Implementation of Wasserstein adversarial attacks.

Related tags

Deep Learning fast-wasserstein-adversarial
Overview

Stronger and Faster Wasserstein Adversarial Attacks

Code for Stronger and Faster Wasserstein Adversarial Attacks, appeared in ICML 2020. This repository contains the implementation of our Wasserstein adversarial attacks and pretrained robust models. The implementation of the projection operator and the linear minimization oracle for Wasserstein constraint can be of independent interest.

Instructions for running the code

Dependency: PyTorch 1.5.1 with CUDA 10.2, scipy 1.5.0, and advertorch 0.2.3

Before running the procedure, it is required to install the sparse tensor package:

cd sparse_tensor
python setup.py install

The sparse tensor package includes several functions for initialization of sparse tensors.

Checkout the following bash scripts for different attack methods:

bash bash/test_sinkhorn.sh             # projected Sinkhorn
bash bash/test_projected_gradient.sh   # PGD with dual projection
bash bash/test_frank_wolfe.sh          # Frank-Wolfe with dual LMO

You may want to switch to the option download=True in the Line 111 and 124 in data.py for the first run.

The folder ./checkpoints stores all pretrained models. The names of the checkpoints indicate their training methods. For examples, mnist_vanilla.pth and mnist_adv_training.pth are pretrained models directly taken from Wong et al., 2019. mnist_adv_training_attack-frank_eps-0.3.pth is a model adversarially trained by Frank-Wolfe using epsilon=0.3.

Checkout the following bash script for adversarial training using Frank-Wolfe:

bash bash/train.sh

Checkout the following bash script for model clean accuracy and lp adversarial attacks:

bash bash/test.sh
You might also like...
Distributional Sliced-Wasserstein distance code
Distributional Sliced-Wasserstein distance code

Distributional Sliced Wasserstein distance This is a pytorch implementation of the paper "Distributional Sliced-Wasserstein and Applications to Genera

VinAI Research 39 Jan 1, 2023
(NeurIPS 2020) Wasserstein Distances for Stereo Disparity Estimation
(NeurIPS 2020) Wasserstein Distances for Stereo Disparity Estimation

Wasserstein Distances for Stereo Disparity Estimation Accepted in NeurIPS 2020 as Spotlight. [Project Page] Wasserstein Distances for Stereo Disparity

Divyansh Garg 92 Dec 12, 2022
Code accompanying the paper
Code accompanying the paper "Wasserstein GAN"

Wasserstein GAN Code accompanying the paper "Wasserstein GAN" A few notes The first time running on the LSUN dataset it can take a long time (up to an

null 3.1k Jan 1, 2023
Dynamical Wasserstein Barycenters for Time Series Modeling

Dynamical Wasserstein Barycenters for Time Series Modeling This is the code related for the Dynamical Wasserstein Barycenter model published in Neurip

null 8 Sep 9, 2022
Causal-Adversarial-Instruments - PyTorch Implementation for Developing Library of Investigating Adversarial Examples on A Causal View by Instruments

Causal-Adversarial-Instruments This is a PyTorch Implementation code for develop

LBK 26 Dec 28, 2022
Super-Fast-Adversarial-Training - A PyTorch Implementation code for developing super fast adversarial training

Super-Fast-Adversarial-Training This is a PyTorch Implementation code for develo

LBK 26 Dec 2, 2022
The official implementation of NeurIPS 2021 paper: Finding Optimal Tangent Points for Reducing Distortions of Hard-label Attacks

The official implementation of NeurIPS 2021 paper: Finding Optimal Tangent Points for Reducing Distortions of Hard-label Attacks

machen 11 Nov 27, 2022
Code for the paper: Adversarial Training Against Location-Optimized Adversarial Patches. ECCV-W 2020.

Adversarial Training Against Location-Optimized Adversarial Patches arXiv | Paper | Code | Video | Slides Code for the paper: Sukrut Rao, David Stutz,

Sukrut Rao 32 Dec 13, 2022
Adversarial Color Enhancement: Generating Unrestricted Adversarial Images by Optimizing a Color Filter

ACE Please find the preliminary version published at BMVC 2020 in the folder BMVC_version, and its extended journal version in Journal_version. Datase

null 28 Dec 25, 2022
Comments
  • undefined symbol: _ZN3c106detail14torchCheckFailEPKcS2_jS2_

    undefined symbol: _ZN3c106detail14torchCheckFailEPKcS2_jS2_

    Recently, I have read this paper and code. However, I have a question about them. When I run "python train.py", there is the following bug: ...undefined symbol: ZN3c106detail14torchCheckFailEPKcS2_jS2. Is this because of my CUDA version? Thank you very much.

    opened by Weixin-An 1
  • Implemented the targeted setting for the Frank-Wolfe attack

    Implemented the targeted setting for the Frank-Wolfe attack

    Implemented the targeted setting for the Frank-Wolfe attack. To achieve this I transformed the problem from maximizing the loss between the prediction of the model on adversarial sample adv_data and the ground truth label y, to minimizing the loss between the prediction of the model on adversarial sample adv_data and the target class label target.

    To change from maximization to minimization problem, I reversed the direction of the gradient by multiplying it with -1.

    opened by bezirganyan 0
Owner
null
GitHub
PyTorch implementation of our method for adversarial attacks and defenses in hyperspectral image classification.

Self-Attention Context Network for Hyperspectral Image Classification PyTorch implementation of our method for adversarial attacks and defenses in hyp

null 22 Dec 2, 2022
PyTorch implementation of VAGAN: Visual Feature Attribution Using Wasserstein GANs

PyTorch implementation of VAGAN: Visual Feature Attribution Using Wasserstein GANs This code aims to reproduce results obtained in the paper "Visual F

Orobix 93 Aug 17, 2022
Official PyTorch implementation of the paper "Recycling Discriminator: Towards Opinion-Unaware Image Quality Assessment Using Wasserstein GAN", accepted to ACM MM 2021 BNI Track.

RecycleD Official PyTorch implementation of the paper "Recycling Discriminator: Towards Opinion-Unaware Image Quality Assessment Using Wasserstein GAN

Yunan Zhu 23 Nov 5, 2022
A pytorch implementation of Paper "Improved Training of Wasserstein GANs"

WGAN-GP An pytorch implementation of Paper "Improved Training of Wasserstein GANs". Prerequisites Python, NumPy, SciPy, Matplotlib A recent NVIDIA GPU

Marvin Cao 1.4k Dec 14, 2022
An implementation of the [Hierarchical (Sig-Wasserstein) GAN] algorithm for large dimensional Time Series Generation

Hierarchical GAN for large dimensional financial market data Implementation This repository is an implementation of the [Hierarchical (Sig-Wasserstein

null 11 Nov 29, 2022
Attack classification models with transferability, black-box attack; unrestricted adversarial attacks on imagenet

Attack classification models with transferability, black-box attack; unrestricted adversarial attacks on imagenet, CVPR2021 安全AI挑战者计划第六期:ImageNet无限制对抗攻击 决赛第四名(team name: Advers)

null 51 Dec 1, 2022
Adversarial Attacks on Probabilistic Autoregressive Forecasting Models.

Attack-Probabilistic-Models This is the source code for Adversarial Attacks on Probabilistic Autoregressive Forecasting Models. This repository contai

SRI Lab, ETH Zurich 25 Sep 14, 2022
Defending graph neural networks against adversarial attacks (NeurIPS 2020)

GNNGuard: Defending Graph Neural Networks against Adversarial Attacks Authors: Xiang Zhang ([email protected]), Marinka Zitnik (marinka@hms.

Zitnik Lab @ Harvard 44 Dec 7, 2022
Boosting Adversarial Attacks with Enhanced Momentum (BMVC 2021)

EMI-FGSM This repository contains code to reproduce results from the paper: Boosting Adversarial Attacks with Enhanced Momentum (BMVC 2021) Xiaosen Wa

John Hopcroft Lab at HUST 10 Sep 26, 2022
Stable Neural ODE with Lyapunov-Stable Equilibrium Points for Defending Against Adversarial Attacks

Stable Neural ODE with Lyapunov-Stable Equilibrium Points for Defending Against Adversarial Attacks Stable Neural ODE with Lyapunov-Stable Equilibrium

Kang Qiyu 8 Dec 12, 2022