Closed bymavis closed 2 years ago
Hi there,
Could you clarify for me a little bit. Is something missing or incorrect?
Avi
Yes. I mean that when evaluating HTBD attack, I think the ASR should be calculated on the images (from the source category) which are added with one trigger. But according to Line 58 in 'poison_test.py', it seems that only target images are evaluated for ASR.
I think we may use different vocabulary in the code than the original HTBD authors used in their paper. In our code, the term "target image" refers to the image the attacker hopes to misclassify.
Does that clear things up?
Yes. Thanks for your kind reply.
Hi all, I have some doubts on the poison_test.py for all attack methods. I think HTBD should be evaluated on the images from source category added with a trigger. Could you please help check this?