To generate attacked images, use the following example. Make sure to specify the necessary commands.
python main.py --area C --attack_type PGD_l2 --attack_goal N --model_type resnet18 --strategy WB And then the following commands will be executed.
python PGD.py --area C --attack_type PGD_l2 --attack_goal N --model_type resnet18 --strategy WB
The arguments behind are the ones in PGD.py file, which are be used to set the conresponding parameters.
To submit your attacks, name your main attack file with the attack name such as 'PGD.py'. Originize your source files and make sure the attack can run such as the following example.
python PGD.py --area C --attack_type PGD_l2 --attack_goal N --model_type resnet18 --strategy WBHow to add your own attacks?
In main.py, make sure to keep attack_type same with attack_type in your own attack files. For example, 'PGD_linf' and 'PGD_l2' are the attack_types used in PGD.py. So the codes in main.py shoule be like:
if attack_type == 'PGD_linf' or 'PGD_l2':
attack = 'PGD'Here attack is the name of your attack file.
Another example is adversarial patch attack.
if attack_type == 'Patch':
attack = 'Patch_Attack'The codebook is here:
|
head |
details |
|||
|
area |
attack type |
attack goal |
attacker knowledge |
|
|
model type |
strategy |
|||
|
C -- Classification |
0 -- non-attack |
T -- target |
V16 -- VGG16 |
WA -- White Box |
|
D -- Detection |
1 -- lp attack |
N -- non-target |
V19 -- VGG19 |
TB -- Transfer based Black Box |
|
F -- Face recognition |
2 -- patch attack |
R50 -- Resnet50 |
QB -- Query based Black Box |
|
|
3 -- trojan attack |
R18 -- Resnet18 |
|||
|
L04 – Lenet with 4 convs |
||||
|
I03 -- inception3 |
||||