Closed muyuuuu closed 2 years ago
I think whether your parameters was chosen too large. You could look at the paper about Deepfool's parameters. take care!
I think whether your parameters was chosen too large. You could look at the paper about Deepfool's parameters. take care!
I use the default parameters:
maybe infinite loop in here?:
The reason why DeepFool takes a longer time than other methods is that it requires Jacobian matrix for generating adversarial examples as follows: https://github.com/Harry24k/adversarial-attacks-pytorch/blob/6dbe9155b0ba6ff966f2d484366c13fcbf80e38d/torchattacks/attacks/deepfool.py#L76 Unfortunately, this procedure is not supported as batch-wise computation by PyTorch. I recommend using other methods when attacking large-scale models.
Unfortunately, this procedure is not supported as batch-wise computation by PyTorch. I recommend using other methods when attacking large-scale models.
Thank U!
@muyuuuu What I think you could do is make the algorithm targeted. I.e. instead of finding the class with the closest boundary you could approximate this by the class with the second highest logit. Then you just need to compute one gradient (of the difference) so you can parallelize this computation for the whole batch without running into memory problems. For better approximation you may take eg the top 5 logits and determine the closest hyperplane.
As shown in title, I use
torchattacks.DeepFool(model)
to generate attack data about cifar100 trainset, batch size is 512 and had run in Tesla P40 20 hours. But no results, is it normally? here is code: