Skip to content

P2333/Reverse-Cross-Entropy

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Matlab_scripts
update Matlab scripts
July 2, 2019 11:59
attacks
update attack parts
July 2, 2019 11:53
.gitignore
Initial commit
July 23, 2018 16:48
LICENSE
Initial commit
July 23, 2018 16:48
README.md
Update README.md
May 14, 2021 19:54
cifar_input.py
Training part of RCE
July 23, 2018 17:09
mnist_input.py
Training part of RCE
July 23, 2018 17:09
others.py
update attack parts
July 2, 2019 11:53
resnet_model_cifar.py
Training part of RCE
July 23, 2018 17:09
resnet_model_mnist.py
Training part of RCE
July 23, 2018 17:09
t_sne.py
update attack parts
July 2, 2019 11:53
test_adv.py
update attack parts
July 2, 2019 11:53
test_nor.py
Normal test part of RCE
July 23, 2018 17:47
train.py
Update train.py
June 25, 2019 21:31
Reverse Cross Entropy Training Training Test in the Normal Setting Test in the Adversarial Setting Detection of Adversarial Examples

README.md

Reverse Cross Entropy Training

Reverse Cross Entropy Training (RCE) is a novel training method, which can learn more distinguished feature representations for detecting adversarial examples. Technical details are specified in:

Towards Robust Detection of Adversarial Examples (NeurIPS 2018)

Tianyu Pang, Chao Du, Yinpeng Dong and Jun Zhu

Training

We provide codes for training ResNet on MNIST and CIFAR-10. Our codes are based on Tensorflow.

Prerequisite:

  1. Install TensorFlow 1.9.0 (Python 2.7).

  2. Download MNIST/CIFAR-10 dataset.

How to run:

An example of using RCE to train a ResNet-32 on MNIST:

python train.py --train_data_path='mnist_dataset/data_train.bin' \
                --log_root=models_mnist/resnet32 \
                --train_dir=models_mnist/resnet32/train \
                --dataset='mnist' \
                --num_gpus=1 \
                --num_residual_units=5 \
                --mode=train \
                --Optimizer='mom' \
                --total_steps=20000 \
                --RCE_train=True

Test in the Normal Setting

An example of test trained ResNet-32 in the normal setting (test set) on MNIST:

python test_nor.py --eval_data_path='mnist_dataset/data_test.bin' \
                --log_root=models_mnist/resnet32 \
                --eval_dir=models_mnist/resnet32/eval \
                --dataset='mnist' \
                --num_gpus=1 \
                --num_residual_units=5 \
                --mode=eval \
                --RCE_train=True

Test in the Adversarial Setting

The code of attacks is forked from Zhitao Gong

An example of attacking a trained Resnet-32 by FGSM on MNIST:

python test_adv.py --eval_data_path='mnist_dataset/test_batch.bin' \
                               --log_root=models_mnist/resnet32 \
                               --dataset='mnist' \
                               --num_gpus=1 \
                               --num_residual_units=5 \
                               --Optimizer='mom' \
                               --mode=attack \
                               --RCE_train=True \
                               --attack_method='fgsm' \
                               --eval_batch_count=5

The attack_method could be random, fgsm (FGSM), bim (BIM), tgsm (ILCM), jsma (JSMA), carliniL2 (C&W), carliniL2_highcon (C&W-highcon) and carliniL2_specific (C&W-whitebox).

Detection of Adversarial Examples

After running the attacking codes, there will be saved files containing the information of crafted adversarial exmaples. To further perform detection between adversarial examples and normal ones, there are three extra steps to do:

First Step: Get the train_logits

python others.py --eval_data_path='mnist_dataset/data_train.bin' \
                               --log_root=models_mnist/resnet32 \
                               --dataset='mnist' \
                               --num_gpus=1 \
                               --num_residual_units=5 \
                               --mode=kernel_para \
                               --Optimizer='mom' \
                               --eval_batch_count=500 \
                               --RCE_train=True

Second Step: run Matlab_scripts/select_kernel.m

Third Step: run Matlab_scripts/auc_of_roc_RCE.m

About

Reverse Cross Entropy for Adversarial Detection (NeurIPS 2018)

Resources

Readme

License

Apache-2.0 license

Stars

37 stars

Watchers

4 watching

Forks

11 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages