search

ain-soph / trojanzoo

TrojanZoo provides a universal pytorch platform to conduct security researches (especially backdoor attacks/defenses) of image classification in deep learning.
https://ain-soph.github.io/trojanzoo
GNU General Public License v3.0
274 stars 62 forks source link

Is it possible to apply methods to graph? #175

Closed WangHexie closed 1 year ago

WangHexie commented 1 year ago

I have to implement dataset, model, attack method and defense method. Is subclassing subclass base class(Dataset, Model, Attack, Defense) sufficient to run the code? And is it possible to apply existing attack/defense method to my DIY model on graph?

ain-soph commented 1 year ago

Does "graph" here refers to "GNN"?

WangHexie commented 1 year ago

yes.

ain-soph commented 1 year ago

I'm afraid current "trojanvision" doesn't consider GNN, but you may find "trojanzoo" shall be a generic thing.

If you want, you may use "trojanzoo" as a start. But it might take more effort than coding from scratch if you are not familiar with it.

And attacks/defenses on graphs are different and you can't directly apply because of the different task type.
For example, this is a graph backdoor work: https://arxiv.org/abs/2006.11890

WangHexie commented 1 year ago

Thanks for your reply. I thought some methods like randomized smooth would be task-agnostic. I looked through the relevant code, it seems it really would take a lot of work to understand how the framework works.

ain-soph commented 1 year ago

You may want to check this part.

https://github.com/ain-soph/trojanzoo/blob/ec5281311b44fce9c82f98b96c0027d84ed7f08b/trojanzoo/models.py#L387-L395

WangHexie commented 1 year ago

Thanks a lot. I'm reading the source code now.