[Paper] [arXiv] [Poster] [Slide] [Project Page]

Adversarial Attack Generation Empowered by Min-Max Optimization
Jingkang Wang, Tianyun Zhang, Sijia Liu, Pin-Yu Chen, Jiacen Xu, Makan Fardad, Bo Li
NeurIPS 2021

Revisit the strength of min-max optimization in the context of adversarial attack generation

Please check neurips21 folder for reproducing the robust adversarial attack results presented in the paper. We provide detailed instructions in neurips21/README.md and bash scripts neurips21/scripts. The code is based on tensorflow 1.x (tested from 1.10.0 - 1.15.0), which is a bit outdated. Currently, we do not have plans to upgrade it to tensorflow 2.x. If you do not aim to reproduce the exact numbers but use min-max attacks in your projects, we provide a pytorch implementation with latest pre-trained models (e.g., EfficientNet, ViT, etc) and ImageNet-1k supports. Please see the following section for more details.

TBD (stay tuned!)

If you find our code or paper useful, please consider citing

@inproceedings{wang2021adversarial,
    title={Adversarial Attack Generation Empowered by Min-Max Optimization},
    author={Wang, Jingkang and Zhang, Tianyun and Liu, Sijia  and Chen, Pin-Yu and Xu, Jiacen and Fardad, Makan and Li, Bo},
    booktitle={Advances in Neural Information Processing Systems (NeurIPS)},
    year={2021}
}

Please submit a Github issue or contact wangjk@cs.toronto.edu if you have any questions or find any bugs.