Patent · US Active

Detecting trojan neural networks

US11394742B2 · kind B2 · utility

0Cited by

1References

20Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Sijia Liu · Beijing, CN
Pin-Yu Chen · Yorktown Heights, US
Jinjun Xiong · Yorktown Heights, US
Gaoyuan Zhang · Medford, US
Meng Wang · Lubbock, US
Ren Wang · Perry Hall, US

Key dates

Filing date	Aug 17, 2020
Grant date	Jul 19, 2022
Priority date	—
Expiry date	Feb 27, 2041

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/145
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

One or more computer processors generate a plurality of adversarial perturbations associated with a model, wherein the plurality of adversarial perturbations comprises a universal perturbation and one or more per-sample perturbations. The one or more computer processors identify a plurality of neuron activations associated with the model and the plurality of generated adversarial perturbations. The one or more computer processors maximize the identified plurality of neuron activations. The one or more computer processors determine the model is a Trojan model by leveraging one or more similarities associated with the maximized neuron activations and the generated adversarial perturbations.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.