csdongxian / skip-connections-matter Goto Github PK

Hello,

Thank you so much for providing your code!

I had a question about pre-activation ResNet. I am trying to implement your attack on my problem using pre-act resNet18 and CIFAR-10, but the transferability is lower than the plain vanilla attack (or at most similar). The source is a pre-act resNet18 and also the target is a pre-act resNet18. The only thing that I did different from your code is to adjust the ReLU condition (since pre-act resnet doesn't have a ReLU before the residual blocks, so I removed the "not '0.relu' in name" condition).

I would very much appreciate it if you could let me know if you have tried this architecture, or if you have some insights about what could be going wrong (e.g. the source and target models are the same or the source model is not deep enough). Please let me know if you need more info about the architecture.

Thank you very much.

Hi, this is a insteresting work!
I find that the repo is torch version. Can you offer me the Tensorflow code of SGM, thanks!

Hi, thanks for publishing the code of this paper?

Just wonder would it be possible for you to release the ensemble attack part code?

Or maybe some reference to other people's code?

Hi, thanks for making the code available!

I'm just wondering if you have tested SGM on CIFAR-10 by any chance? And if so, does SGM still expose stronger transferability? Thanks!

您好！我看到您在实验中使用对抗训练的模型？请问您方便提供pytorch对抗训练的代码和模型权重吗？看到您的代码使用tf写的。

Thank you for the good work :) Have a quick question.

For the experiment of using RN152 as source model and IncV3 as target model. Can I ask how did you do the resizing step from 224x224 to 299x299? If you resized the 224x224 perturbation to 299x299, what algorithm did you use for upsampling?(i.e. nearest, linear, or bilinear?)

Hello, Dongxian. Hope everything is going well.

Your paper is quite interesting.

I ran it for ResNet 18 and 50 but it gave me an error every time.

I don't know if it is because of Pytorch version (1.7 in my python environment) or not. The error happens in line "inputs_adv = adversary.perturb(inputs, pred.detach().view(-1))."

def backward_hook_norm(module, grad_in, grad_out):
# normalize the gradient to avoid gradient explosion or vanish
std = torch.std(grad_in[0])
return (grad_in[0] / std,)

If I remove the line that runs hook for BatchNorm, everything is fine. But I don't know if it will affect the attack performance a lot. Looks like transferability is not good currently after I remove it.

Please tell me if you have any idea how to fix it.

Thank you.