/Adversarial_Training_DL_Assignment

Training and Evaluating the models on the ImageNet dataset using adversarial training method. Adapted from the official PyTorch repository

Primary LanguagePython

Deep learning Assignment :

Submitted by Sammed C Jain - 4NI20IS095 - ISE 7th SEM 'B' section
Topic - Adversarial training

Intro

Adversarial training is a machine learning method that aims to trick machine learning models by providing deceptive input and it can also be considered as a technique that trains a model to classify both unmodified and adversarial examples. It's considered one of the most effective defense strategies against adversarial attacks.

In adversarial training, the model is trained on a combination of clean and adversarial examples. This improves the model's robustness against attacks and its generalization performance for original examples. Adversarial examples are generated during training. The model's performance at prediction time will be better for adversarial examples generated in the same way.

Some examples of adversarial attacks include:

  • Poisoning attacks
  • Evasion attacks
  • Model extraction attacks

This Repository

This repository provides codes for training and evaluating the models on the ImageNet dataset. The implementation is adapted from the official PyTorch repository.

Using the Free Adversarial Training (Free-m) algorithm, we can train robust models at no additional cost compared to natural training. This allows us to train robust ImageNet models using only a few GPUs in a couple of days!

Installation

  1. Install PyTorch.
  2. Install the required python packages. All packages can be installed by running the following command:
pip install -r requirements.txt
  1. Download and prepare the ImageNet dataset. You can use this script, provided by the PyTorch repository, to move the validation subset to the labeled subfolders.

Training a model

To train a robust model run the following command:

python main_free.py [PATH_TO_IMAGENET_ROOT]

This trains a robust model with the default parameters. The training parameters can be set by changing the configs.yml config file. Please run python main_free.py --help to see the list of possible arguments. The script saves the trained models into the trained_models folder and the logs into the output folder.

Evaluating a trained model

You can evaluate a trained model by running the following command:

python main_free.py [PATH_TO_IMAGENET_ROOT] -e --resume [PATH_TO_THE_MODEL_CHECKPOINT]

The script evaluates the model on clean examples as well as examples generated by PGD attacks with different parameters.