Data

Tools

Indexes

Applications

Experiments

Open Source Science

robust-l0

Companion code for 2024 IEEE-JSAIT paper "Efficient and Robust Classification for Sparse Attacks"

https://github.com/mbeliaev1/robust-l0

Science Score: 44.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
    Found CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (13.2%) to scientific vocabulary
Last synced: 10 months ago · JSON representation ·

Repository

Companion code for 2024 IEEE-JSAIT paper "Efficient and Robust Classification for Sparse Attacks"

Basic Info
  • Host: GitHub
  • Owner: mbeliaev1
  • License: mit
  • Language: Python
  • Default Branch: main
  • Homepage:
  • Size: 29.5 MB
Statistics
  • Stars: 1
  • Watchers: 1
  • Forks: 0
  • Open Issues: 0
  • Releases: 0
Created almost 4 years ago · Last pushed almost 2 years ago
Metadata Files
Readme License Citation

README.md

Truncation as a Defense for Sparse Attacks

This directory is supplementary material for our work published in IEEE-JSAIT 2024:

Efficient and Robust Classification for Sparse Attacks Mark Beliaev, Payam Delgosha, Hamed Hassani, Ramtin Pedarsani.

All relevant citations for methods used are found in the paper's list of references.

This README contains 4 sections:

I. Requirements

List of the requirements needed to run the code, as well as instructions on how to setup the required environemnt.

II. Contents

Summary of the sub-directories and files found within this project.

III. Training from scratch

Description on how to use the code provided to train our truncated models from scratch.

IV. Evaluating results

Description on how to use the code provided to validate our results by evaluating the provided pre-trained models, or evaluate results for newly trained models.

I. Requirements

We recommend using pacakge manager pip as well as conda to install the relative packages:

conda: - python-3.8.5 python - numpy-1.19.2 numpy - pytorch-1.7.1 pytorch

pip: - foolbox-2.4.0 foolbox - tqdm tqdm

bash conda create -n robust python==3.8.5 conda activate robust conda install pytorch==1.7.1 torchvision==0.8.2 torchaudio==0.7.2 cudatoolkit=11.0 -c pytorch python torch_test.py conda install jupyter pip install foolbox==2.4.0 tqdm

II. Contents

datasets/

The MNIST and CIFAR datasets will be downloaded and stored here if they are not already present when one runs scripts/train.py or scripts/train.py for the first time.

new_trained/

Empty folder structure for storing the results of new adversarially trained networks. Structure of results saved is found in scripts/train.py.

figures/

Containes the code used to generate the figures from our experiment.

scripts/

Scripts for training and evaluating models. Usage found in sections III. Training from scratch and IV. Evaluating results.

utils/

All required code to perform our experiments, including the LICENSE file for sparse-rs.

(1) adv_trainer.py: Contains the general adversarial training class used for our experiments.

(2) attack.py: Contains the general attack class used for our experiments.

(3) models.py: Contains all the models used for our experiments.

(4) attacks/sparse_rs.py: Contains the sparse-rs class that is used to attack our networks in adv.py. This file is different from the original version as we use the MNIST dataset ontop of CIFAR, and change variables based on which experiment is being performed.

(5) helpers.py: Contains various helper methods used in our experiments

(6) trunc.py: Contains various truncation implementations. Note that our experiments only utilized the "simple" truncation mechanism as we found it to have the best overall perforamnce.

III. Training from scratch

We will briefly cover the details of the training and evaluation scripts found in scripts/, setting the parameters for epochs, queries, and iterations to arbitrary numbers that generate the results quickly. For full evaluation and training as done in the paper experiments, in most cases you should use the default paramters, but we urge you to check the paper for specific configurations.

To train a samll CNN with truncation parameter k=12 on MNIST and save to /new_trained/test/:

bash python scripts/train.py --cfg_name cnn_small --trunc_type simple --dataset MNIST --exp test --k 12 --perturb 12 --seed 0 --epochs 2 --queries 10 --iters 2

To remove the truncation parameter and use the default CNN network with adversarial training, simply set k to zero while keeping perturb at the desired magnitude:

bash python scripts/train.py --cfg_name cnn_small --dataset MNIST --exp test --k 0 =- --seed 0 --epochs 2 --queries 10 --iters 2

To remove teh adversarial componenet completely you need the no_adv flag:

bash python scripts/train.py --cfg_name cnn_small --dataset MNIST --exp test --k 0 --no_adv --seed 0 --epochs 2 --queries 10 --iters 2

IV. Evaluating results

To evaluate a particular network, use one of the 3 eval scripts scripts/eval_rs.py,scripts/eval_pw.py, or scripts/multi_rs.py and set the corresponding arguements. For example, we can evaluate all 4 networks we just trained, measuring their accuracy, robust accuracy with sparseRS, and median adversarial attack magnitude wit the pointwise attack:

```bash python scripts/evalrs.py --evaldir newtrained/test --budget 12 --queries 500 --restarts 1 python scripts/evalpw.py --evaldir newtrained/test --iters 10 --sampels 100

```

Note that the experiment configuarions are loaded by loading all the json configurations found in the provided directory given by the --eval_dir arguement. For sparse-rs, when evaluating the arguement perturb controls the l0 magnitude of the attack for testing robust accuracy, whereas in scripts/train.py it controlls the magnitude of the attack in the adversarial training component.

additonal experiments

```bash python scripts/train.py --cfgname cnnsmall --trunctype simple --dataset MNIST --exp finallongnoadv --k 12 --noadv --seed 0 --epochs 100 --queries 500 python scripts/train.py --cfgname cnnsmall --trunctype simple --dataset MNIST --exp finallongnoadv --k 50 --noadv --seed 0 --epochs 100 --queries 500 python scripts/train.py --cfgname VGG16 --trunctype simple --dataset CIFAR --exp finallongnoadv --k 12 --noadv --seed 0 --epochs 100 --queries 500 --bs 128 --lr 0.1 python scripts/train.py --cfgname VGG16 --trunctype simple --dataset CIFAR --exp finallongnoadv --k 50 --noadv --seed 0 --epochs 100 --queries 500 --bs 128 --lr 0.1

python scripts/evalrs.py --evaldir newtrained/finallongnoadv/MNIST --beta 1 --device cuda:3 python scripts/evalpw.py --evaldir newtrained/finallongnoadv/MNIST --device cuda:3 python scripts/multirs.py --evaldir newtrained/finallongnoadv/MNIST --beta 1 --device cuda:3 --logname multi1.txt python scripts/multirs.py --evaldir newtrained/finallongnoadv/MNIST --beta 100 --device cuda:3 --logname multi100.txt

python scripts/evalrs.py --evaldir newtrained/finallongnoadv/CIFAR --beta 1 --device cuda:3 python scripts/evalpw.py --evaldir newtrained/finallongnoadv/CIFAR --device cuda:3 python scripts/multirs.py --evaldir newtrained/finallongnoadv/CIFAR --beta 1 --device cuda:3 --logname multi1.txt python scripts/multirs.py --evaldir newtrained/finallongnoadv/CIFAR --beta 100 --device cuda:3 --logname multi100.txt ```

Owner

  • Name: Mark Beliaev
  • Login: mbeliaev1
  • Kind: user

PhD candidate @ UCSB, Electrical and Computer Engineering

Citation (CITATION.cff) 

cff-version: 1.2.0
message: "If you use this software, please cite it as below."
authors:
- family-names: "Beliaev"
  given-names: "Mark"
title: "robust-l0"
version: 1.0.0
date-released: 2024-05-02
url: "https://github.com/mbeliaev1/robust-l0"

GitHub Events

Total
Last Year