Patent · US Active

Protecting a machine learning model

US11036857B2 · kind B2 · utility

7Cited by

3References

20Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Ngoc Minh Tran · Dublin, IE
Mathieu Sinn · Dublin, IE
Ambrish Rawat · Dublin, IE
Maria Irina Nicolae · Dublin, IE
Martin Wistuba · Dublin, IE

Key dates

Filing date	Nov 15, 2018
Grant date	Jun 15, 2021
Priority date	—
Expiry date	Aug 30, 2039

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/1441
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method for protecting a machine learning model includes: generating a first adversarial example by modifying an original input using an attack tactic, wherein the model accurately classifies the original input but does not accurately classify at least the first adversarial example; training a defender to protect the model from the first adversarial example by updating a strategy of the defender based on predictive results from classifying the first adversarial example; updating the attack tactic based on the predictive results from classifying the first adversarial example; generating a second adversarial example by modifying the original input using the updated attack tactic, wherein the trained defender does not protect the model from the second adversarial example; and training the defender to protect the model from the second adversarial example by updating the at least one strategy of the defender based on results obtained from classifying the second adversarial example.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.