US 12,073,329 B2
Method for recognizing an adversarial disturbance in input data of a neural network
Nikhil Kapoor, Wolfsburg (DE); Peter Schlicht, Wolfsburg (DE); and John Serin Varghese, Braunschweig (DE)
Assigned to VOLKSWAGEN AKTIENGESELLSCHAFT, (DE)
Filed by VOLKSWAGEN AKTIENGESELLSCHAFT, Wolfsburg (DE)
Filed on Aug. 6, 2020, as Appl. No. 16/986,556.
Claims priority of application No. 10 2019 212 020.2 (DE), filed on Aug. 9, 2019.
Prior Publication US 2021/0042627 A1, Feb. 11, 2021
Int. Cl. G06N 3/088 (2023.01); G06N 3/045 (2023.01)
CPC G06N 3/088 (2013.01) [G06N 3/045 (2023.01)] 23 Claims
OG exemplary drawing
 
1. A backend server configured to train a conditional generative adversarial network for use with a neural network for use in automated or assisted transportation vehicle operation, the backend server comprising:
a computing device; and
a computer storage device including instructions for computing operations to be performed by the computing device,
wherein the computing device provides and trains the conditional generative adversarial network during a training phase,
wherein the conditional generative adversarial network includes a generator network and a discriminator network,
wherein during training of the conditional generative adversarial network during the training phase, the computing device trains the generator network to generate adversarial perturbations based on data captured by a transportation vehicle sensor used in automated or assisted transportation vehicle operation, and
wherein, during the training phase, the computing device produces a trained discriminator network by training the discriminator network to detect an adversarial perturbation in the data generated by the generator network and to output a detection result indicating whether the data generated by the generator network is adversarially perturbed,
whereby, during an application phase, output results inferred by the neural network based on the data input to the neural network are used to evaluate at least one of a confidence level for sensor data generated by the transportation vehicle sensor or a confidence level for the transportation vehicle sensor generating the sensor data for use in the automated or assisted transportation vehicle operation, wherein data are checked by the trained discriminator network before being input to the neural network such that, in response to the discriminator network detecting that the data to be input to the neural network are adversarially perturbed, the generated detection result indicates the data to be input is adversarially perturbed, the data to be input are flagged as adversarially perturbed and a corresponding confidence value lower than a confidence value for unperturbed data is assigned to the data to be input for use in subsequent further processing and is also assigned to output results inferred by the neural network based on the flagged data for use in the provision of an environment monitoring and/or an automated driving function for the transportation vehicle.