What is the generator used during the white-box attack phase?

ngoc-nguyen-0 / LOKT_neurips2023

9 stars 3 forks source link

What is the generator used during the white-box attack phase? #2

Open lym-123-123 opened 1 month ago

lym-123-123 commented 1 month ago

Could you please confirm whether the generator used for the white-box attack on the surrogate model is the original generator from T-ACGAN, or was a new generator retrained?

ngoc-nguyen-0 commented 1 month ago

Hi, Only PLGMI uses the T-ACGAN for attacking. For KEDMI, we follow the paper to train a new GAN using the surrogate models. For GMI, we use the general GAN. Thanks. Ngoc

lym-123-123 commented 3 weeks ago

Hi, Only PLGMI uses the T-ACGAN for attacking. For KEDMI, we follow the paper to train a new GAN using the surrogate models. For GMI, we use the general GAN. Thanks. Ngoc

In the setup where the classifier head of the discriminator network serves as a surrogate model, is the output of the generator directly used as the images obtained in the attack?

ngoc-nguyen-0 commented 3 weeks ago

No, the output images of the trained G in TACGAN are not used as the reconstructed images. We use the discriminator as a surrogate model and still performance the whitebox attack on it, similar to other surrogate models,