I used the default parameter of the CW attack on the ImageNet validation dataset, but I got a worse result (63.36% fooling rate) compared with other attacks (i.e., FGSM and PGD). I don't know whether the issue originate from the algorithm or myself.
Therefore, I suggest providing some baseline comparison results would make the repo more appealing!
This repository provides a convenient implementation for the baseline attacks method. Thanks for your contribution to this commune.
✨ Short description of the feature [tl;dr]
I used the default parameter of the CW attack on the ImageNet validation dataset, but I got a worse result (63.36% fooling rate) compared with other attacks (i.e., FGSM and PGD). I don't know whether the issue originate from the algorithm or myself.
Therefore, I suggest providing some baseline comparison results would make the repo more appealing!
This repository provides a convenient implementation for the baseline attacks method. Thanks for your contribution to this commune.
💬 Detailed motivation and codes
See above