Originally posted by **MadhuSaran26** March 10, 2023
I'm trying to perform a white-box evasion attack (FastGradientMethod) on my pre-trained multi-label classification model. This model has been wrapped in the PyTorchClassifier class and passed as an argument to the FastGradientMethod class. However, I encountered the following error.
```
---------------------------------------------------------------------------
ValueError Traceback (most recent call last)
in
----> 1 images_adv = attack.generate(images.numpy())
6 frames
/usr/local/lib/python3.9/dist-packages/torch/nn/functional.py in binary_cross_entropy_with_logits(input, target, weight, size_average, reduce, reduction, pos_weight)
3158
3159 if not (target.size() == input.size()):
-> 3160 raise ValueError("Target size ({}) must be the same as input size ({})".format(target.size(), input.size()))
3161
3162 return torch.binary_cross_entropy_with_logits(input, target, weight, pos_weight, reduction_enum)
ValueError: Target size (torch.Size([16])) must be the same as input size (torch.Size([16, 9]))
```
In this, 16 is the batch size and 9 is the number of output classes in the model.
The following code produced this error.
```
classifier = PyTorchClassifier(
model=vgg,
clip_values=(0, 255),
loss=nn.BCEWithLogitsLoss(),
optimizer=optimizer,
input_shape=(3, 256, 256),
nb_classes=9,
device_type='cpu'
)
attack = evasion.FastGradientMethod(estimator=classifier, eps=0.2)
images_adv = attack.generate(images.numpy())
```
I'd like to know whether this toolbox can be used for a multi-label classification problem. If yes, then please kindly direct me to an example execution, or at least let me know what are the changes that I should make to my code. Otherwise, please provide the solution to this problem.
In addition, I wanted to point out that it's not feasible to create combined labels as there are multiple combinations, which could be possible in a scenario.
Discussed in https://github.com/Trusted-AI/adversarial-robustness-toolbox/discussions/2065