Skip to content
/ AdvGrads Public

The all-in-one tool for comprehensive experimentation with adversarial attacks on image recognition.

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

myuito3/AdvGrads

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

55 Commits
advgrads
advgrads
 
 
advgrads_cli
advgrads_cli
 
 
configs
configs
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
setup.py
setup.py
 
 

Repository files navigation

AdvGrads

Latest Release License

🌐 About

AdvGrads is an all-in-one tool for comprehensive experimentation with adversarial attacks on image recognition. This repository provides an environment used for research purposes to validate the performance of attack and defense methods in adversarial attacks.

This repository is still under development. For more information, please contact with me (m.yuito3@gmail.com).

💻 Installation

Create environment

AdvGrads requires Python >= 3.9. The following is an example of building an environment using conda:

conda create --name advgrads -y python=3.9
conda activate advgrads
pip install --upgrade pip

Dependencies

Install other packages including PyTorch with CUDA (this repo has been tested with CUDA 11.8).

pip install torch==2.1.2+cu118 torchvision==0.16.2+cu118 --extra-index-url https://download.pytorch.org/whl/cu118
pip install -r requirements.txt

Installing AdvGrads

Install AdvGrads in editable mode from source code:

python -m pip install -e .

🚀 Usage

You can execute the attack immediately using the config files provided in this repository.

python advgrads_cli/attack.py --load_config configs/mnist_untargeted.yaml

⚙ Description format of config files

The attack configs are managed by a YAML file. The main fields and variables are described below.

  • data: (str, required) Specify a dataset for which adversarial examples are to be generated.
  • model: (str, required) Select a model to be attacked. See here for currently supported models.
  • attacks: (list, required) This field allows you to specify attack methods that you wish to execute in a list format. You can set values including hyperparameters defined for each method. The parameters that can be specified for all methods are as follows:
    • method: (str) Attack method. See here for currently supported attack methods.
    • norm: (str) Norm for adversarial perturbations.
    • eps: (float) Maximum norm constraint.
    • max_iters: (int) Maximum number of iterations used in iterative methods.
    • targeted: (bool) Whether or not to perform targeted attacks which aim to misclassify an adversarial example into a particular class.
  • thirdparty_defense: (str, optional) Thirdparty defensive method. See here for currently supported defensive methods.

🔍 Features

AdvGrads is developed on PyTorch.

💥 Attacks

Currently supported attack methods are as follows:

Method Type
DeepFool White-box
DI-MI-FGSM White-box
FGSM White-box
I-FGSM (BIM) White-box
MI-FGSM (MIM) White-box
NI-FGSM White-box
PGD White-box
PI-FGSM White-box
SI-NI-FGSM White-box
SignHunter Black-box
SimBA Black-box
Square attack Black-box

💠 Defenses

Currently supported defense methods including adversarially trained models are as follows:

Method Type
Bit-Red Input transform
JPEG Input transform
Randomization Input transform
TRADES Adv. training

🧩 Others

And also, some naturally trained models are supported.

Source Datasets
pytorch-playground MNIST, CIFAR-10

About

The all-in-one tool for comprehensive experimentation with adversarial attacks on image recognition.

Topics

deep-learning pytorch adversarial-attacks adversarial-robustness

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 2

v0.1.1 Latest
Nov 17, 2024
+ 1 release

Packages

No packages published

Languages