Attackの耐性評価を行う評価部と、
前記Adversarial Attackの耐性評価の結果を出力する出力部と、
を備えることを特徴とする評価装置。 - 前記所定のクラスタリング手法は、
X-meansであることを特徴とする請求項1に記載の評価装置。 - 前記評価部は、
学習後の前記分類器に入力されるデータに加えるノイズの強さごとに、前記分類器が、前記ノイズの付加後のデータを前記ノイズの付加前のデータに付与されたラベルと同じラベルに分類する確率を測定することにより、前記学習後の分類器に対するAdversarial Attackの耐性評価を行う
ことを特徴とする請求項1に記載の評価装置。 - 評価装置により実行される評価方法であって、
変分オートエンコーダの潜在変数の入力を受け付けるステップと、
前記入力された潜在変数を所定のクラスタリング手法によりクラスタリングし、クラスタごとに当該クラスタに属する潜在変数に前記クラスタのラベルを付与するラベル付与ステップと、
前記ラベルが付与された潜在変数を教師データとして用いて分類器の学習を行う学習ステップと、
学習後の前記分類器に対し、Adversarial Attackの耐性評価を行う評価ステップと、
前記Adversarial Attackの耐性評価の結果を出力する出力ステップと、
を含むことを特徴とする評価方法。 - 変分オートエンコーダの潜在変数の入力を受け付ける入力ステップと、
入力された前記潜在変数を所定のクラスタリング手法によりクラスタリングし、クラスタごとに当該クラスタに属する潜在変数に前記クラスタのラベルを付与するラベル付与ステップと、
前記ラベルが付与された潜在変数を教師データとして用いて分類器の学習を行う学習ステップと、
学習後の前記分類器に対し、Adversarial Attackの耐性評価を行う評価ステップと、
前記Adversarial Attackの耐性評価の結果を出力する出力ステップと、
をコンピュータに実行させることを特徴とする評価プログラム。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP20779293.8A EP3929818A4 (en) | 2019-03-26 | 2020-03-11 | EVALUATION SYSTEM, EVALUATION PROCESS AND EVALUATION PROGRAM |
US17/441,701 US11977627B2 (en) | 2019-03-26 | 2020-03-11 | Evaluation device, evaluation method, and evaluation program |
CN202080018178.2A CN113544704A (zh) | 2019-03-26 | 2020-03-11 | 评价装置、评价方法以及评价程序 |
AU2020246084A AU2020246084B2 (en) | 2019-03-26 | 2020-03-11 | Evaluation device, evaluation method, and evaluation program |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2019058884A JP7183904B2 (ja) | 2019-03-26 | 2019-03-26 | 評価装置、評価方法、および、評価プログラム |
JP2019-058884 | 2019-03-26 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020195826A1 true WO2020195826A1 (ja) | 2020-10-01 |
Family
ID=72611427
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2020/010520 WO2020195826A1 (ja) | 2019-03-26 | 2020-03-11 | 評価装置、評価方法、および、評価プログラム |
Country Status (6)
Country | Link |
---|---|
US (1) | US11977627B2 (ja) |
EP (1) | EP3929818A4 (ja) |
JP (1) | JP7183904B2 (ja) |
CN (1) | CN113544704A (ja) |
AU (1) | AU2020246084B2 (ja) |
WO (1) | WO2020195826A1 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP4120136A1 (en) | 2021-07-14 | 2023-01-18 | Volkswagen Aktiengesellschaft | Method for automatically executing a vehicle function, method for training a machine learning defense model and defense unit for a vehicle |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11893111B2 (en) * | 2019-11-26 | 2024-02-06 | Harman International Industries, Incorporated | Defending machine learning systems from adversarial attacks |
JP7513918B2 (ja) | 2020-11-10 | 2024-07-10 | 日本電信電話株式会社 | 学習装置、学習方法およびプログラム |
CN112463999A (zh) * | 2020-12-10 | 2021-03-09 | 中国科学院深圳先进技术研究院 | 视觉位置识别方法及装置、计算机设备及可读存储介质 |
EP4057193A1 (en) * | 2021-03-10 | 2022-09-14 | Tata Consultancy Services Limited | Method and system for identifying mislabeled data samples using adversarial attacks |
JP2023008415A (ja) | 2021-07-06 | 2023-01-19 | 富士通株式会社 | 評価プログラム、評価方法および情報処理装置 |
CN114301719B (zh) * | 2022-03-10 | 2022-05-13 | 中国人民解放军国防科技大学 | 一种基于变分自编码器的恶意更新检测方法及系统 |
JP7311820B1 (ja) | 2022-11-30 | 2023-07-20 | ダイトロン株式会社 | 異常判定方法、異常判定装置及びプログラム |
Family Cites Families (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2016524216A (ja) * | 2013-05-06 | 2016-08-12 | ノウムテック, エルエルシーKnowmtech, Llc | ユニバーサル機械学習ビルディングブロック |
EP2985716B1 (en) * | 2013-05-20 | 2020-08-12 | Nippon Telegraph and Telephone Corporation | Information processing device and identifying method |
US10387784B2 (en) * | 2014-12-10 | 2019-08-20 | Kyndi, Inc. | Technical and semantic signal processing in large, unstructured data fields |
WO2016103651A1 (ja) * | 2014-12-22 | 2016-06-30 | 日本電気株式会社 | 情報処理システム、情報処理方法、及び、記録媒体 |
JP6258189B2 (ja) * | 2014-12-24 | 2018-01-10 | 日本電信電話株式会社 | 特定装置、特定方法および特定プログラム |
EP3385889A4 (en) * | 2015-12-01 | 2019-07-10 | Preferred Networks, Inc. | ANOMALY DETECTION SYSTEM, ANOMALY DETECTION METHOD, ANOMALY DETECTION PROGRAM, AND APPRIS MODEL GENERATION METHOD |
US11610148B2 (en) * | 2016-10-26 | 2023-03-21 | Sony Corporation | Information processing device and information processing method |
US10685293B1 (en) * | 2017-01-20 | 2020-06-16 | Cybraics, Inc. | Methods and systems for analyzing cybersecurity threats |
US10621586B2 (en) * | 2017-01-31 | 2020-04-14 | Paypal, Inc. | Fraud prediction based on partial usage data |
JP2018139071A (ja) * | 2017-02-24 | 2018-09-06 | 株式会社リコー | 生成モデル学習方法、生成モデル学習装置およびプログラム |
CN110506278B (zh) * | 2017-04-19 | 2023-11-10 | 西门子医疗有限公司 | 隐空间中的目标检测 |
JP6725452B2 (ja) * | 2017-05-26 | 2020-07-22 | 日本電信電話株式会社 | 分類装置、分類方法および分類プログラム |
US10990677B2 (en) * | 2017-06-05 | 2021-04-27 | Microsoft Technology Licensing, Llc | Adversarial quantum machine learning |
JP6691094B2 (ja) * | 2017-12-07 | 2020-04-28 | 日本電信電話株式会社 | 学習装置、検知システム、学習方法及び学習プログラム |
DE102017223751A1 (de) * | 2017-12-22 | 2019-06-27 | Robert Bosch Gmbh | Verfahren und Vorrichtung zur Erkennung von Anomalien in einem Datenstrom eines Kommunikationsnetzwerks |
CN108334497A (zh) * | 2018-02-06 | 2018-07-27 | 北京航空航天大学 | 自动生成文本的方法和装置 |
CN108389239A (zh) * | 2018-02-23 | 2018-08-10 | 深圳市唯特视科技有限公司 | 一种基于条件多模式网络的微笑脸部视频生成方法 |
CN108492118B (zh) * | 2018-04-03 | 2020-09-29 | 电子科技大学 | 汽车售后服务质量评价回访文本数据的两阶段抽取方法 |
CN108573227B (zh) * | 2018-04-09 | 2022-04-29 | 深圳竹信科技有限公司 | 心电图数据质量评价方法及装置 |
CN108776806A (zh) * | 2018-05-08 | 2018-11-09 | 河海大学 | 基于变分自编码器和密度峰值的混合属性数据聚类方法 |
CN108881196B (zh) * | 2018-06-07 | 2020-11-24 | 中国民航大学 | 基于深度生成模型的半监督入侵检测方法 |
JP7119631B2 (ja) | 2018-06-20 | 2022-08-17 | 日本電信電話株式会社 | 検知装置、検知方法および検知プログラム |
CN109214408A (zh) * | 2018-07-10 | 2019-01-15 | 武汉科技大学 | 基于生成对抗模型识别肝肿瘤的方法及装置 |
CN109063291B (zh) * | 2018-07-20 | 2021-07-13 | 西安交通大学 | 机电装备冷却通道结构智能化拓扑优化设计方法 |
CN109360191B (zh) * | 2018-09-25 | 2020-06-12 | 南京大学 | 一种基于变分自编码器的图像显著性检测方法 |
CN109447137B (zh) * | 2018-10-15 | 2022-06-14 | 聚时科技(上海)有限公司 | 一种基于分解因子的图像局部风格迁移方法 |
CN109507648A (zh) * | 2018-12-19 | 2019-03-22 | 西安电子科技大学 | 基于VAE-ResNet网络的雷达辐射源识别方法 |
-
2019
- 2019-03-26 JP JP2019058884A patent/JP7183904B2/ja active Active
-
2020
- 2020-03-11 WO PCT/JP2020/010520 patent/WO2020195826A1/ja unknown
- 2020-03-11 CN CN202080018178.2A patent/CN113544704A/zh active Pending
- 2020-03-11 US US17/441,701 patent/US11977627B2/en active Active
- 2020-03-11 EP EP20779293.8A patent/EP3929818A4/en active Pending
- 2020-03-11 AU AU2020246084A patent/AU2020246084B2/en active Active
Non-Patent Citations (7)
Title |
---|
ATTACK ON SUPERVISED LEARNING, 7 March 2019 (2019-03-07) |
ATTACK ON UNSUPERVISED LEARNING, 7 March 2019 (2019-03-07) |
KOS, JERNEJ ET AL., ADVERSARIAL EXAMPLES FOR GENERATIVE MODELS , ARXIV, 22 February 2017 (2017-02-22), pages 5 - 7, XP033379530, Retrieved from the Internet <URL:https://arxiv.org/pdf/1702.06832vl> [retrieved on 20200525] * |
LOSALKA, ARPAN: "Resisting Adversarial Attacks Using Gaussian Mixture Variational Autoencoders", TOWARDS DATA SCIENCE, 18 February 2019 (2019-02-18), XP55742953, Retrieved from the Internet <URL:https://towardsdatascience.com/resisting-adversarial-attacks-using-gaussian-mixture-variational-autoencoders-be98e69b5070> [retrieved on 20200525] * |
PELLEG, DAN ET AL.: "X-means: Extending K-means with Efficient Estimation of the Number of Clusters", PROC. OF THE 17TH INTERNATIONAL CONFERENCE ON MACHINE LEARNING, 2000, pages 727 - 734, XP55742951 * |
See also references of EP3929818A4 |
VARIATIONAL AUTO ENCODER (VAE, 7 March 2019 (2019-03-07), Retrieved from the Internet <URL:URL:https://:arxiv.org/abs/1312.6114> |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP4120136A1 (en) | 2021-07-14 | 2023-01-18 | Volkswagen Aktiengesellschaft | Method for automatically executing a vehicle function, method for training a machine learning defense model and defense unit for a vehicle |
Also Published As
Publication number | Publication date |
---|---|
AU2020246084A1 (en) | 2021-10-14 |
JP2020160743A (ja) | 2020-10-01 |
EP3929818A4 (en) | 2022-11-30 |
AU2020246084B2 (en) | 2023-02-23 |
US11977627B2 (en) | 2024-05-07 |
CN113544704A (zh) | 2021-10-22 |
JP7183904B2 (ja) | 2022-12-06 |
EP3929818A1 (en) | 2021-12-29 |
US20220147620A1 (en) | 2022-05-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2020195826A1 (ja) | 評価装置、評価方法、および、評価プログラム | |
US20230336584A1 (en) | System and method for analyzing binary code for malware classification using artificial neural network techniques | |
AU2016264813B2 (en) | Cascading classifiers for computer security applications | |
Chapaneri et al. | A comprehensive survey of machine learning-based network intrusion detection | |
JP2023537826A (ja) | ディープ・ラーニングによるネットワーク侵入検知 | |
US20220053010A1 (en) | System and method for determining a communication anomaly in at least one network | |
Grill et al. | Learning combination of anomaly detectors for security domain | |
CN110572413A (zh) | 一种基于Elman神经网络的低速率拒绝服务攻击检测方法 | |
Bodström et al. | State of the art literature review on network anomaly detection with deep learning | |
Aladag et al. | Preventing data poisoning attacks by using generative models | |
Mohammadpour et al. | A mean convolutional layer for intrusion detection system | |
Omar | Machine learning for cybersecurity: Innovative deep learning solutions | |
Zomlot et al. | Aiding intrusion analysis using machine learning | |
Almomani | Darknet traffic analysis, and classification system based on modified stacking ensemble learning algorithms | |
Rajasekaran et al. | Malicious attacks detection using GRU-BWFA classifier in pervasive computing | |
Sezgin et al. | Enhancing intrusion detection in industrial internet of things through automated preprocessing | |
WO2023219647A2 (en) | Nlp based identification of cyberattack classifications | |
Islam et al. | Real-time detection schemes for memory DoS (M-DoS) attacks on cloud computing applications | |
Udayakumar et al. | Machine Learning Based Intrusion Detection System | |
Alshudukhi et al. | A feature selection method based on auto-encoder for internet of things intrusion detection | |
Meda et al. | Artificial intelligence based malicious traffic detection | |
Padhiar et al. | Performance evaluation of botnet detection using machine learning techniques | |
US11997137B2 (en) | Webpage phishing detection using deep reinforcement learning | |
Youm et al. | An authorized access attack detection method for realtime intrusion detection system | |
Paulikas et al. | Survey of Cloud Traffic Anomaly Detection Algorithms |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20779293 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2020779293 Country of ref document: EP Effective date: 20210921 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 2020246084 Country of ref document: AU Date of ref document: 20200311 Kind code of ref document: A |