/DeepCloak

ICLR16: DeepCloak: Masking Deep Neural Network Models for Robustness Against Adversarial Samples

Primary LanguageLuaApache License 2.0Apache-2.0

DeepCloak: Masking Deep Neural Network Models for Robustness Against Adversarial Samples

Environment: Torch7 + CUDNN

Reference

at Workshop of ICLR16:

Title: DeepCloak: Masking Deep Neural Network Models for Robustness Against Adversarial Samples

@article{GaoWQ17,
  author    = {Ji Gao and
               Beilun Wang and
               Yanjun Qi},
  title     = {DeepCloak: Masking {DNN} Models for robustness against adversarial
               samples},
  journal   = {CoRR},
  volume    = {abs/1702.06763},
  year      = {2017},
  url       = {http://arxiv.org/abs/1702.06763},
  archivePrefix = {arXiv},
  eprint    = {1702.06763},
  biburl    = {https://dblp.org/rec/bib/journals/corr/GaoWQ17},
}

Example:

th removenode.lua -dataset resources/cifar10.t7 -model resources/model_res-164.t7 -layernum 8

Usage:

th removenode.lua -model MODELADD -dataset DATASETADD -layernum LAYERNUM -std STD [-power POWER] [-gpu GPUNUM]

  • [MODELADD]: address of the model file \n

  • [LAYERNUM]: number of the layer where the mask will be inserted after it

  • [POWER]: attack strength, epsilon in Fast Gradient Sign Method, default 10

  • [GPUNUM]: number of GPU selected

  • [DATASETADD]: address of the dataset file

  • [STD]: the standard deviation of the dataset used in the preprocessing, required in the Adversarial Sample Generation

Dataset and models: Orginially from https://github.com/szagoruyko/wide-residual-networks