[NeurIPS2021] Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks

Last update: Dec 01, 2022

Related tags

Overview

Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks

Code for NeurIPS 2021 Paper "Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks" by Hanxun Huang, Yisen Wang, Sarah Monazam Erfani, Quanquan Gu, James Bailey, Xingjun Ma

Robust Configurations for WideResNet (WRN-34-R)

Model defined in models/RobustWideResNet.py

def RobustWideResNet34(num_classes=10):
    # WRN-34-R configurations
    return RobustWideResNet(
        num_classes=num_classes, channel_configs=[16, 320, 640, 512],
        depth_configs=[5, 5, 5], stride_config=[1, 2, 2], stem_stride=1,
        drop_rate_config=[0.0, 0.0, 0.0], zero_init_residual=False,
        block_types=['basic_block', 'basic_block', 'basic_block'],
        activations=['ReLU', 'ReLU', 'ReLU'], is_imagenet=False,
        use_init=True)

Reproduce results from the paper

Pretrained Weights for WRN-34-R used in Table 2 available on Google Drive
All hyperparameters/settings for each model/method used in Table 2 are stored in configs/*.yaml files.

Evaluations of the robustness of WRN-34-R

WRN-34-R trained with TRADES

Replace PGD with other attacks ['CW', 'GAMA', 'AA'].

python main.py --config_path configs/config-WRN-34-R
               --exp_name /path/to/experiments/folders
               --version WRN-34-R-trades
               --load_best_model --attack PGD --data_parallel

WRN-34-R trained with TRADES and additional 500k data

Replace PGD with other attacks ['CW', 'GAMA', 'AA'].

python main.py --config_path configs/config-WRN-34-R
               --exp_name /path/to/experiments/folders
               --version WRN-34-R-trades-500k
               --load_best_model --attack PGD --data_parallel

Train WRN-34-R with 500k additional data from scratch

python main.py --config_path configs/config-WRN-34-R
               --exp_name /path/to/experiments/folders
               --version WRN-34-R-trades-500k
               --train --data_parallel

CIFAR-10 - Linf AutoAttack Leaderboard using additional 500k data

Note: This is not maintained, please find up-to-date leaderboard is available in RobustBench.

#	paper	model	architecture	clean	report.	AA
1	(Gowal et al., 2020)‡	available	WRN-70-16	91.10	65.87	65.88
2	Ours‡ + EMA	available	WRN-34-R	91.23	62.54	62.54
3	Ours‡	available	WRN-34-R	90.56	61.56	61.56
4	(Wu et al., 2020a)‡	available	WRN-34-15	87.67	60.65	60.65
5	(Wu et al., 2020b)‡	available	WRN-28-10	88.25	60.04	60.04
6	(Carmon et al., 2019)‡	available	WRN-28-10	89.69	62.5	59.53
7	(Sehwag et al., 2020)‡	available	WRN-28-10	88.98	-	57.14
8	(Wang et al., 2020)‡	available	WRN-28-10	87.50	65.04	56.29

Citation

@inproceedings{huang2021exploring,
    title={Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks},
    author={Hanxun Huang and Yisen Wang and Sarah Monazam Erfani and Quanquan Gu and James Bailey and Xingjun Ma},
    booktitle={NeurIPS},
    year={2021}
}

Part of the code is based on the following repo:

MART: https://github.com/YisenWang/MART
TREADES: https://github.com/yaodongyu/TRADES
RST: https://github.com/yaircarmon/semisup-adv
AutoAttack: https://github.com/fra31/auto-attack
GAMA: https://github.com/val-iisc/GAMA-GAT

[NeurIPS2021] Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks

Related tags

Overview

Exploring Architectural Ingredients of Adversarially Robust Deep Neural Networks

Robust Configurations for WideResNet (WRN-34-R)

Reproduce results from the paper

Evaluations of the robustness of WRN-34-R

WRN-34-R trained with TRADES

WRN-34-R trained with TRADES and additional 500k data

Train WRN-34-R with 500k additional data from scratch

CIFAR-10 - Linf AutoAttack Leaderboard using additional 500k data

Citation

Part of the code is based on the following repo:

Owner

Hanxun Huang

Robot Servers and Server Manager software for robo-gym

A PyTorch implementation of a Factorization Machine module in cython.

Omniverse sample scripts - A guide for developing with Python scripts on NVIDIA Ominverse

Code for paper "Vocabulary Learning via Optimal Transport for Neural Machine Translation"

Efficient Deep Learning Systems course

PGPortfolio: Policy Gradient Portfolio, the source code of "A Deep Reinforcement Learning Framework for the Financial Portfolio Management Problem"(https://arxiv.org/pdf/1706.10059.pdf).

Classical OCR DCNN reproduction based on PaddlePaddle framework.

Python and C++ implementation of "MarkerPose: Robust real-time planar target tracking for accurate stereo pose estimation". Accepted at LXCV @ CVPR 2021.

Implementation of "Efficient Regional Memory Network for Video Object Segmentation" (Xie et al., CVPR 2021).

A "gym" style toolkit for building lightweight Neural Architecture Search systems

DeepLearning Anomalies Detection with Bluetooth Sensor Data

SpecAugmentPyTorch - A Pytorch (support batch and channel) implementation of GoogleBrain's SpecAugment: A Simple Data Augmentation Method for Automatic Speech Recognition

The deployment framework aims to provide a simple, lightweight, fast integrated, pipelined deployment framework that ensures reliability, high concurrency and scalability of services.

[ICLR'19] Trellis Networks for Sequence Modeling

PyTorch implementation for "Sharpness-aware Quantization for Deep Neural Networks".

[SIGGRAPH Asia 2021] DeepVecFont: Synthesizing High-quality Vector Fonts via Dual-modality Learning.

"Reinforcement Learning for Bandit Neural Machine Translation with Simulated Human Feedback"

Final project code: Implementing MAE with downscaled encoders and datasets, for ESE546 FA21 at University of Pennsylvania

An Open Source Machine Learning Framework for Everyone

Source code for the plant extraction workflow introduced in the paper “Agricultural Plant Cataloging and Establishment of a Data Framework from UAV-based Crop Images by Computer Vision”