| CPC G06F 21/55 (2013.01) [G06N 3/04 (2013.01); G06N 3/063 (2013.01); G06N 20/10 (2019.01)] | 20 Claims |
|
1. A system comprising:
a memory to store instructions;
a processor to execute the instructions stored in the memory;
wherein the system is specially configured to defend against adversarial attacks on neural networks by performing the following operations:
executing instructions via the processor for adding a convolutional defense layer to a neural network containing orthogonal kernels;
generating the convolutional defense layer based on generating a set of learned kernels to increase diversity of network architecture, wherein generating the set of learned kernels includes feeding an output of the convolutional defense layer into the neural network, further wherein generating the convolutional defense layer includes:
selecting one or more orthogonal kernels,
duplicating the one or more selected orthogonal kernel in the convolutional defense layer N−1 times, wherein N−1 represents a total number of orthogonal kernels in the convolutional defense layer, and
arranging the one or more selected orthogonal kernels in a specified order;
training the neural network with the added convolutional defense layer based on the increased diversity of network architecture; and
defending against adverse attacks via constraining an effect of adversarial data generated by the adversarial attacks.
|