Closed VigneshSrinivasan10 closed 5 years ago
Your model only takes inputs of batch size 1. Easy solution: call the Boundary attack with the option tune_batch_size=False
.
Worked perfectly :) Thanks.
Alternatively, change your model to accept batches. Then the boundary attack can use batches internally and therefore will be faster.
@jonasrauber : thank you for following it up.
I tried to feed in more than one image by giving batch_size=2
But, I get the error as given below, while defining the foolbox model at this line:
with foolbox.models.TensorFlowModel(x_input, logits, bounds=(0, 1)) as model:
The error message is as shown below:
ValueError: Can not squeeze dim[0], expected a dimension of 1, got 2 for 'Squeeze' (op: 'Squeeze') with input shapes: [2,10].
It would be great I can give batches at once. It would definitely speed up my pipeline
Thanks in advance,
No, you shouldn't feed in more than one image in the attack. You should change your model to accept an arbitrary number of images as normally done (specifying None
as batch size). Then the BoundaryAttack can make use of that because it needs to test many different images to create a singel adversarial for a single image.
I see. Thanks for the clarification.
Hi,
This is literally the first day I am using foolbox to validate Decision based attacks on my defense model.
I have a very simple MNIST model for which I am using the
Boundary Attack
.The code executes the normal image successfully and executes the first print statement
7 7
Followed by the error statement while executing the boundary attack as given below:I dont understand why
Boundary Attack
is making use of batches, when I have passed only one image. If running several candidates at a time makes it an efficient code - why doesmode.batch_predictions
throw an error ? Any pointers on how to fix this issue and be able to run this attack would be very helpful.Thanks in advance!