The official implementation of NeurIPS 2021 paper: Finding Optimal Tangent Points for Reducing Distortions of Hard-label Attacks

Related tags

Deep LearningTangentAttack
Overview

Introduction

This repository includes the source code for "Finding Optimal Tangent Points for Reducing Distortions of Hard-label Attacks", which is published in NeurIPS 2021.

Citation

We kindly ask anybody who uses this code to cite the following bibtex:

@inproceedings{
    ma2021finding,
    title={Finding Optimal Tangent Points for Reducing Distortions of Hard-label Attacks},
    author={Chen Ma and Xiangyu Guo and Li Chen and Jun-Hai Yong and Yisen Wang},
    booktitle={Thirty-Fifth Conference on Neural Information Processing Systems},
    year={2021},
    url={https://openreview.net/forum?id=g0wang64Zjd}
}

Structure of Folders and Files

+-- configures
|   |-- HSJA.json  # the hyperparameters setting of HSJA, which is also used in Tangent Attack
+-- dataset
|   |-- dataset_loader_maker.py  # it returns the data loader class that includes 1000 attacks images for the experiments.
|   |-- npz_dataset.py  # it is the dataset class that includes 1000 attacks images for the experiments.
+-- models
|   |-- defensive_model.py # the wrapper of defensive networks (e.g., AT, ComDefend, Feature Scatter), and it converts the input image's pixels to the range of 0 to 1 before feeding.
|   |-- standard_model.py # the wrapper of standard classification networks, and it converts the input image's pixels to the range of 0 to 1 before feeding.
+-- tangent_attack_hemisphere
|   |-- attack.py  # the main class for the attack.
|   |-- tangent_point_analytical_solution.py  # the class for computing the optimal tagent point of the hemisphere.
+-- tangent_attack_semiellipsoid
|   |-- attack.py  # the main class for the attack.
|   |-- tangent_point_analytical_solution.py  # the class for computing the optimal tagent point of the semi-ellipsoid.
+-- cifar_models   # this folder includes the target models of CIFAR-10, i.e., PyramidNet-272, GDAS, WRN-28, and WRN-40 networks.
|-- config.py   # the main configuration of Tangent Attack.
|-- logs  # all the output (logs and result stats files) are located inside this folder
|-- train_pytorch_model  # the pretrained weights of target models
|-- attacked_images  # the 1000 image data for evaluation

In general, the train_pytorch_model includes the pretrained models' weights, and attacked_images includes the image data, which is packaged into .npz format with pixel range of [0-1].

In the attack, all logs are dumped to logs folder, the statistical results are also written into logs folder, which are .json format.

Attack Command

The following command could run Tangent Attack (TA) and Generalized Tangent Attack (G-TA) on the CIFAR-10 dataset under the untargetd attack's setting:

python tangent_attack_hemisphere/attack.py --gpu 0 --norm l2 --dataset CIFAR-10 --arch resnet-50
python tangent_attack_hemisphere/attack.py --gpu 0 --norm l2 --dataset CIFAR-10 --arch gdas
python tangent_attack_semiellipsoid/attack.py --gpu 0 --norm l2 --dataset CIFAR-10 --arch resnet-50
python tangent_attack_semiellipsoid/attack.py --gpu 0 --norm l2 --dataset CIFAR-10 --arch gdas

Once the attack is running, it directly writes the log into a newly created logs folder. After attacking, the statistical result are also dumped into the same folder, which is named as *.json file.

Also, you can use the following bash shell to run the attack of different models one by one.

./tangent_attack_CIFAR_undefended_models.sh

The commmand of attacks of defense models are presented in tangent_attack_CIFAR_defense_models.sh.

  • The gpu device could be specified by the --gpu device_id argument.
  • the targeted attack can be specified by the --targeted argument. If you want to perform untargeted attack, just don't pass it.
  • the attack of defense models uses --attack_defense --defense_model adv_train/jpeg/com_defend/TRADES argument.

Requirement

Our code is tested on the following environment (probably also works on other environments without many changes):

  • Ubuntu 18.04
  • Python 3.7.3
  • CUDA 11.1
  • CUDNN 8.0.4
  • PyTorch 1.7.1
  • torchvision 0.8.2
  • numpy 1.18.0
  • pretrainedmodels 0.7.4
  • bidict 0.18.0
  • advertorch 0.1.5
  • glog 0.3.1

You can just type pip install -r requirements.txt to install packages.

Download Files of Running Results and Logs

I have uploaded all the logs and results with the compressed zip file format onto this google drive link so that you can download them.

Owner
machen
machen
GitHub Repository
Semantically Contrastive Learning for Low-light Image Enhancement

Semantically Contrastive Learning for Low-light Image Enhancement Here, we propose an effective semantically contrastive learning paradigm for Low-lig

48 Dec 16, 2022
Complementary Patch for Weakly Supervised Semantic Segmentation, ICCV21 (poster)

CPN (ICCV2021) This is an implementation of Complementary Patch for Weakly Supervised Semantic Segmentation, which is accepted by ICCV2021 poster. Thi

Ferenas 20 Dec 12, 2022
Marine debris detection with commercial satellite imagery and deep learning.

Marine debris detection with commercial satellite imagery and deep learning. Floating marine debris is a global pollution problem which threatens mari

Inter Agency Implementation and Advanced Concepts 56 Dec 16, 2022
PushForKiCad - AISLER Push for KiCad EDA

AISLER Push for KiCad Push your layout to AISLER with just one click for instant

AISLER 31 Dec 29, 2022
DM-ACME compatible implementation of the Arm26 environment from Mujoco

ACME-compatible implementation of Arm26 from Mujoco This repository contains a customized implementation of Mujoco's Arm26 model, that can be used wit

1 Dec 24, 2021
VGGVox models for Speaker Identification and Verification trained on the VoxCeleb (1 & 2) datasets

VGGVox models for speaker identification and verification This directory contains code to import and evaluate the speaker identification and verificat

338 Dec 27, 2022
Implementation for Stankevičiūtė et al. "Conformal time-series forecasting", NeurIPS 2021.

Conformal time-series forecasting Implementation for Stankevičiūtė et al. "Conformal time-series forecasting", NeurIPS 2021. If you use our code in yo

Kamilė Stankevičiūtė 36 Nov 21, 2022
DeepMind's software stack for physics-based simulation and Reinforcement Learning environments, using MuJoCo.

dm_control: DeepMind Infrastructure for Physics-Based Simulation. DeepMind's software stack for physics-based simulation and Reinforcement Learning en

DeepMind 3k Dec 31, 2022
Summary Explorer is a tool to visually explore the state-of-the-art in text summarization.

Summary Explorer Summary Explorer is a tool to visually inspect the summaries from several state-of-the-art neural summarization models across multipl

Webis 42 Aug 14, 2022
Simple streamlit app to demonstrate HERE Tour Planning

Table of Contents About the Project Built With Getting Started Prerequisites Installation Usage Roadmap Contributing License Acknowledgements About Th

Amol 8 Sep 05, 2022
[NeurIPS'21] "AugMax: Adversarial Composition of Random Augmentations for Robust Training" by Haotao Wang, Chaowei Xiao, Jean Kossaifi, Zhiding Yu, Animashree Anandkumar, and Zhangyang Wang.

AugMax: Adversarial Composition of Random Augmentations for Robust Training Haotao Wang, Chaowei Xiao, Jean Kossaifi, Zhiding Yu, Anima Anandkumar, an

VITA 112 Nov 07, 2022
Create Data & AI apps in 20 lines of code with Shimoku

Install with: pip install shimoku-api-python Start with: from os import getenv import shimoku_api_python.client as Shimoku

Shimoku 5 Nov 07, 2022
Semi-Supervised Learning for Fine-Grained Classification

Semi-Supervised Learning for Fine-Grained Classification This repo contains the code of: A Realistic Evaluation of Semi-Supervised Learning for Fine-G

25 Nov 08, 2022
Cosine Annealing With Warmup

CosineAnnealingWithWarmup Formulation The learning rate is annealed using a cosine schedule over the course of learning of n_total total steps with an

zhuyun 4 Apr 18, 2022
CompilerGym is a library of easy to use and performant reinforcement learning environments for compiler tasks

CompilerGym is a library of easy to use and performant reinforcement learning environments for compiler tasks

Facebook Research 721 Jan 03, 2023
Predicting 10 different clothing types using Xception pre-trained model.

Predicting-Clothing-Types Predicting 10 different clothing types using Xception pre-trained model from Keras library. It is reimplemented version from

AbdAssalam Ahmad 3 Dec 29, 2021
PyTorch Implementation of Exploring Explicit Domain Supervision for Latent Space Disentanglement in Unpaired Image-to-Image Translation.

DosGAN-PyTorch PyTorch Implementation of Exploring Explicit Domain Supervision for Latent Space Disentanglement in Unpaired Image-to-Image Translation

40 Nov 30, 2022
Boosted neural network for tabular data

XBNet - Xtremely Boosted Network Boosted neural network for tabular data XBNet is an open source project which is built with PyTorch which tries to co

Tushar Sarkar 175 Jan 04, 2023
Download and preprocess popular sequential recommendation datasets

Sequential Recommendation Datasets This repository collects some commonly used sequential recommendation datasets in recent research papers and provid

125 Dec 06, 2022
Implementation of "Glancing Transformer for Non-Autoregressive Neural Machine Translation"

GLAT Implementation for the ACL2021 paper "Glancing Transformer for Non-Autoregressive Neural Machine Translation" Requirements Python = 3.7 Pytorch

117 Jan 09, 2023