Closed linaemunsamy closed 3 years ago
You should be able to use the attack on any dataset.
model
is the victim model, which could be pre-trained or custom trained. x
is the original image that you want to attack, and y
is the true label of x
that model
predicts.
The utils.apply_normalization
function might need to be modified depending on how your dataset is normalized. Right now it defaults to the ImageNet normalization scheme.
Let me know if you need any further clarification.
Hi,
Thanks for the quick response. Can I use a model and labels from an object detection framework?
On Wed, 05 Aug 2020 at 18:04, cg563 notifications@github.com wrote:
You should be able to use the attack on any dataset.
model is the pre-trained model, which could be pre-trained or custom trained. x is the original image that you want to attack, and y is the true label of x that model predicts.
The utils.apply_normalization function might need to be modified depending on how your dataset is normalized. Right now it defaults to the ImageNet normalization scheme.
Let me know if you need any further clarification.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/cg563/simple-blackbox-attack/issues/10#issuecomment-669280949, or unsubscribe https://github.com/notifications/unsubscribe-auth/ANCPVBJQD4HPLJWXWXCMFMDR7F7IJANCNFSM4PVMJI2Q .
In principle, you should be able to use any model as long as it returns some continuous-valued confidence score. I haven't tried the method on object detection so I cannot guarantee that it will work.
I keep getting the following error at this line [ output = model(normalize(x.cuda())).cpu() ] in simba_single.py TypeError: Cannot convert value torch.float32 to a TensorFlow DType.
Can you provide an example of how I should be importing an image to provide via the x variable?
For context, this is how I am currently importing images, which results in a Tensor with dtype torch.float32: data_dir = "data/"
transform = transforms.Compose([transforms.Resize(255), transforms.CenterCrop(224), transforms.ToTensor()])
dataset = datasets.ImageFolder(data_dir, transform=transform) dataloader = torch.utils.data.DataLoader(dataset, batch_size=1) images, labels = next(iter(dataloader)) x = images[0]
The data loading code you provided looks correct to me.
I'm confused about why the error mentions TensorFlow DType. Are you using TensorFlow at any point in your code?
I am running the code in colab and the model is a pre-trained model generated using keras.Sent from my Verizon, Samsung Galaxy smartphone -------- Original message --------From: Chuan Guo notifications@github.com Date: 11/8/20 17:46 (GMT-05:00) To: cg563/simple-blackbox-attack simple-blackbox-attack@noreply.github.com Cc: lumbeeluva03 lumbeeluva03@yahoo.com, Comment comment@noreply.github.com Subject: Re: [cg563/simple-blackbox-attack] Models and Own Dataset (#10) The data loading code you provided looks correct to me. I'm confused about why the error mentions TensorFlow DType. Are you using TensorFlow at any point in your code?
—You are receiving this because you commented.Reply to this email directly, view it on GitHub, or unsubscribe.
Ok, that might be an issue. The keras model could be using TensorFlow backend, but the data loading code is outputting PyTorch tensors. It would require a bit of work getting the code to work with TF models.
Understood, I was afraid of that and thank you for the insight.Sent from my Verizon, Samsung Galaxy smartphone -------- Original message --------From: Chuan Guo notifications@github.com Date: 11/8/20 18:41 (GMT-05:00) To: cg563/simple-blackbox-attack simple-blackbox-attack@noreply.github.com Cc: lumbeeluva03 lumbeeluva03@yahoo.com, Comment comment@noreply.github.com Subject: Re: [cg563/simple-blackbox-attack] Models and Own Dataset (#10) Ok, that might be an issue. The keras model could be using TensorFlow backend, but the data loading code is outputting PyTorch tensors. It would require a bit of work getting the code to work with TF models.
—You are receiving this because you commented.Reply to this email directly, view it on GitHub, or unsubscribe.
Hi,
I am new to adversarial noise and would like to implement this black box approach onto images. Can I use this on my own dataset? What does (model,x,y) refer to in simba single? Is this my own model trained on the dataset or another pretrained model?
Any help will be much appreciated!