search

ain-soph / trojanzoo

TrojanZoo provides a universal pytorch platform to conduct security researches (especially backdoor attacks/defenses) of image classification in deep learning.
https://ain-soph.github.io/trojanzoo
GNU General Public License v3.0
274 stars 62 forks source link

pretrain in defense #114

Closed programehr closed 2 years ago

programehr commented 2 years ago

Hi, What's the use of pre-train in defense, please?

Thanks.

https://github.com/ain-soph/trojanzoo/blob/caad6edeaefa9cf0f9f3018454dc367df6494ec4/examples/backdoor_defense.py#L3

ain-soph commented 2 years ago

It's unnecessary because the model saved by previous attack is loaded. You can just remove --pretrained in your command.

I'll consider removing it to make things clean.

You may close this issue if you have no further concern.

https://github.com/ain-soph/trojanzoo/blob/caad6edeaefa9cf0f9f3018454dc367df6494ec4/trojanvision/defenses/abstract.py#L53-L56

programehr commented 2 years ago

Thank you. I'll close it.

programehr commented 2 years ago

It's unnecessary because the model saved by previous attack is loaded. You can just remove --pretrained in your command.

I'll consider removing it to make things clean.

You may close this issue if you have no further concern.

https://github.com/ain-soph/trojanzoo/blob/caad6edeaefa9cf0f9f3018454dc367df6494ec4/trojanvision/defenses/abstract.py#L53-L56

Hello again,

Excuse me, but I think it does have an effect. It loads the (possibly trojaned) model only if you specify the pre-train option. Otherwise, it will create a model from scratch.

Am I right?

ain-soph commented 2 years ago

No, --pretrained loads the clean pretrained model at model initialization, while defense.detect loads the previously saved attack result model.

if --original is claimed, then defense.detect will not load the attack model.

ain-soph commented 2 years ago

I’ll close this issue if there is no further question,