By Chong Xiang, Prateek Mittal
Code for "DetectorGuard: Provably Securing Object Detectors against Localized Patch Hiding Attacks" in ACM CCS 2021
Takeaways:
The code is tested with PyTorch 1.7.0. The complete list of required packages are available in requirement.txt
, and can be installed with pip install -r requirement.txt
. The code should be compatible with other versions of packages.
├── README.md #this file
├── requirement.txt #required packages
├── example_cmd.sh #example command to run the code
|
├── clean_run.py #experiment with the clean setting and dump files for evaluation
├── clean_eval.py #evaluate the clean performance (average precision and false alert rate)
├── provable_run.py #experiment for the provable analysis and dump files for evaluation
├── provable_eval.py #evaluate the provable robustness (certified recall)
|
├── utils
| ├── bagnet.py #BagNet model definitions
| ├── box_utils.py #utils for boxing bounding operations
| ├── dataset.py #utils for different datasets
| ├── defense.py #utils for DetectorGuard defenses
| └── eval_utils.py #utils for clean performance (AP50) evaluation
|
├── misc #some useful scripts
| ├── plot_clean.py #plot precision-recall curve (e.g., Figure 4)
| ├── plot_provable.py #plot CR-recall curve (e.g., Figure 5) and per-class analysis (e.g., Figure 6)
| └── plot_para.py #plot Figure 7
|
├── det #directory for prediction outputs of Base Detector
| ├── README.md #details of detection output
| └── ... #detection files
|
├── data
| ├── voc #data directory for voc
| ├── coco #data directory for coco
| └── kitti #data directory for kitti
|
└── checkpoints #directory for checkpoints
├── README.md #details of checkpoints
└── ... #BagNet model checkpoints
data/
.checkpoints
.det
(or you can generate the prediction files by yourself; see det/README.md
for more details).
example_cmd.sh
for instructions and example commands for running the code.If anything is unclear, please open an issue or contact Chong Xiang (cxiang@princeton.edu).
If you find our work useful in your research, please consider citing:
@inproceedings{xiang2021detectorguard,
author = {Chong Xiang and Prateek Mittal},
title = {DetectorGuard: Provably Securing Object Detectors against Localized Patch Hiding Attacks},
booktitle = {{ACM} {SIGSAC} Conference on Computer and Communications
Security ({CCS})},
publisher = {{ACM}},
year = {2021}
}