Consistency Regularization for Adversarial Robustness

Related tags

Deep Learningdata-augmentationadversarial-trainingconsistency-regularization
Overview

Consistency Regularization for Adversarial Robustness

Official PyTorch implementation of Consistency Regularization for Adversarial Robustness by Jihoon Tack, Sihyun Yu, Jongheon Jeong, Minseon Kim, Sung Ju Hwang, and Jinwoo Shin.

1. Dependencies

conda create -n con-adv python=3
conda activate con-adv

conda install pytorch torchvision cudatoolkit=11.0 -c pytorch 

pip install git+https://github.com/fra31/auto-attack
pip install advertorch tensorboardX

2. Training

2.1. Training option and description

The option for the training method is as follows:

  • <DATASET>: {cifar10,cifar100,tinyimagenet}
  • <AUGMENT>: {base,ccg}
  • <ADV_TRAIN OPTION>: {adv_train,adv_trades,adv_mart}

Current code are assuming l_infinity constraint adversarial training and PreAct-ResNet-18 as a base model.
To change the option, simply modify the following configurations:

  • WideResNet-34-10: --model wrn3410
  • l_2 constraint: --distance L2

2.2. Training code

Standard cross-entropy training

% Standard cross-entropy
python train.py --mode ce --augment base --dataset <DATASET>

Adversarial training

% Adversarial training
python train.py --mode <ADV_TRAIN OPTION> --augment <AUGMENT> --dataset <DATASET>

% Example: Standard AT under CIFAR-10
python train.py --mode adv_train --augment base --dataset cifar10

Consistency regularization

% Consistency regularization
python train.py --consistency --mode <ADV_TRAIN OPTION> --augment <AUGMENT> --dataset <DATASET>

% Example: Consistency regularization based on standard AT under CIFAR-10
python train.py --consistency --mode adv_train --augment ccg --dataset cifar10

3. Evaluation

3.1. Evaluation option and description

The description for treat model is as follows:

  • <DISTANCE>: {Linf,L2,L1}, the norm constraint type
  • <EPSILON>: the epsilon ball size
  • <ALPHA>: the step size of PGD optimization
  • <NUM_ITER>: iteration number of PGD optimization

3.2. Evaluation code

Evaluate clean accuracy

python eval.py --mode test_clean_acc --dataset <DATASET> --load_path <MODEL_PATH>

Evaluate clean & robust accuracy against PGD

python eval.py --mode test_adv_acc --distance <DISTANCE> --epsilon <EPSILON> --alpha <ALPHA> --n_iters <NUM_ITER> --dataset <DATASET> --load_path <MODEL_PATH>

Evaluate clean & robust accuracy against AutoAttack

python eval.py --mode test_auto_attack --epsilon <EPSILON> --distance <DISTANCE> --dataset <DATASET> --load_path <MODEL_PATH>

Evaluate mean corruption error (mCE)

python eval.py --mode test_mce --dataset <DATASET> --load_path <MODEL_PATH>

4. Results

White box attack

Clean accuracy and robust accuracy (%) against white-box attacks on PreAct-ResNet-18 trained on CIFAR-10.
We use l_infinity threat model with epsilon = 8/255.

Method Clean PGD-20 PGD-100 AutoAttack
Standard AT 84.48 46.09 45.89 40.74
+ Consistency (Ours) 84.65 54.86 54.67 47.83
TRADES 81.35 51.41 51.13 46.41
+ Consistency (Ours) 81.10 54.86 54.68 48.30
MART 81.35 49.60 49.41 41.89
+ Consistency (Ours) 81.10 55.31 55.16 47.02

Unseen adversaries

Robust accuracy (%) of PreAct-ResNet-18 trained with of l_infinity epsilon = 8/255 constraint against unseen attacks.
For unseen attacks, we use PGD-100 under different sized l_infinity epsilon balls, and other types of norm balls.

Method l_infinity, eps=16/255 l_2, eps=300/255 l_1, eps=4000/255
Standard AT 15.77 26.91 32.44
+ Consistency (Ours) 22.49 34.43 42.45
TRADES 23.87 28.31 28.64
+ Consistency (Ours) 27.18 37.11 46.73
MART 20.08 30.15 27.00
+ Consistency (Ours) 27.91 38.10 43.29

Mean corruption error

Mean corruption error (mCE) (%) of PreAct-ResNet-18 trained on CIFAR-10, and tested with CIFAR-10-C dataset

Method mCE
Standard AT 24.05
+ Consistency (Ours) 22.06
TRADES 26.17
+ Consistency (Ours) 24.05
MART 27.75
+ Consistency (Ours) 26.75

Reference

Owner
GitHub Repository https://arxiv.org/abs/2103.04623
Convert game ISO and archives to CD CHD for emulation on Linux.

tochd Convert game ISO and archives to CD CHD for emulation. Author: Tuncay D. Source: https://github.com/thingsiplay/tochd Releases: https://github.c

Tuncay 20 Jan 02, 2023
Simulation of moving particles under microscopic imaging

Simulation of moving particles under microscopic imaging Install scipy numpy scikit-image tiffile Run python simulation.py Read result https://imagej

Zehao Wang 2 Dec 14, 2021
Learning-Augmented Dynamic Power Management

Learning-Augmented Dynamic Power Management This repository contains source code accompanying paper Learning-Augmented Dynamic Power Management with M

Adam 0 Feb 22, 2022
This repository contains the official implementation code of the paper Transformer-based Feature Reconstruction Network for Robust Multimodal Sentiment Analysis

This repository contains the official implementation code of the paper Transformer-based Feature Reconstruction Network for Robust Multimodal Sentiment Analysis, accepted at ACMMM 2021.

Ziqi Yuan 10 Sep 30, 2022
IEEE-CIS Technical Challenge on Predict+Optimize for Renewable Energy Scheduling

IEEE-CIS Technical Challenge on Predict+Optimize for Renewable Energy Scheduling This is my code, data and approach for the IEEE-CIS Technical Challen

3 Sep 18, 2022
We will see a basic program that is basically a hint to brute force attack to crack passwords. In other words, we will make a program to Crack Any Password Using Python. Show some ❤️ by starring this repository!

Crack Any Password Using Python We will see a basic program that is basically a hint to brute force attack to crack passwords. In other words, we will

Ananya Chatterjee 11 Dec 03, 2022
This repository contains part of the code used to make the images visible in the article "How does an AI Imagine the Universe?" published on Towards Data Science.

Generative Adversarial Network - Generating Universe This repository contains part of the code used to make the images visible in the article "How doe

Davide Coccomini 9 Dec 18, 2022
https://sites.google.com/cornell.edu/recsys2021tutorial

Counterfactual Learning and Evaluation for Recommender Systems (RecSys'21 Tutorial) Materials for "Counterfactual Learning and Evaluation for Recommen

yuta-saito 45 Nov 10, 2022
A gesture recognition system powered by OpenPose, k-nearest neighbours, and local outlier factor.

OpenHands OpenHands is a gesture recognition system powered by OpenPose, k-nearest neighbours, and local outlier factor. Currently the system can iden

Paul Treanor 12 Jan 10, 2022
Implementation of the Swin Transformer in PyTorch.

Swin Transformer - PyTorch Implementation of the Swin Transformer architecture. This paper presents a new vision Transformer, called Swin Transformer,

597 Jan 03, 2023
State-Relabeling Adversarial Active Learning

State-Relabeling Adversarial Active Learning Code for SRAAL [2020 CVPR Oral] Requirements torch = 1.6.0 numpy = 1.19.1 tqdm = 4.31.1 AL Results The

10 Jul 14, 2022
Deep Learning Emotion decoding using EEG data from Autism individuals

Deep Learning Emotion decoding using EEG data from Autism individuals This repository includes the python and matlab codes using for processing EEG 2D

Juan Manuel Mayor Torres 12 Dec 08, 2022
Generalized hybrid model for mode-locked laser diodes with an extended passive cavity

GenHybridMLLmodel Generalized hybrid model for mode-locked laser diodes with an extended passive cavity This hybrid simulation strategy combines a tra

Stijn Cuyvers 3 Sep 21, 2022
The official PyTorch implementation for NCSNv2 (NeurIPS 2020)

Improved Techniques for Training Score-Based Generative Models This repo contains the official implementation for the paper Improved Techniques for Tr

174 Dec 26, 2022
PyTorch implementation of paper "IBRNet: Learning Multi-View Image-Based Rendering", CVPR 2021.

IBRNet: Learning Multi-View Image-Based Rendering PyTorch implementation of paper "IBRNet: Learning Multi-View Image-Based Rendering", CVPR 2021. IBRN

Google Interns 371 Jan 03, 2023
Code for the paper: Fighting Fake News: Image Splice Detection via Learned Self-Consistency

Fighting Fake News: Image Splice Detection via Learned Self-Consistency [paper] [website] Minyoung Huh *12, Andrew Liu *1, Andrew Owens1, Alexei A. Ef

minyoung huh (jacob) 174 Dec 09, 2022
一个多语言支持、易使用的 OCR 项目。An easy-to-use OCR project with multilingual support.

AgentOCR 简介 AgentOCR 是一个基于 PaddleOCR 和 ONNXRuntime 项目开发的一个使用简单、调用方便的 OCR 项目 本项目目前包含 Python Package 【AgentOCR】 和 OCR 标注软件 【AgentOCRLabeling】 使用指南 Pytho

AgentMaker 98 Nov 10, 2022
P-Tuning v2: Prompt Tuning Can Be Comparable to Finetuning Universally Across Scales and Tasks

P-tuning v2 P-Tuning v2: Prompt Tuning Can Be Comparable to Finetuning Universally Across Scales and Tasks An optimized prompt tuning strategy for sma

THUDM 540 Dec 30, 2022
Code for "The Box Size Confidence Bias Harms Your Object Detector"

The Box Size Confidence Bias Harms Your Object Detector - Code Disclaimer: This repository is for research purposes only. It is designed to maintain r

Johannes G. 24 Dec 07, 2022
Python implementation of Wu et al (2018)'s registration fusion

reg-fusion Projection of a central sulcus probability map using the RF-ANTs approach (right hemisphere shown). This is a Python implementation of Wu e

Dan Gale 26 Nov 12, 2021