I'm playing with the mnist_tutorial_pytorch.py, and I set the eps = 0 in the fgsm_params dictionary.
Based on my understanding this means that fgsm attack should do nothing and the target model's accuracy will not decrease.
But I got a pytorch model which test accuracy is 99.05% and the adv accuracy is 97.94%. I noticed that this pytorch model is converted to a tensorflow model by the convert_pytorch_model_to_tf() function.
So, is the decrease caused by the conversion or something else?
Parameters I have used for replication:
fgsm_params = {"eps": 0.3, "clip_min": 0.0, "clip_max": 1.0} # I replaced 0.3 to 0.
答案 0 :(得分:0)
我们现在在CleverHans中添加了对PyTorch的支持,因此您不必先转换模型。可以在以下位置找到FGSM攻击:https://github.com/tensorflow/cleverhans/blob/master/cleverhans/future/torch/attacks/fast_gradient_method.py