advertorch
advertorch copied to clipboard
BorealisAI
add simple spatial transform attack
A simple spatial transform attack was proposed at ICML2019.
This is a simple attack that creates an adversarial example of image rotation and translation with a grid search (or random).
The advertorch already has a spatial transform attack ICLR2018 is implemented, but the simpler ICML I think adding 2019 would be useful.
If possible, I am willing to contribute to this repository and share my implementation of the method compatible with your interface later.
However, I only checked the accuracy compared with the paper using mnist. Because I only tried a random attack due to memory capacity issues, and this attack relies on random numbers
If I were to contribute, I would check for accuracy with an error bar.
Hi @MasanoriYamada Thanks for the suggestion. It would be really nice if you could contribute your implementation. As long as contribution contains a benchmark report like this https://github.com/BorealisAI/advertorch/blob/master/advertorch_examples/attack_benchmarks/benchmark_fast_adaptive_boundary.py it'll be useful for the community. and an error bar would be even better, which we can also incorporate into the common practice of advertorch.
OK! My experiment did not replicate the accuracy of the paper in cifar10. If I can check that the values match the author's implementation of tensorflow in cifar10, I will contribute. Please wait a while longer.