Comments (6)
rikonaka
commented on August 17, 2024
Hi @Tenpi , first question, why do you need to use adversarial attacks? Second question, how do you achieve this? The third question, have you learned about adversarial attacks?
from adversarial-attacks-pytorch.
Tenpi
commented on August 17, 2024
I want to use it so that the blip model captions the image differently. I already posted the code I used to achieve the image, I'm not sure how well this library can be used on different models, as I explained before I had to modify the forward function to ignore the caption parameter and expand the dims of the return tensor. I know that adversarial attacks can be used to confuse a model using only noise which is barely visible.
The full code of BLIP (model I'm using) is here: https://github.com/salesforce/BLIP
from adversarial-attacks-pytorch.
rikonaka
commented on August 17, 2024
I want to use it so that the blip model captions the image differently. I already posted the code I used to achieve the image, I'm not sure how well this library can be used on different models, as I explained before I had to modify the forward function to ignore the caption parameter and expand the dims of the return tensor. I know that adversarial attacks can be used to confuse a model using only noise which is barely visible.
The full code of BLIP (model I'm using) is here: https://github.com/salesforce/BLIP
The adversarial attack requires that the model being attacked is a classifier (input images, output labels) rather than a transfomer, FGSM and PGD both compute adversarial examples based on classifier gradients, others like the CW attack have their own optimisation methods, the essence of which is still to get the original benign example across the decision boundary as short as possible, I think you should read a few papers on basic adversarial attacks instead of just knowing what the adversarial attack is for before starting your research.
And, based on the information you have provided, the torchattacks does not have any bugs.
from adversarial-attacks-pytorch.
Tenpi
commented on August 17, 2024
And, based on the information you have provided, the
torchattacksdoes not have any bugs.
It doesn't do anything and doesn't give any errors either, I would classify that a bug. However, I will look into implementing the attacks on my own instead of using torchattacks, since it seems like this wasn't optimized on models such as BLIP. I should also mention that BLIP doesn't generate the caption by running it as model() but it has it's own separate method called model.generate(), which is the one used to get the caption.
from adversarial-attacks-pytorch.
preste-nakam
commented on August 17, 2024
Hello
I have the same situation. Generated attacked image is the same as the input one. I tested FGSM and boundary attack (FAB).
from adversarial-attacks-pytorch.
rikonaka
commented on August 17, 2024
Hello
I have the same situation. Generated attacked image is the same as the input one. I tested FGSM and boundary attack (FAB).
Hi @preste-nakam , can you provide your test code?
from adversarial-attacks-pytorch.
Related Issues (20)
- torchattacks.FGSM(model, eps=0) perturbs image HOT 5
- Adversarial attacks for YOLOv8 Detection task HOT 1
- [QUESTION]How to use Square or Pixle to attack? HOT 3
- FileNotFoundError: [WinError 3] The system cannot find the path specified: './data/imagenet' HOT 1
- [BUG] Applying attacks on 2 instances of the same model gives too far away results HOT 1
- [BUG] FAB is not working HOT 3
- [BUG]The one-pixel attack is not working as expected. It seems not work? HOT 1
- FileNotFoundError: [Errno 2] No such file or directory: './data/imagenet_class_index.json' HOT 2
- [BUG] The implementation of eps-ball in MI-FGSM HOT 1
- [QUESTION] HOT 1
- [BUG] Bugs in the f function of cw.py HOT 2
- [QUESTION]BIM and PGD have the same output HOT 6
- [QUESTION] I have got confused by the code description HOT 3
- [BUG] JSMA massive gpu memory consumption HOT 9
- Difference in robust accuracies for Autoattack HOT 1
- Using Saved model for generating adversarial samples. HOT 1
- Implementation of SuperDeepFool attack HOT 1
- set_normalization_used HOT 4
- [QUESTION] using torchattacks on HuggingFace transformer models HOT 2
- requests package version
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from adversarial-attacks-pytorch.