The official implementation of our CVPR 2023 paper "Discrete Point-wise Attack Is Not Enough: Generalized Manifold Adversarial Attack for Face Recognition" [Arxiv] [CVPR]
The repo provides code of GMAA with Lightning-Hydra-Template.
The training and testing experiments are conducted using with a single NVIDIA Tesla V100 32GB.
Prerequisites:
Note that GMAA is only tested on Ubuntu OS with the following environments. It may work on other operating systems (i.e., Windows) as well but we do not guarantee that it will.
conda create -n GMAA python=3.8.pip install -r requirements.txt.Prepare the data/pretrained weights:
downloading CelebA-HQ dataset
Assigning your costumed path --src_hq_path to run data/CelebAHQ/process.py in order to filter original CelebA-HQ dataset by valid AUs (the confidence from OpenFace need be greater or equal to 0.95).
downloading pretrained face recognition models from Google Drive (From Adv-Makeup).
Move the pretrained models to pretrained/FRmodels.
Training Configuration:
bash script/train.sh in your terminal. The trainning results is in logs/train/gmaa/runs/%Y-%m-%d_%H-%M-%S.Testing Configuration:
--ckpt_path) in script/eval.sh. The trained model path is logs/train/gmaa/runs/%Y-%m-%d_%H-%M-%S/checkpoints/epoch_019.ckpt(max_epoch is setted to 20).bash script/eval.sh in your terminal. The evaluation results directory is logs/eval/gmaa/runs/%Y-%m-%d_%H-%M-%S. The generated adversarial examples of test dataset is in test_vis of evaluation results directory.Evaluation Configuration:
Replace your testing adversarial examples directory (--res_root) in metric/test_asr.py & metric/test_faceplusplus.py. The testing adversarial examples directory of step.4 is test_vis of evaluation results directory.
Just enjoy it via running python metric/test_asr.py to get the attack success rate. The result is saved in test_asr of evaluation results directory.
Just enjoy it via running python metric/test_faceplusplus.py to get the Face++ confidence score. The result is saved in test_faceplusplus of evaluation results directory. Visualization videos with Face++ confidence scores are under metric/Videos.
Please note: Need fill your own api --key and --secret getted from Face++.
logs/eval/gmaa/runs/%Y-%m-%d_%H-%M-%S
└- test_asr # Attack Success Rate
└- test_faceplusplus # Face++ confidence score
└- test_vis # Generated adversarial examples of test dataset
└- ...The final project should be like this:
GMAA
└- data
└- CelebAHQ
└- CelebA-pairs
└- typical_au.txt
└- log
└- eval
└- train
└- pretrained
└- exper_edit
└- ...
└- FRmodels
└- facenet.pth
└- ir152.pth
└- irse50.pth
└- mobile_face.pth
└- ...Some of the codes are built upon AMT, pretrained face recognition models are from Adv-Makeup
@misc{li2023discrete,
title={Discrete Point-wise Attack Is Not Enough: Generalized Manifold Adversarial Attack for Face Recognition},
author={Qian Li and Yuxiao Hu and Ye Liu and Dongxiao Zhang and Xin Jin and Yuntian Chen},
year={2023},
eprint={2301.06083},
archivePrefix={arXiv},
primaryClass={cs.CV}
}@InProceedings{Li_2023_CVPR,
author = {Li, Qian and Hu, Yuxiao and Liu, Ye and Zhang, Dongxiao and Jin, Xin and Chen, Yuntian},
title = {Discrete Point-Wise Attack Is Not Enough: Generalized Manifold Adversarial Attack for Face Recognition},
booktitle = {Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR)},
month = {June},
year = {2023},
pages = {20575-20584}