Skip to content

tiendzung-le/cleverhans-models

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Competition on Adversarial Attacks and Defenses

My code of 3 submissions for 3 sub competitions

The approach

I did not focus on image processing but tried to apply Game Theory in these 3 competitions. And the results showed that this approach worked pretty well.

Defense Against Adversarial Attack: Team cosmos - rank 6

  • It is basically an ensemble of 7 models.
  • The inception_v3 model's prediction is not included in the ensemble but used as a special adversarial image detector. Let's name the output of the ensemble is main_label and the output of the inception_v3 model is fool_label. Note that the inception_v3 model is strongly attacked so most of the time the fool_lable is wrong. The final outcome is the main_label if it is different from fool_lable or more than half of the ensemble classifiers votes for the main_label. Otherwise the final outcome is the second best of the ensemble.
  • In order to avoid the OOM issue, each model is run seperately and the prediction is redirected into a temporary file. The ensemble script reads all 8 predictions and produces the final result.

Non-targeted Adversarial Attack: Team cosmos - rank 16

  • It is an iterative FGSM with 5 models

Targeted Adversarial Attack: Team Arrival - rank 7

  • It is an iterative attack with 2 models

Models

All models in these submssions are from the tensorflow repository

In order to load different models into one session, the scope should be renamed.

python tensorflow_rename_variables.py --checkpoint_dir=adv_inception_v3.ckpt --output_dir=nips_adv_inception_v3.ckpt --replace_from=InceptionV3 --replace_to=NipsInceptionV3

python tensorflow_rename_variables.py --checkpoint_dir=ens4_adv_inception_v3.ckpt --output_dir=nips04_ens4_adv_inception_v3.ckpt --replace_from=InceptionV3 --replace_to=Nips04InceptionV3

python tensorflow_rename_variables.py --checkpoint_dir=inception_resnet_v2_2016_08_30.ckpt --output_dir=nips_inception_resnet_v2_2016_08_30.ckpt --replace_from=InceptionResnetV2 --replace_to=NipsInceptionResnetV2

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published