Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added TensorFlow v2.0 implementation of FGSM Attack #181

Closed
wants to merge 1 commit into from
Closed

Added TensorFlow v2.0 implementation of FGSM Attack #181

wants to merge 1 commit into from

Conversation

rish-16
Copy link

@rish-16 rish-16 commented Oct 4, 2019

Description

I have written a TF v2.0 MNIST classifier with added support for the Keras functional API. I have incorporated the art modules like KerasClassifier and FastGradientMethod.

System

I have tested it on macOS 10.14.14 Beta with different hyper-parameters.

Metrics

Original testing accuracy: 94.08
Adversarial testing accuracy: 45.16

@beat-buesser
Copy link
Collaborator

Hi @rish-16 Thank you very much for using ART! The example looks good, but I think it is very close to existing examples and notebooks, like get_started_keras.py or art-for-tensorflow-v2-keras.ipynb and therefore I'll close this PR. But please let me know if you would be interested to become a contributor to ART because could show you some interesting opportunities/project at various levels to develop code and new features for ART.

@rish-16
Copy link
Author

rish-16 commented Oct 5, 2019
edited

Yes, please! I'd love to join in as a Contributor. I'm currently researching on Adversarial Examples at school and the ART community has been so helpful so far. Can I please know what are the next steps to take? Are there any projects I can take up?
My specialization lies in TensorFlow and Keras.

@beat-buesser
Copy link
Collaborator

Hi @rish-16 That great! Currently we have an open issue #51 to implement the low frequency adversarial perturbation strategy to complete our collection of attacks. Link to the paper is in the issue. I think it would be a great project to get started with a serious contribution. Would you be interested to work on this issue? If yes, I'll assign #51 to you and I can provide support to get you started.

@rish-16
Copy link
Author

rish-16 commented Oct 6, 2019
edited

Sure! I looked through the paper just now. Let me see what I can do. I'll be writing it in TensorFlow/Keras. Worse case, it may need some low-level tf.ops but shouldn't be too much of a hassle. I look forward to your guidance and support.

Cheers!

@beat-buesser
Copy link
Collaborator

Great! I'll assign #51 to you and let's continue the discussion in issue #51. Let me know anytime if you have questions.
All attacks in ART are framework (ML library) independent, which means they don't contain, for example, any TensorFlow code. All framework dependent code is implemented in the corresponding classifiers, e.g. TensorFlowV2Classifier, etc., which provide methods for loss gradients, etc.

@beat-buesser
Copy link
Collaborator

@rish-16 Could you please make a comment in #51 that you are interested in that issue? Otherwise I the system won't let me assign it to you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@rish-16 @beat-buesser