Harnessing the Vulnerability of Latent Layers in Adversarially Trained Models

[a7b23]

Name: Harnessing the Vulnerability of Latent Layers in Adversarially Trained Models

Authors: Abhishek Sinha, Mayank Singh, Nupur Kumari, Balaji Krishnamurthy, Harshitha Machiraju, V N Balasubramaniam

Paper: https://arxiv.org/abs/1905.05186

Code: https://github.com/conference-submission-anon/LAT_adversarial_robustness

Venue: IJCAI 2019

Does the code implement the robust-ml API and include pre-trained models: yes

Dataset: CIFAR-10

Threat model: $l_\infty(\epsilon = 0.03)$

Natural accuracy: 87.8%

Claims: 53.82% robustness against epsilon = 0.03

[anishathalye]

Hi Abhishek,

Thank you for your submission!

I am assuming that "53.82% robustness" in the claims can be interpreted as "53.82% accuracy". Please let me know if this is not correct.

One small thing before we add your submission: if I try running your code by running fetch_model.py followed by using model_robustml.py, I get an error because the filenames don't match up. It looks like model_robustml.py looks for the trained model in feature_adv11/checkpoint-1000, while fetch_model.py downloads the model to models/adv_trained/.... Could you please correct this so it's possible to run the robustml model without changing code?

Once this is done, we can add your defense to the list.

[a7b23]

Hi Anish,

Yes, "53.82% robustness" corresponds to "53.82% accuracy".

You can get our adversarial robust model feature_adv11/checkpoint-1000 through the google drive link mentioned in the readme of the github repo( adding the link here also - https://drive.google.com/open?id=1um2zoVYYw5YZuuV8_IeoUy-qRWSmCVUb ).

fetch_model.py fetches the baseline model over which we perform our fine-tuning to obtain our model. fetch_model.py would be only needed if one wants to reproduce our training methodology.

[anishathalye]

Ah I see, that makes sense, thanks for explaining it to me.

Added in 70fa746f9525ee40d1004b0ef30e0cc5391468cf.