linqinliang / ssah-adversarial-attack Goto Github PK
View Code? Open in Web Editor NEWCode for the paper "Frequency-driven Imperceptible Adversarial Attack on Semantic Similarity"
License: MIT License
ssah-adversarial-attack's People
Stargazers
Watchers
Forkers
repo-collection lingjivoo provable0816 blissqiu plus1-top tornado0105 landandland alex661 samuelll1 dt961202016ssah-adversarial-attack's Issues
Corrupted pretrained model
I downloaded the pertained model and ran the code, but it seems that the pretrained model is corrected due to the following error:
Traceback (most recent call last):
File "/home/code/SSAH-adversarial-attack/main.py", line 156, in <module>
fid = return_fid(benign_img, adv_img)
File "/home/code/SSAH-adversarial-attack/utils/fid_score.py", line 256, in return_fid
dims=2048)
File "/home/code/SSAH-adversarial-attack/utils/fid_score.py", line 239, in calculate_fid_given_paths
model = InceptionV3([block_idx]).to(device)
File "/home/code/SSAH-adversarial-attack/utils/inception.py", line 82, in __init__
inception = fid_inception_v3()
File "/home/code/SSAH-adversarial-attack/utils/inception.py", line 208, in fid_inception_v3
state_dict = torch.load(os.path.join("checkpoints", "pt_inception-2015-12-05-6726825d.pth"))
File "/home/anaconda3/envs/ssah/lib/python3.6/site-packages/torch/serialization.py", line 595, in load
return _legacy_load(opened_file, map_location, pickle_module, **pickle_load_args)
File "/home/anaconda3/envs/ssah/lib/python3.6/site-packages/torch/serialization.py", line 781, in _legacy_load
deserialized_objects[key]._set_from_file(f, offset, f_should_read_directly)
RuntimeError: unexpected EOF, expected 559999 more bytes. The file might be corrupted.
鲁棒性问题
通过低频约束生成的对抗样本会不会对于JPEG压缩、高斯模糊等特别不鲁棒
I don't have permission to download the pre-training model, can you give me permission to download it?
Transferability
How does your cross dataset attack work
the original author of dwt code
Hi, thanks for sharing,
I am looking for the original author of DWT.py,
I tried DWT code years ago but I couldn't find the source,
may I ask the original GitHub repo if you remember where it is from?
thanks a lot.
The variable adv was reassigned after iteration, which seems to be an error
def forward(self, inputs: torch.Tensor) -> torch.Tensor:
with torch.no_grad():
inputs_fea = self.fea_extract(self.normalize_fn(inputs))
# low frequency component
inputs_ll = self.DWT(inputs)
inputs_ll = self.IDWT(inputs_ll)
# changes of variables
eps = 3e-7
modifier = torch.arctanh(inputs * (2 - eps * 2) - 1 + eps)
modifier = Variable(modifier, requires_grad=True)
modifier = modifier.to(self.device)
optimizer = optim.Adam([modifier], lr=self.lr)
lowFre_loss = nn.SmoothL1Loss(reduction='sum')
for step in range(self.num_iteration):
optimizer.zero_grad()
self.encoder_fea.zero_grad()
adv = 0.5 * (torch.tanh(modifier) + 1)
adv_fea = self.fea_extract(self.normalize_fn(adv))
adv_ll = self.DWT(adv)
adv_ll = self.IDWT(adv_ll)
pos_sim, neg_sim = self.cal_sim(adv_fea, inputs_fea)
if step == 0:
pos_neg_sim, indices = self.select_setp1(pos_sim, neg_sim)
else:
pos_neg_sim = self.select_step2(pos_sim, neg_sim, indices)
sim_pos = pos_neg_sim[:, 0]
sim_neg = pos_neg_sim[:, -1]
w_p = torch.clamp_min(sim_pos.detach() - self.m, min=0)
w_n = torch.clamp_min(1 + self.m - sim_neg.detach(), min=0)
adv_cost = self.alpha * torch.sum(torch.clamp(w_p * sim_pos - w_n * sim_neg, min=0))
lowFre_cost = self.beta * lowFre_loss(adv_ll, inputs_ll)
total_cost = adv_cost + lowFre_cost
optimizer.zero_grad()
total_cost.backward()
optimizer.step()
adv = 0.5 * (torch.tanh(modifier.detach()) + 1)
return adv
Training method for ResNet20 on CIFAR dataset
Hi! Since you said that 'We trained a resnet20 model with 92.6% accuracy with CIFAR1010 and a resnet20 model with 69.63% accuracy with CIFAR100', I would like to know if there is any relevant training algorithm or code, and I want to train a new resnetxx model according to your method. Thanks!
why make modifier = torch.arctanh(inputs * (2 - eps * 2) - 1 + eps)?
previous work usually said adv = data.cuda(), so I want to know why make modifier = torch.arctanh(inputs * (2 - eps * 2) - 1 + eps) and adv = 0.5 * (torch.tanh(modifier) + 1)? Thank you!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.