Spatially Transformed Adversarial Examples with TensorFlow
Project description
Deep neural networks have been shown to be vulnerable to adversarial examples: very small perturbations of the input having a dramatic impact on the predictions. In this package, we provide a TensorFlow implementation for a new type of adversarial attack based on local geometric transformations: Spatially Transformed Adversarial Examples (stAdv).
Our implementation follows the procedure from the original paper:
Spatially Transformed Adversarial ExamplesChaowei Xiao, Jun-Yan Zhu, Bo Li, Warren He, Mingyan Liu, Dawn Song
If you use this code, please cite the following paper for which this implementation was originally made:
Robustness of Rotation-Equivariant Networks to Adversarial PerturbationsBeranger Dumont, Simona Maggio, Pablo Montalvo
Installation
First, make sure you have installed TensorFlow (CPU or GPU version).
Then, to install the stadv package, simply run
$ pip install stadvUsage
A typical use of this package is as follows:
Start with a trained network implemented in TensorFlow.
Insert the stadv.layers.flow_st layer in the graph immediately after the input layer. This is in order to perturb the input images according to local differentiable geometric perturbations parameterized with input flow tensors.
In the end of the graph, after computing the logits, insert the computation of an adversarial loss (to fool the network) and of a flow loss (to enforce local smoothness), e.g. using stadv.losses.adv_loss and stadv.losses.flow_loss, respectively. Define the final loss to be optimized as a combination of the two.
Find the flows which minimize this loss, e.g. by using an L-BFGS-B optimizer as conveniently provided in stadv.optimization.lbfgs.
An end-to-end example use of the library is provided in the notebook demo/simple_mnist.ipynb (see on GitHub).
Documentation
The documentation of the API is available at http://stadv.readthedocs.io/en/latest/stadv.html.
Testing
You can run all unit tests with
$ make init
$ make testRelease history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file stadv-0.2.1-py2.py3-none-any.whl.
File metadata
- Download URL: stadv-0.2.1-py2.py3-none-any.whl
- Upload date:
- Size: 9.2 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.18.4 setuptools/39.1.0 requests-toolbelt/0.8.0 tqdm/4.26.0 CPython/2.7.15
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d35a9ff88b8214e839d8fd0bb5d8ee0dca3c7c8986218060f547f3d7e7da2b88
|
|
| MD5 |
d692be39999a53c26df46bad1e0b1a56
|
|
| BLAKE2b-256 |
bf953b46127eb17498a1ab90f7c6bbb6cc7ff0602d08a3992b041f6b86b3b4be
|
