Skip to content

mesunhlf/FASTEN

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits

eval

eval

 
 

figure

figure

 
 

models

models

 
 

scripts

scripts

 
 

train

train

 
 

ForTrsutils.py

ForTrsutils.py

 
 

README.md

README.md

 
 

__init__.py

__init__.py

 
 

arguments.py

arguments.py

 
 

cifar.py

cifar.py

 
 

distillation.py

distillation.py

 
 

my_utils.py

my_utils.py

 
 

untarget_distillation.py

untarget_distillation.py

 
 

utils.py

utils.py

 
 

Repository files navigation

FASTEN Framework

1. Overview

FASTEN: Fast Ensemble Learning For Improved Adversarial Robustness

The code is repository for "FASTEN: Fast Ensemble Learning For Improved Adversarial Robustness" (IEEE TIFS).

2. Prerequisites

python 3.6
pytorch 1.4.0

3. Pipeline

3.1 Augmentation Mechinasm

3.2 Optimization Mechinasm

4. Run the Code

4.1 Training Ensembles

train.sh: Train the ensemble models by using different methods.

For example, you can run the shell in train.sh.

Vanilla ensemble:
python train/train_baseline.py --gpu $GPUID --model-num 3 --batch-size 128 --num-class 10 --arch "ResNet" --depth 20 --epoch 200

FASTEN ensemble:
python train/train_fasten.py --gpu $GPUID --model-num 3 --distill-eps 0.06 --distill-alpha 0.06 --distill-steps 1 --beta 3.0 --batch-size 128 --num-class 10 --arch "ResNet" --depth 20 --epoch 200

DVERGE ensemble:
python train/train_dverge.py --gpu $GPUID --model-num 3 --distill-eps 0.07 --distill-alpha 0.007 --distill-steps 10 --batch-size 128 --num-class 10 --arch "ResNet" --depth 20 --epoch 200

4.2 Testing Ensembles

evaluation.sh: Generate transferable examples / Test robustness under white or black box scenarios.

For example, you can run the evaluation.sh to generate black-box adversarial examples:
file_baseline="checkpoints/baseline/seed_0/3_ResNet20/epoch_200.pth"
python eval/generate_bbox_mpgd.py --num-steps 10 --model-file $file_baseline

After producing the adversarial examples, you can run the shell to test black-box robustness:
file="checkpoints/fasten/seed_0/3_ResNet20/eps0.06_steps1_beta3.0/epoch_200.pth"
python eval/eval_bbox.py --gpu $GPUID --model-file $path --folder transfer_adv_examples --steps 100 --num-class 10 --arch "ResNet" --depth 20 --save-to-csv

Or you can test white-box robustness of FASTEN under the PGD attack in evaluation.sh:
file="checkpoints/fasten/seed_0/3_ResNet20/eps0.06_steps1_beta3.0/epoch_200.pth"
python eval/eval_wbox_pgd.py --gpu $GPUID --model-file $file --steps 10 --random-start 5 --save-to-csv

5. Experimental Results

5.1 Black-box Experiment

5.2 White-box Experiment on CIFAR-10

5.3 White-box Experiment on MNIST and CIFAR-100

5.4 White-box Experiment on AdvFASTEN

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages