Neural network robustness via binary activation
US-2021350236-A1 · Nov 11, 2021 · US
Artificial neural network
US2021192360A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2021192360-A1 |
| Application number | US-201816755045-A |
| Country | US |
| Kind code | A1 |
| Filing date | Oct 11, 2018 |
| Priority date | Oct 13, 2017 |
| Publication date | Jun 24, 2021 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
According to an example aspect of the present invention, there is provided an apparatus comprising a memory configured to store training data, at least one processor configured to provide a trusted execution environment, wherein the apparatus is configured to run, in the trusted execution environment, a training process configured to obtain parameters of a neural network, using the training data.
First claim
Opening claim text (preview).
1 - 28 . (canceled) 29 . An apparatus comprising: at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to store training data; provide a trusted execution environment; and run, in the trusted execution environment, a training process configured to obtain parameters of a neural network, using the training data. 30 . The apparatus according to claim 29 , wherein the apparatus is further configured to provide another execution environment, the trusted execution environment being provided with at least one hardware and/or software security feature not provided for the another execution environment. 31 . The apparatus according to claim 30 , wherein the memory is accessible to at least two execution environments. 32 . The apparatus according to claim 29 , further configured to decrypt the training data before using it in the training process. 33 . The apparatus according to claim 29 , further configured to obtain a measurement of a computer program of the training process, and to cause the measurement to be provided to a party outside of the apparatus. 34 . The apparatus according to claim 33 , wherein the measurement is further configured to obtain a hash of the computer program of the training process. 35 . The apparatus according to claim 29 , further configured to cause the parameters of the neural network to be exported from the apparatus. 36 . The apparatus according to claim 35 , further configured to cause randomly generated noise to be added to the parameters before exporting them from the apparatus. 37 . The apparatus according to claim 36 , further configured to run the neural network, once the parameters have been obtained, in the trusted execution environment. 38 . The apparatus according to claim 37 , further configured to cause randomly generated noise to be added to a result obtained from the neural network, before causing the response to be transmitted from the apparatus. 39 . The apparatus according to claim 37 , further configured to run the neural network in the trusted execution environment at most a preconfigured number of times. 40 . A method, comprising: storing training data in a memory; providing a trusted execution environment, and running, in the trusted execution environment, a training process configured to obtain parameters of a neural network, using the training data. 41 . The method according to claim 40 , further comprising providing the trusted execution environment and another execution environment, the trusted execution environment being provided with at least one hardware and/or software security feature not provided for the another execution environment. 42 . The method according to claim 40 , further comprising providing access to the memory to at least two execution environments. 43 . The method according to claim 40 , further comprising decrypting the training data before using it in the training process. 44 . The method according to claim 40 , further comprising obtaining a measurement of a computer program of the training process, and causing the measurement to be provided to a party outside of an apparatus where the method is performed. 45 . The method according to claim 44 , wherein the measurement comprises obtaining a hash of the computer program of the training process. 46 . The method according to claim 40 , further comprising causing the parameters of the neural network to be exported from an apparatus where the method is performed. 47 . The method according to claim 46 , further comprising causing randomly generated noise to be added to the parameters before exporting them from the apparatus. 48 . A non-transitory computer readable medium having stored thereon a set of computer readable instructions that, when executed by at least one processor, cause an apparatus to at least: store a computer program; obtain a measurement of the computer program; verify the measurement is consistent with a measurement value received from a device, and responsive to the measurement being consistent with the measurement value, provide training data to a trusted execution environment of the device, the computer program being configured to cause, in the trusted execution environment, a training process to obtain parameters of a neural network, using the training data; cause the parameters of the neural network to be exported from the apparatus; cause randomly generated noise to be added to the parameters before exporting them from the apparatus.
Assignees
Inventors
Classifications
Recurrent networks, e.g. Hopfield networks · CPC title
Combinations of networks · CPC title
Probabilistic or stochastic networks · CPC title
Generative networks · CPC title
Weakly supervised learning, e.g. semi-supervised or self-supervised learning · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2021192360A1 cover?
- According to an example aspect of the present invention, there is provided an apparatus comprising a memory configured to store training data, at least one processor configured to provide a trusted execution environment, wherein the apparatus is configured to run, in the trusted execution environment, a training process configured to obtain parameters of a neural network, using the training data.
- Who is the assignee on this patent?
- Nokia Technologies Oy
- What technology area does this patent fall under?
- Primary CPC classification G06N3/10. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Jun 24 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).