17954539. DEFENSE AGAINST ADVERSARIAL EXAMPLE INPUT TO MACHINE LEARNING MODELS simplified abstract (Dell Products L.P.)
Contents
- 1 DEFENSE AGAINST ADVERSARIAL EXAMPLE INPUT TO MACHINE LEARNING MODELS
- 1.1 Organization Name
- 1.2 Inventor(s)
- 1.3 DEFENSE AGAINST ADVERSARIAL EXAMPLE INPUT TO MACHINE LEARNING MODELS - A simplified explanation of the abstract
- 1.4 Simplified Explanation
- 1.5 Potential Applications
- 1.6 Problems Solved
- 1.7 Benefits
- 1.8 Potential Commercial Applications
- 1.9 Possible Prior Art
- 1.10 Original Abstract Submitted
DEFENSE AGAINST ADVERSARIAL EXAMPLE INPUT TO MACHINE LEARNING MODELS
Organization Name
Inventor(s)
Kenneth Durazzo of Morgan Hill CA (US)
DEFENSE AGAINST ADVERSARIAL EXAMPLE INPUT TO MACHINE LEARNING MODELS - A simplified explanation of the abstract
This abstract first appeared for US patent application 17954539 titled 'DEFENSE AGAINST ADVERSARIAL EXAMPLE INPUT TO MACHINE LEARNING MODELS
Simplified Explanation
The apparatus described in the patent application is designed to train machine learning models using two different training datasets, identify candidate adversarial example inputs, determine true positive adversarial examples, and update the training datasets accordingly for re-training the models.
- The apparatus trains machine learning models using two training datasets: one with inputs associated with class labels and another with distilled representations of classes.
- It identifies candidate adversarial examples using the trained models and determines true positive adversarial examples through confidence-aware clustering.
- The correct class labels for true positive adversarial examples are updated in the first training dataset, and the distilled representations are updated in the second training dataset.
- The models are re-trained using the updated training datasets to improve their performance.
Potential Applications
This technology can be applied in various fields such as cybersecurity, fraud detection, and image recognition to enhance the accuracy and robustness of machine learning models.
Problems Solved
This technology addresses the challenge of identifying and correcting adversarial examples, which are inputs designed to mislead machine learning models, thereby improving the models' reliability and performance.
Benefits
The benefits of this technology include increased model accuracy, enhanced security against adversarial attacks, and improved generalization capabilities of machine learning models.
Potential Commercial Applications
One potential commercial application of this technology could be in the development of more secure and reliable machine learning systems for industries such as finance, healthcare, and autonomous vehicles.
Possible Prior Art
One possible prior art in this field is the research on adversarial machine learning and techniques for defending against adversarial attacks on machine learning models.
Unanswered Questions
How does this technology compare to existing methods for detecting and correcting adversarial examples in machine learning models?
This technology utilizes a combination of training datasets and clustering techniques to identify and correct adversarial examples. It would be interesting to compare its effectiveness and efficiency with other approaches in the field.
What are the potential limitations or challenges of implementing this technology in real-world applications?
While the technology shows promise in improving model robustness, there may be challenges in scaling it for large datasets or complex models. Understanding these limitations can help in refining the implementation for practical use.
Original Abstract Submitted
An apparatus comprises a processing device configured to train first and second machine learning models utilizing a first training dataset comprising inputs each associated with a class label of one of a set of classes and a second training dataset comprising distilled representations of the two or more classes, and to identify candidate adversarial example inputs utilizing the trained first and second machine learning models. The processing device is further configured to determine whether the candidate adversarial example inputs are true positive adversarial example inputs based on a confidence-aware clustering and to generate an updated first training dataset comprising corrected class labels for the true positive adversarial example inputs and an updated second training dataset comprising updated distilled representations determined utilizing the corrected class labels. The processing device is further configured to re-train the first and second machine learning models utilizing the updated first and second training datasets.
