Curls & Whey: Boosting Black-Box Adversarial Attacks (accepted to CVPR2019)
============================================================
Introduction
------------------------------------------------------------
Image classifiers based on deep neural networks suffer from harassment caused by adversarial examples. Two defects exist in black-box iterative attacks that generate adversarial examples by incrementally adjusting the noise-adding direction for each step. On the one hand, existing iterative attacks add noises monotonically along the direction of gradient ascent, resulting in a lack of diversity and adaptability of the generated iterative trajectories. On the other hand, it is trivial to perform adversarial attack by adding excessive noises, but currently there is no refinement mechanism to squeeze redundant noises. In this work, we propose Curls & Whey black-box attack to fix the above two defects. During Curls iteration, by combining gradient ascent and descent, we ‘curl’ up iterative trajectories to integrate more diversity and transferability into adversarial examples. Curls iteration also alleviates the diminishing marginal effect in existing iterative attacks. The Whey optimization further squeezes the ‘whey’ of noises by exploiting the robustness of adversarial perturbation. Extensive experiments on Imagenet and Tiny-Imagenet demonstrate that our approach achieves impressive decrease on noise magnitude in l2 norm. Curls & Whey attack also shows promising transferability against ensemble models as well as adversarially trained models. In addition, we extend our attack to the targeted misclassification, effectively reducing the difficulty of targeted attacks under black-box condition.
![](https://github.com/walegahaha/Curls-Whey/raw/master/figures/curls_whey.png)
Paper
------------------------------------------------------------
Yucheng Shi, Siyu Wang, Yahong Han. "Curls & Whey: Boosting Black-Box Adversarial Attacks." CVPR 2019 (Oral).
https://arxiv.org/abs/1904.01160
Reference
------------------------------------------------------------
If you find this useful in your work, please consider citing the following reference:
```
@inproceedings{CurlsWhey2019CVPR,
title = {Curls & Whey: Boosting Black-Box Adversarial Attacks},
author = {Shi, Yucheng and Wang, Siyu and Han, Yahong},
booktitle = {Computer Vision and Pattern Recognition (CVPR), 2019},
year = {2019}
}
```
Datasets
------------------------------------------------------------
The datasets used in the paper are available at the following links:
* [Imagenet](http://image-net.org/index)
* [Tiny Imagenet](https://tiny-imagenet.herokuapp.com/)
Environment
------------------------------------------------------------
The code is developed using python 3.5 and pytorch 0.4.1 on Ubuntu 16.04. NVIDIA GPUs are needed. The code is developed and tested using 1 GeForce GTX TITAN X GPU cards.
Usage
------------------------------------------------------------
./bmodels/inceptionv3/inceptionv3.pt    (https://pan.baidu.com/s/1_j7gVcGcWaobgJi7K11e6A)      code: tcax <Br/>
./fmodels/resnet/resnet101.pt           (https://pan.baidu.com/s/19kQBVwhtZw4mgHuarwFQjQ)   code: z2w9 <Br/>
./temp.zip                            (https://pan.baidu.com/s/1CMvpGyGKwFpKV1lPhr4FUA)    code: qk6y <Br/>
<Br/>
unzip temp.zip <Br/>
pip --no-cache-dir install -r requirements.txt <Br/>
<Br/>
python untargeted_attack.py <Br/>
python targeted_attack.py
Examples
------------------------------------------------------------
![](https://github.com/walegahaha/Curls-Whey/raw/master/figures/example_figure_untargeted.png)
<br/>
![](https://github.com/walegahaha/Curls-Whey/raw/master/figures/example_figure_targeted.png)
没有合适的资源?快使用搜索试试~ 我知道了~
“Curls&WheyBoostingBlack-BoxAdversarialAttacks”在pytorch中的实施.zip
共220个文件
npy:200个
py:12个
png:3个
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 97 浏览量
2023-03-31
22:35:55
上传
评论
收藏 6.58MB ZIP 举报
温馨提示
“Curls&WheyBoostingBlack-BoxAdversarialAttacks”在pytorch中的实施
资源推荐
资源详情
资源评论
收起资源包目录
“Curls&WheyBoostingBlack-BoxAdversarialAttacks”在pytorch中的实施.zip (220个子文件)
.gitignore 142B
LICENSE 11KB
README.md 4KB
094.npy 12KB
089.npy 12KB
098.npy 12KB
005.npy 12KB
183.npy 12KB
004.npy 12KB
180.npy 12KB
031.npy 12KB
003.npy 12KB
177.npy 12KB
182.npy 12KB
149.npy 12KB
013.npy 12KB
171.npy 12KB
084.npy 12KB
022.npy 12KB
132.npy 12KB
193.npy 12KB
103.npy 12KB
006.npy 12KB
012.npy 12KB
136.npy 12KB
083.npy 12KB
130.npy 12KB
009.npy 12KB
050.npy 12KB
154.npy 12KB
113.npy 12KB
191.npy 12KB
076.npy 12KB
025.npy 12KB
115.npy 12KB
088.npy 12KB
075.npy 12KB
186.npy 12KB
001.npy 12KB
162.npy 12KB
028.npy 12KB
152.npy 12KB
080.npy 12KB
019.npy 12KB
074.npy 12KB
184.npy 12KB
091.npy 12KB
128.npy 12KB
118.npy 12KB
163.npy 12KB
055.npy 12KB
133.npy 12KB
042.npy 12KB
097.npy 12KB
195.npy 12KB
112.npy 12KB
141.npy 12KB
020.npy 12KB
116.npy 12KB
192.npy 12KB
197.npy 12KB
082.npy 12KB
035.npy 12KB
053.npy 12KB
175.npy 12KB
150.npy 12KB
190.npy 12KB
189.npy 12KB
140.npy 12KB
134.npy 12KB
056.npy 12KB
173.npy 12KB
198.npy 12KB
064.npy 12KB
185.npy 12KB
046.npy 12KB
086.npy 12KB
110.npy 12KB
023.npy 12KB
111.npy 12KB
129.npy 12KB
014.npy 12KB
166.npy 12KB
099.npy 12KB
167.npy 12KB
048.npy 12KB
065.npy 12KB
124.npy 12KB
008.npy 12KB
095.npy 12KB
049.npy 12KB
066.npy 12KB
093.npy 12KB
179.npy 12KB
007.npy 12KB
079.npy 12KB
044.npy 12KB
072.npy 12KB
114.npy 12KB
135.npy 12KB
共 220 条
- 1
- 2
- 3
资源评论
快撑死的鱼
- 粉丝: 1w+
- 资源: 9154
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功