Skip to content

The code for the paper titled as "DifAttack: Query-Efficient Black-Box Attack via Disentangled Feature Space".

Notifications You must be signed in to change notification settings

csjunjun/DifAttack

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

DifAttack++

The official code for the paper titled as "DifAttack++: Query-Efficient Black-Box Adversarial Attack via Hierarchical Disentangled Feature Space in Cross Domain". It is available in Arxiv.

Our previous conference version called "DifAttack: Query-Efficient Black-Box Attack via Disentangled Feature Space" has been accepted by AAAI 2024. The supplementary file is available at our Arxiv version.

Overview

Setup

Please download the test set and model weights of DifAttack++ from GoogleDrive. The model weights for DifAttack can be downloaded from GoogleDrive.

Train autoencoders for image reconstruction and feature disentanglement:

set mode="train" in main.py

Python main.py

Perform black-box attack

set mode="test" in main.py

Python main.py

Acknowledgements

Part of the code is partially derived from ImageReconstruction Github and torchattacks Github.

Citation

If you find this work useful for your research, you can cite:

@inproceedings{JunDifAttack2024,
title={DifAttack: Query-Efficient Black-Box Attack via Disentangled Feature Space},
author={Liu, Jun and Zhou, Jiantao and Zeng, Jiandian and Tian, Jinyu},
booktitle={Proceedings of the AAAI Conference on Artificial Intelligence},
volume={38},
number={4}, 
pages={3666-3674} ,
year={2024}, 
month={Mar.}, 
url={https://ojs.aaai.org/index.php/AAAI/article/view/28156}, 
DOI={10.1609/aaai.v38i4.28156}
}
@article{liu2024difattack++,
  title={DifAttack++: Query-Efficient Black-Box Adversarial Attack via Hierarchical Disentangled Feature Space in Cross Domain},
  author={Liu, Jun and Zhou, Jiantao and Zeng, Jiandian and Tian, Jinyu},
  journal={arXiv preprint arXiv:2406.03017},
  year={2024}
}

About

The code for the paper titled as "DifAttack: Query-Efficient Black-Box Attack via Disentangled Feature Space".

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages