wuziyi616 / if-defense Goto Github PK
View Code? Open in Web Editor NEWThis is the official pytorch implementation for paper: IF-Defense: 3D Adversarial Point Cloud Defense via Implicit Function based Restoration
License: MIT License
This is the official pytorch implementation for paper: IF-Defense: 3D Adversarial Point Cloud Defense via Implicit Function based Restoration
License: MIT License
_Pre-trained Victim Models
We provided the pre-trained weights for the victim models used in our experiments. Download from here and uncompress them into pretrain/. You can also train your victim models by yourself and put them into the folder.
Note that, if you want to use your own model/weight, please modify the variable called 'BEST_WEIGHTS' in config.py._
Hi , I saw this in the readme file in /baseline folder. But I can't find the pretrain folder, does it change to another name?
Hi, we want to apply IF-defense to our own dataset, how do I train it?
Hey, Ziyi.
We proposed the IT-Defense recently, which utilized the network’s property (such as permutation invariant of input point cloud for Pointnet) to defend attacks. But we don't know how to design an adaptive attack for our defense, could you give any suggestions?
Best wishes!
Jinlai
We test the acc is 43.31% instead 0% when no defense, does anything wrong?
The experiment is base on your data and code.
Hello ziyi, I use the original point cloud to pass through our defense model and provide it to pointnet training, but the classification accuracy of the trained pointnet on the clean point cloud attack_data.npz processed by our defense is reduced. Why is this?
Hi ziyi. In hybrid training, you provided MN40, convonet_opt_MN40, onet_opt-MN40, onet_remesh-MN40 and attack_data.npz used for all attacks. Could you please tell me if these three defense data (convonet_opt_MN40, onet_opt-MN40. onet_remesh-MN40) are from IF-Defense used on attack_data.npz or MN40?
Hi ziyi,
sorry for bothering you. Can the generated attack images be saved? If yes, which config parameters should I modify?
Thanks!
e.g. how to create a dataset used in training convolutional occupancy networks.
thanks
I notice that you use targeted attacks. However, the paper does not provide any details in target label choosing. As analysis in previous works, if you choose an easy case to build a target label, the accuracy under attack will be low. So, could you provide more details in choosing target labels. If any possible, you can provide the pre-trained models. I want to test them under un-targeted attacks, which may show the robustness in another perspective.
Thanks for your great work! I'm confused about when to implement the SOR
or the SRS
defense. I check several related works and find two settings:
In the code of CVPR'22 Shape-Invariant-Attack, they put the defense (e.g., SOR
) in BOTH attack iteration and attack process. This can simulate settings where attackers get complete information of the model AND defense methods.
I tried the situation where the attackers do not know the defense methods (e.g., don't use defense in the attack iterations). In this setting, the accuracy essentially increases, which is expected.
I re-implement the drop-200
attack with the SOR
defense under the above two settings. The adversarial accuracy of 1st setting is 46.1, which is close to your paper results (42.6). The result of the 2nd setting is 35.2.
I find you load adversarial points from files in defend_npz.py
, which seems to be the Setting2. I just wonder which setting you adopted in your paper. If you adopt Setting2, have you tried to test the performance of IF-Defense under Setting1, will the defense performance still be good?
We want to test our method in defend LG-GAN and AdvPC, but they are written in TF, it is hard to implement them.
If you are willing to provide them, we will be very grateful.
My email is [email protected]
Very excellent work! But I encountered some problems when making the data set. If it is convenient for you, can you upload the network usage data to Google Drive so that everyone can study your work more conveniently?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.