Adversarial Example Detection with Critical Data Routing Paths


pytorch == 0.3.1 python == 3.5 sklearn == 0.22

Data Preparation

python --data_dir IMAGENET_DATA_DIR/train --dump_path data/train_images_list.pkl
python --data_dir IMAGENET_DATA_DIR/val --dump_path data/val_images_list.pkl

Adversarial Example Detection

python --data IMAGENET_DATA_DIR -a ARCH --gpu GPU_ID

where ARCH denotes the attacking network (AlexNet, VGG16), GPU_ID is the available gpu device number. For ResNet50, run the command

python --data IMAGENET_DATA_DIR -a resnet50 --gpu GPU_ID

Current setting is one training sample and one testing sample from each class to extract the CDRP used for adversarial example detection. You can adjust the sample number from each class by

python --data IMAGENET_DATA_DIR -a ARCH --train_num_per_class 5 --test_num_per_class 1 --gpu GPU_ID
  • Note: we have improved the codes after CVPR paper is published, and current settings can achieve 0.9+ AUROC value.


