GitHub - ndb796/Pytorch-Adversarial-Training-CIFAR: This repository provides simple PyTorch implementations for adversarial training methods on CIFAR-10.

Pytorch Adversarial Training on CIFAR-10

This repository provides simple PyTorch implementations for adversarial training methods on CIFAR-10.
This repository shows accuracies that are similar to the accuracies in the original papers.
If you have questions about this repository, please send an e-mail to me (dongbinna@postech.ac.kr) or make an issue.

Experiment Settings

The basic experiment setting used in this repository follows the setting used in Madry Laboratory.
Dataset: CIFAR-10 (10 classes)
Attack method: PGD attack
1. Epsilon size: 0.0314 for L-infinity bound
2. Epsilon size: 0.25 (for attack) or 0.5 (for training) for L2 bound
Training batch size: 128
Weight decay: 0.0002
Momentum: 0.9
Learning rate adjustment
1. 0.1 for epoch [0, 100)
2. 0.01 for epoch [100, 150)
3. 0.001 for epoch [150, 200)
The ResNet-18 architecture used in this repository is smaller than Madry Laboratory, but its performance is similar.

Training Methods

1. Basic Training

The basic training method adopts ResNet-18 architecture proposed by Kaiming He in CVPR 2016.
- But, the architecture in this repository uses 32 X 32 inputs for CIFAR-10 (original ResNet-18 is for ImageNet).

python3 basic_training.py

	This repository
Benign accuracy	95.28%
Robust accuracy (L-infinity PGD)	1.02%

Training time: 2 hours 24 minutes using 1 Titan XP
Trained model download: Basic Training

2. PGD Adversarial Training

This defense method was proposed by Aleksander Madry in ICLR 2018.

python3 pgd_adversarial_training.py

	This repository	Original paper (wide)
Benign accuracy	83.53%	87.30%
Robust accuracy (L-infinity PGD)	46.07%	50.00%

Training time: 11 hours 12 minutes using 1 Titan XP
Trained model download: PGD Adversarial Training

3. Interpolated Adversarial Training (IAT)

This defense method was proposed by Alex Lamb in AISec 2019.

python3 interpolated_adversarial_training.py

	This repository	Original paper
Benign accuracy	91.86%	89.88%
Robust accuracy (L-infinity PGD)	44.76%	44.57%

Training time: 15 hours 18 minutes using 1 Titan XP
Trained model download: Interpolated Adversarial Training

4. Basic Training with Robust Dataset

A normal dataset can be split into a robust dataset and a non-robust dataset.
This robust dataset is conducted from an L2 adversarially trained model (epsilon = 0.5).
The construction method for a robust dataset is proposed by Andrew Ilyas in NIPS 2019.
Dataset download: Robust Dataset

python3 basic_training_with_robust_dataset.py

	This repository	Original paper (wide)
Benign accuracy	78.69%	84.10%
Robust accuracy (L2 PGD 0.25)	37.96%	48.27%

Trained model download: Basic Training with Robust Dataset

5. Basic Training with Non-robust Dataset

The normal dataset can be split into a robust dataset and a non-robust dataset.
This non-robust dataset is conducted from an L2 adversarially trained model (epsilon = 0.5).
The construction method for a non-robust dataset is proposed by Andrew Ilyas in NIPS 2019.
Dataset download: Non-robust Dataset

python3 basic_training_with_non_robust_dataset.py

	This repository	Original paper (wide)
Benign accuracy	82.00%	87.68%
Robust accuracy (L2 PGD 0.25)	0.10%	0.82%

Trained model download: Basic Training with Non-robust Dataset

How to Test

The attack method is the PGD attack.
All pre-trained models are provided in this repository :)

python3 test.py

Name	Name	Last commit message	Last commit date
Latest commit ndb796 Feb 17, 2021 e0a5218 · Feb 17, 2021 History 64 Commits
models	models	Create __init__.py	Apr 9, 2020
README.md	README.md	Update README.md	Feb 17, 2021
basic_training.py	basic_training.py	Update basic_training.py	Apr 9, 2020
basic_training_with_non_robust_dataset.py	basic_training_with_non_robust_dataset.py	Update basic_training_with_non_robust_dataset.py	Apr 11, 2020
basic_training_with_robust_dataset.py	basic_training_with_robust_dataset.py	Rename basic_training_with_robust_dataset to basic_training_with_robu…	Apr 11, 2020
interpolated_adversarial_training.py	interpolated_adversarial_training.py	Update interpolated_adversarial_training.py	Apr 9, 2020
pgd_adversarial_training.py	pgd_adversarial_training.py	Update pgd_adversarial_training.py	Apr 9, 2020
test.py	test.py	Update test.py	Apr 9, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Pytorch Adversarial Training on CIFAR-10

Experiment Settings

Training Methods

1. Basic Training

2. PGD Adversarial Training

3. Interpolated Adversarial Training (IAT)

4. Basic Training with Robust Dataset

5. Basic Training with Non-robust Dataset

How to Test

About

Releases

Packages

Languages

ndb796/Pytorch-Adversarial-Training-CIFAR

Folders and files

Latest commit

History

Repository files navigation

Pytorch Adversarial Training on CIFAR-10

Experiment Settings

Training Methods

1. Basic Training

2. PGD Adversarial Training

3. Interpolated Adversarial Training (IAT)

4. Basic Training with Robust Dataset

5. Basic Training with Non-robust Dataset

How to Test

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages