Coder Social home page Coder Social logo

hsja's Introduction

HopSkipJumpAttack

(previously named as Boundary Attack++) Code for HopSkipJumpAttack: A Query-Efficient Decision-Based Adversarial Attack by Jianbo Chen, Michael I. Jordan, Martin J. Wainwright.

Clarification

If you are using the code to compare HSJA with other algorithms, you will need to set your own counter for the number of model evaluations. "max_num_evals" in hsja.py is the maximum number of evaluations for estimating gradient (for each iteration), not the total number of model evaluations. To increase the total number of model evaluations, set a larger num_iterations.

Dependencies

The code for HopSkipJumpAttack runs with Python and requires Tensorflow of version 1.2.1 or higher. Please pip install the following packages:

  • numpy
  • tensorflow
  • keras
  • scipy

Running in Docker, MacOS or Ubuntu

We provide as an example the source code to run HopSkipJumpAttack on a ResNet trained on CIFAR-10. Run the following commands in shell:

###############################################
# Omit if already git cloned.
git clone https://github.com/Jianbo-Lab/HSJA
cd HSJA
############################################### 
# Carry out L2 based untargeted attack on 5 samples.
python main.py --constraint l2 --attack_type untargeted --num_samples 5
# Carry out L2 based targeted attack on 5 samples.
python main.py --constraint l2 --attack_type targeted --num_samples 5
# Carry out Linf based untargeted attack on 5 samples.
python main.py --constraint linf --attack_type untargeted --num_samples 5
# Carry out Linf based targeted attack on 5 samples.
python main.py --constraint linf --attack_type targeted --num_samples 5

# Results are stored in cifar10resnet/figs/. 
# For each image, the left-hand side is the original example and 
# the right-hand side is its perturbed version.

See main.py and hsja.py for details.

Citation

If you use this code for your research, please cite our paper:

@article{chen2019boundary,
  title={HopSkipJumpAttack: A Query-Efficient Decision-Based Adversarial Attack},
  author={Chen, Jianbo and Jordan, Michael I. and Wainwright, Martin J.},
  journal={arXiv preprint arXiv:1904.02144},
  year={2019}
}

hsja's People

Contributors

jianbo-lab avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.