Cleverhans FGSM : classification accuracy is too high #1063
Comments
|
From your code it looks like you are initializing the model's weights, defining the tf session, etc... after having trained the model using Keras. My guess is that the adv_x array does not contain images that are adversarial. This would explain why the accuracy output by [22] is close to random---because the model weights are random. When you restore the model, its weights are set again to the values learned during training so the accuracy is restored (because the images are not adversarial). |
|
Thanks Nicolas. Updated the code. Works fine now. |
|
Hi, Csesivakumar, I had the same issue as you. Can you tell me how did you fix the issue? Thanks! |
|
Check out my updated code here. As Nicolas said, should not initialize the model weight after having trained the classification model. it will assign random weights for the model and FGSM will not generate proper adversarial images based on that model. https://github.com/csesivakumar/Adversarial_Defense/blob/master/Cleverhans_generatenp.ipynb |
|
OK! Thank you very much! |
What's going wrong with this code? I have generated adversarial images using cleverhans API - generate_np method. And using the default cleverhans CNN classifier to classify the images. The test accuracy is very low for adversarial images as expected when I use the model after generating the images. But if I save and reload the model, the accuracy is too high. Please check the code here. Is it really working?
https://github.com/csesivakumar/Adversarial_Defense/blob/master/Cleverhans_generatenp.ipynb
Python: 3.6
The text was updated successfully, but these errors were encountered: