search

ain-soph / trojanzoo

TrojanZoo provides a universal pytorch platform to conduct security researches (especially backdoor attacks/defenses) of image classification in deep learning.
https://ain-soph.github.io/trojanzoo
GNU General Public License v3.0
274 stars 62 forks source link

STRIP implementation doesn't match original codebase #188

Closed kshitijsachan closed 1 year ago

kshitijsachan commented 1 year ago

Your STRIP defense implementation seems reasonable (linearly mix benign and test inputs), but this is different from the official implementation from the STRIP repo, where they just add both images on top of each other. Not sure if this was intentional or not.

Trojanzoo implementation: https://github.com/ain-soph/trojanzoo/blob/58d309b399024be62782b285e7cc8cede147bbc8/trojanvision/defenses/backdoor/input_filtering/strip.py#L74

original STRIP implementation:

def superimpose(background, overlay):
  added_image = cv2.addWeighted(background,1,overlay,1,0)
  return (added_image.reshape(32,32,3))
ain-soph commented 1 year ago

According to opencv documents, I don't see any difference between the 2 implementations.