csdongxian / skip-connections-matter Goto Github PK
View Code? Open in Web Editor NEWCodes for ICLR 2020 paper "Skip Connections Matter: On the Transferability of Adversarial Examples Generated with ResNets"
License: MIT License
Codes for ICLR 2020 paper "Skip Connections Matter: On the Transferability of Adversarial Examples Generated with ResNets"
License: MIT License
Hello,
Thank you so much for providing your code!
I had a question about pre-activation ResNet. I am trying to implement your attack on my problem using pre-act resNet18 and CIFAR-10, but the transferability is lower than the plain vanilla attack (or at most similar). The source is a pre-act resNet18 and also the target is a pre-act resNet18. The only thing that I did different from your code is to adjust the ReLU condition (since pre-act resnet doesn't have a ReLU before the residual blocks, so I removed the "not '0.relu' in name" condition).
I would very much appreciate it if you could let me know if you have tried this architecture, or if you have some insights about what could be going wrong (e.g. the source and target models are the same or the source model is not deep enough). Please let me know if you need more info about the architecture.
Thank you very much.
Hi, this is a insteresting work!
I find that the repo is torch version. Can you offer me the Tensorflow code of SGM, thanks!
Hi, thanks for publishing the code of this paper?
Just wonder would it be possible for you to release the ensemble attack part code?
Or maybe some reference to other people's code?
Hi, thanks for making the code available!
I'm just wondering if you have tested SGM on CIFAR-10 by any chance? And if so, does SGM still expose stronger transferability? Thanks!
您好!我看到您在实验中使用对抗训练的模型?请问您方便提供pytorch对抗训练的代码和模型权重吗?看到您的代码使用tf写的。
Thank you for the good work :) Have a quick question.
For the experiment of using RN152 as source model and IncV3 as target model. Can I ask how did you do the resizing step from 224x224 to 299x299? If you resized the 224x224 perturbation to 299x299, what algorithm did you use for upsampling?(i.e. nearest, linear, or bilinear?)
Hello, Dongxian. Hope everything is going well.
Your paper is quite interesting.
I ran it for ResNet 18 and 50 but it gave me an error every time.
I don't know if it is because of Pytorch version (1.7 in my python environment) or not. The error happens in line "inputs_adv = adversary.perturb(inputs, pred.detach().view(-1))."
def backward_hook_norm(module, grad_in, grad_out):
# normalize the gradient to avoid gradient explosion or vanish
std = torch.std(grad_in[0])
return (grad_in[0] / std,)
If I remove the line that runs hook for BatchNorm, everything is fine. But I don't know if it will affect the attack performance a lot. Looks like transferability is not good currently after I remove it.
Please tell me if you have any idea how to fix it.
Thank you.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.