Implement processing modules that use complex layers instead of the regular ones.

• Convolutions
• ReLU
• Batch norm
• Avg/Max pooling
• Dropout
• Skip-connections

Additionally:

• Noise+Rotation function f(a, b, θ) = exp(iθ)[a+bi]

Implementer would need to decide whether tensors should be (Re, Im) or (r, φ). I think the latter is better.

Also, having a couple of unit tests would be nice.

This issue is to layout all the model components and experiments that need to be implemented. This will be updated as tasks are finished and new things emerge.

Complex-Value Network

• GAN-Encoder
  • WGAN loss
  • Discriminator
• Complex Layers
  • Conv, ReLU, batch norm, max pool, dropout, residual block [#3, #8]
• Architectures
  • ResNet 20/32/44/56/110 (alpha + beta variants) [#2] , LeNet [#7], VGG-16 [#5], AlexNet [#6]
• Baseline Architectures
  • Original, original + additional layers, noisy [#4]

Experiments

• Measuring performance degradation
  • Accuracy, reconstruction error
• Feature inversion attacks
  • Attack 1, 2
• Property inference attacks
  • Attack 1, 2, 3, 4
• Datasets
  • CIFAR-10, CIFAR-100, CUB-200, CelebA

Implementation of the baseline original AlexNet split into Encoder, Processing and Decoder modules (see Section 5.1)

Write up the readme with what the code is and how to run it. To include are:

• Short description of the project.
• Installation instructions.
  • Create a requirements.txt to accompany this.
  • Link to pretrained weights.
• How to run instructions.
  • How to run the notebook (i.e where to put the weights)
  • How to train baseline/complex classifiers.
  • How to train inversion attacks.
  • How to train inference attacks.
• Add complete collection of shell scripts to run each experiment.
• Experiment results with tables from the paper and images from the inversion attack.

Implementation of the baseline original VGG-16 split into Encoder, Processing and Decoder modules (see Section 5.1)

Measuring performance degradation: accuracy, reconstruction error. I.e. baseline results presented in table 1 of the paper.

This can be done in parallel with the GAN part.

the link of trained models can not find, please check it , thank you!

These things are low priority given the current schedule.

• When training VGG on CUB-200 the training and validation loss decreases however the training and validation accuracy remains stagnant. This can reproduced with running py train_baseline.py --gpus 1 --precision 16 --dataset cub200 --arch vgg --batch_size 32 --overfit_batches 10.
• Training CelebA is not implemented. This is a multi-class binary classification task (40 binary attributes) so changes need to be made to the pipeline which is currently only for ordinary multi-class classification.

Completing these are low priority since CIFAR is predominately used in the paper and reproducing at least some experiments for each attack is more important.

• Setup environment, load weights
• Evaluate baselines
• Train, evaluate feature inversion attacks
• Train, evaluate property inference attacks
• Visualisations

This attack reconstructs the input image with the encoder's features using a UNet architecture. The attack corresponds to the reconstruction error in Table 1 and 2.

• U-Net architecture
• Regular training pipeline
• Complex training pipeline

Implementation of the baseline original LeNet split into Encoder, Processing and Decoder modules (see Section 5.1)

In the paper they split models into modules: g (encoder), Ф(processing), and d (decoder). Section 5.1 describes it in details.

We can start by implementing ResNet-20 (alpha or beta). Later we can do the same with the other models (ResNet-NN, LeNet, AlexNet).

Anyone wants to pick this up?