code-soup icon indicating copy to clipboard operation
code-soup copied to clipboard
verified publisher icon Adversarial-Deep-Learning

Tutorial For One Pixel Attack

Open mehulrastogi opened this issue 4 years ago • 3 comments

Noting down the list of tasks to be completed for the tutorial. The implementation for the attack is in #65 .

Paper Link

For the sake of simplicity right now focusing on one model and one dataset. (VGG16 , CIFAR10(less noisy than kaggle cifar10) )

  • [ ] #79
  • [ ] #78
  • [ ] Targeted attack on random 300 samples (can be a separate tutorial)

mehulrastogi avatar Aug 31 '21 06:08 mehulrastogi

The following can be used to get useful stats for the tutorial `

    attack_image = obj.perturbation_image(attack_result.x, image)
    prior_probs = obj.model_predict(image)
    predicted_probs = self.model_predict(attack_image)
    predicted_class = np.argmax(predicted_probs)
    actual_class = original_label
    success = predicted_class != actual_class
    cdiff = prior_probs[actual_class] - predicted_probs[actual_class]

`

mehulrastogi avatar Aug 31 '21 17:08 mehulrastogi

Hey, I would like to work on this

Shreyas-Bhat avatar Sep 01 '21 04:09 Shreyas-Bhat

great @Shreyas-Bhat you can take it up, comment on #78 and #79 too so we can assign it to you

someshsingh22 avatar Sep 02 '21 06:09 someshsingh22