Exploring the Space of Adversarial Images
Switch branches/tags
Nothing to show
Clone or download
tabacof Merge pull request #3 from luizgh/master
Renaming mnist module (conflict with torch mnist)
Latest commit dcacc59 Aug 3, 2016

README.md

Exploring the Space of Adversarial Images

Tabacof, Pedro and Valle, Eduardo. Exploring the Space of Adversarial Images. arXiv preprint arXiv:1510.05328, 2015.

Please cite us if you use this code. ArXiv link

Requirements

Torch7

GFortran with BLAS

L-BFGS-B

The adversarial image optimization problem requires the box-constraints so that the distortions won't make the image go outside the pixel space (RGB = [0, 255]).

For this we use the Fortran library L-BFGS-B written by Nocedal, the author of the algorithm. To compile the library do the following:

cd lbfgsb
make lib

This library is as fast the Torch7 Optim's LBFGS (wihout bound constraints).

MNIST

For MNIST, the code will train the classifier from scratch. A logistic regression should achieve about 7.5% error, and a standard convolutional network 1%. You need to download the dataset:

cd mnist
th download.lua

ImageNet

For ImageNet you can use the pre-trained OverFeat network, which is a deep convolutional neural network that won the localization ILSVRC competition in 2013.

First you must download the weights of the network (thanks to Jonghoon Jin):

cd overfeat
sh install.sh

Adversarial images

Now you can create adversarial images using:

th adversarial.lua -i image.png

Options:

-i: image file
-cuda: use GPU support (must have CUDA installed on your computer - test this with require 'cutorch')
-gpu: GPU device number
-ub: unbounded optimization (allow the distortion to go outside the pixel space)
-mc: probe the space around the adversarial image using white noise (default is Gaussian)
-hist: use nonparametric noise instead of Gaussian ("histogram")
-orig: probe the space around the original image instead
-numbermc: number of probes
-mnist: use MNIST instead of ImageNet dataset
-conv: use convolutional network with MNIST (instead of logistic regression)
-itorch: iTorch plotting
-seed: random seed

The resulting images and the distortions will be created on the same folder of the image.