Closed rikonaka closed 1 year ago
My 2 cents: it may be advisable to create a _check_inputs()
method to torchattacks.Attack
base class and call this method inside the forward()
method of each attack to avoid copy/pasting code.
Moreover, I think it would be better to raise a ValueError exception if the inputs are not in the valid range, instead of quietly returning a tensor of zeros.
My 2 cents: it may be advisable to create a
_check_inputs()
method totorchattacks.Attack
base class and call this method inside theforward()
method of each attack to avoid copy/pasting code.Moreover, I think it would be better to raise a ValueError exception if the inputs are not in the valid range, instead of quietly returning a tensor of zeros.
Hi @Framartin, following the advice you provided, I modified the code then I found an img_list not define
error in pgdrs.py
, so I also modified it together.
Thank you for your wonderful work! I really appreciate your contribution. Some points will be modified:
@Harry24k I'm very sorry, it was my mistake, I forgot to push the latest branch locally.
@rikonaka, I got it! It would be great if you push EAD! BTW, I tested SPSA and JSMA, but their success rate is lower than I expected. First of all, the current version of SPSA requires a heavy amount of GPU memory due to its approximation, so I added torch.no_grad(): torchattacks/attacks/spsa.py. Could you compare the performance of SPSA and JSMA to yours via code coverage codes?: https://github.com/Harry24k/adversarial-attacks-pytorch/blob/master/code_coverage/on_server.ipynb
Hi @Harry24k , about the EAD attack, there is still a bug caused code failed to run, I will push the code to the repository after the bug is fixed. And about the SPSA and JSMA, I noticed the low success rate of these two attack algorithms when I did experiments earlier, the previous code was too complex and difficult to understand to maintain, now I'm going to rewrite the two attack methods, and I'll commit the code to the repository when I'm done. 😉
Add a user-friendly input prompt and restrict the domain of the atanh function in cw attack.
PR Type and Checklist
What kind of change does this PR introduce?
model
.supported_mode
wheter the attack supports targeted mode.torch.atanh
function from -1 to 1 in the cw attack (Theatanh
function is nonsensical in other domains of definition).ValueError
, it is meaningless to continue calculating a tensor that is not between 0 and 1).README.md
so that the instructions for the default hidden targeted attack part are no longer hidden.README.md
explaining how to provide labels for targeted attacks.setup.py
file for source code installation and related instructions.img_list not define
error inpgdrs.py
.