yamamura-k/ACG

PyTorch implementation of Diversified Adversarial Attack based on Conjugate Gradient Method (ICML2022).

Diversified Adversarial Attacks based on Conjugate Gradient Method

This is the python implementation of our paper, "Diversified Adversarial Attacks based on Conjugate Gradient Method" , accepted to ICML2022. paper(arxiv)

Environment

Python	3.9.8
PyTorch	1.10.0+cu113
gcc	gcc version >= 5.4.0
CUDA	11.5

Installation

• Install python libraries.

pip install -r requirements.txt

• Complie .cpp and .c codes.

cd src/utils/cluster_coef_c
python setup.py build_ext -i

• Set ImageNet dataset.
  The directory name is the same as auto-attack

After your download, ls outputs the follow.

storage/ILSVRC2012/ILSVRC2012_img_val_for_ImageFolder/val

• Downloads the robsust models from RobustBench.

cd src
python get_models.py

Environment Variables

export CUBLAS_WORKSPACE_CONFIG=:4096:8

• Fix PYTHONHASHSEED to 0.

export PYTHONHASHSEED=0

Dataset

• ImageNet

  1. cd ../storage/ILSVRC2012
  2. Download ILSVRC2012_img_val.tar and ILSVRC2012_devkit_t12.tar.gz from ImageNet official site

  $ ls
  ILSVRC2012_img_val.tar

  3. mkdir val && tar -xf ILSVRC2012_img_val.tar -C ./val

  4. tar -xzf ILSVRC2012_devkit_t12.tar.gz

  5. python build_dataset.py

Usage

Attack on CIFAR-10

python -B run_cifar10_attack.py -o ../debug -g 0 --log_level 20 --param ./params/robustbench/cifar10/autoconjugate.yaml ./params/robustbench/cifar10/di.yaml  --experiment -bs 10

Attack on ImageNet

python -B run_imagenet_attack.py -o ../debug -g 0 --log_level 20 --param ./params/robustbench/imagenet/autoconjugate.yaml ./params/robustbench/cifar10/di.yaml  --experiment -bs 10

Attack on CIFAR-100

python -B run_cifar100_attack.py  -o ../debug -g 0 --log_level 20 --param ./params/robustbench/cifar100/autoconjugate.yaml ./params/robustbench/cifar10/di.yaml  --experiment -bs 10

Calculate the attack success rates from result dir.

(find ../result/ -maxdepth 7 |grep -e AUTOP -e AUTOC | xargs -L1 -P1 python run_evaluator_from_csv.py -ns 1  -r && find ../result/ -maxdepth 7 |grep AUTOC | xargs -L1 -P1 python run_evaluator_from_csv.py -ns 5 -r ) > cifar10_cw_result.csv

and open cifar10_cw_result.csv

Ding2020MMA,AUTOConjugaterestart-1,WideResNet-28-4,\cite{Ding2019},53.40,Wed Jan 26 10:59:21 2022
Ding2020MMA,AUTOConjugate,WideResNet-28-4,\cite{Ding2019},55.77,Wed Jan 26 10:59:21 2022

• 1st column: model name listed in RobustBench.
• 2nd column: the algorithm name.
  AUTOConjugaterestart-1 mean ACG with one restart.
• 3rd column: the architecture of model
• 4th column: the citation of the adversarial training method
• 5th column: the attack success rates
• 6th column: the execution start time

Docker Usage

Requirements

• Docker
  https://www.docker.com/
• NVIDIA Container Toolkit
  https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/overview.html

Command

Build Docker Command

docker build --rm -t autocg:latest .

Create docker instance

docker run -it --gpus all -v $PWD/src:/AutoCG/src autocg /bin/bash

Start created container instance

docker start -ai [ContainerID]

Connect started container

docker attach [ContainerID]

Detach from Container

[control-P] [control-Q]

Citation

@inproceedings{yamamura2022,
    title={Diversified Adversarial Attacks based on Conjugate Gradient Method}, 
    author={Keiichiro Yamamura and Haruki Sato and Nariaki Tateiwa and Nozomi Hata and Toru Mitsutake and Issa Oe and Hiroki Ishikura and Katsuki Fujisawa},
    booktitle={ICML},
    year={2022}
}